Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/45e738-286e-4f9a-ba02-d9431140e6f1/1/ozpHMgeUc5P2OFZDIty7XtSKgc0.roa
File: ozpHMgeUc5P2OFZDIty7XtSKgc0.roa (raw, json)
Hash identifier: 2j6JQpLqoRV6oYbSqSmZgv0D+UAtrY3gLjhoFMQxnKY=
Subject key identifier: A3:3A:47:32:07:94:73:93:F6:38:56:43:22:DC:BB:5E:D4:8A:81:CD
Certificate issuer: /CN=f286832adda40a97eb863a5a6482c946931a66ef
Certificate serial: 0197F8FC38C56DDF17F57161FF4E0D0CE282
Authority key identifier: F2:86:83:2A:DD:A4:0A:97:EB:86:3A:5A:64:82:C9:46:93:1A:66:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8oaDKt2kCpfrhjpaZILJRpMaZu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/45e738-286e-4f9a-ba02-d9431140e6f1/1/ozpHMgeUc5P2OFZDIty7XtSKgc0.roa
Signing time: Fri 11 Jul 2025 10:16:08 +0000
ROA not before: Fri 11 Jul 2025 10:16:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 2001:678:10b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 12 Jul 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f8:fc:38:c5:6d:df:17:f5:71:61:ff:4e:0d:0c:e2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f286832adda40a97eb863a5a6482c946931a66ef
Validity
Not Before: Jul 11 10:16:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a33a473207947393f638564322dcbb5ed48a81cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:78:0a:7c:97:c4:27:03:27:98:09:16:85:b2:
cd:c1:2e:3a:14:5b:ba:16:33:38:4f:23:97:16:a7:
8a:48:72:37:93:36:44:98:18:40:84:24:3f:90:4a:
3b:dc:9e:3f:ec:51:6a:24:66:22:fd:dc:69:92:9d:
f8:f5:16:6b:8b:86:fa:7f:9b:16:a7:0c:0b:5e:3d:
b0:50:b6:44:3c:41:8e:04:99:21:e7:bf:87:01:a2:
10:4c:0e:6b:08:5b:ea:2e:6a:7a:34:68:bd:40:8c:
ff:c5:96:6c:c6:31:d3:7c:18:91:9c:5e:6d:a7:99:
3f:e4:59:b0:30:8c:1a:e6:8d:25:92:9c:02:43:cb:
05:5f:5c:e5:65:87:50:d5:2b:9f:69:d1:0b:30:5e:
4a:79:d2:30:00:7d:be:8b:19:9e:27:c3:19:fb:78:
9c:34:e9:cc:45:df:2f:fb:ec:46:9d:c0:24:53:68:
7c:c3:6a:2c:fc:bb:3c:d4:23:74:94:9e:70:92:ba:
3f:0f:ed:87:26:1d:cc:37:6d:63:50:e4:c8:12:97:
8f:53:36:2c:57:a9:c1:49:91:af:94:18:39:94:13:
ac:bc:b2:2a:7f:32:9b:f1:7e:54:8f:fe:be:cd:9b:
7c:a1:f3:b9:e0:42:df:ba:47:14:57:31:cf:14:f4:
2a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3A:47:32:07:94:73:93:F6:38:56:43:22:DC:BB:5E:D4:8A:81:CD
X509v3 Authority Key Identifier:
keyid:F2:86:83:2A:DD:A4:0A:97:EB:86:3A:5A:64:82:C9:46:93:1A:66:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8oaDKt2kCpfrhjpaZILJRpMaZu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/45e738-286e-4f9a-ba02-d9431140e6f1/1/ozpHMgeUc5P2OFZDIty7XtSKgc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/45e738-286e-4f9a-ba02-d9431140e6f1/1/8oaDKt2kCpfrhjpaZILJRpMaZu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:10b0::/48
Signature Algorithm: sha256WithRSAEncryption
59:1b:93:41:a9:e9:d8:70:7e:c2:2a:09:1f:65:ef:d2:38:fc:
b9:70:2d:ee:35:52:03:8c:49:ad:79:29:02:89:6e:da:80:29:
f5:3e:03:03:f1:1a:4c:f3:3e:e5:01:6b:3d:31:44:70:d1:fa:
b8:23:1a:e4:46:e7:0b:52:2e:75:7e:6c:2d:e8:e0:57:01:04:
b6:2f:18:55:ad:3d:3f:4d:ed:2e:16:b5:55:1f:9d:1a:82:5e:
82:91:47:04:27:e1:69:a5:a0:07:fb:e2:bd:61:a4:ce:08:c5:
40:b0:db:a8:d5:53:14:3b:c1:bd:d9:03:4f:62:5e:2a:dd:6a:
89:99:bc:30:17:36:f7:dc:58:dd:a4:e5:f9:02:5a:ce:ba:bc:
d7:5e:31:19:ce:82:5b:0a:b4:10:e9:23:99:f1:85:aa:9f:a4:
6f:61:29:9f:10:c0:4f:50:d0:3e:5e:fa:98:60:29:74:0f:ae:
87:63:b0:e7:0b:0b:0f:e2:a5:d3:85:10:b3:08:a3:f0:18:cc:
4c:38:b8:04:b4:d4:8e:06:19:bf:68:f2:d4:fa:25:45:ae:8b:
e8:46:e7:b5:e5:b9:6f:de:c0:17:b7:4f:27:1f:24:17:0d:e8:
a4:a3:0a:1a:57:c3:a7:f4:a7:b2:4b:6d:67:5f:9d:d2:69:05:
b8:c2:c7:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZf4/DjFbd8X9XFh/04NDOKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyODY4MzJhZGRhNDBhOTdlYjg2M2E1YTY0ODJjOTQ2OTMx
YTY2ZWYwHhcNMjUwNzExMTAxNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNhNDczMjA3OTQ3MzkzZjYzODU2NDMyMmRjYmI1ZWQ0OGE4MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HgKfJfEJwMnmAkWhbLNwS46FFu6
FjM4TyOXFqeKSHI3kzZEmBhAhCQ/kEo73J4/7FFqJGYi/dxpkp349RZri4b6f5sW
pwwLXj2wULZEPEGOBJkh57+HAaIQTA5rCFvqLmp6NGi9QIz/xZZsxjHTfBiRnF5t
p5k/5FmwMIwa5o0lkpwCQ8sFX1zlZYdQ1SufadELMF5KedIwAH2+ixmeJ8MZ+3ic
NOnMRd8v++xGncAkU2h8w2os/Ls81CN0lJ5wkro/D+2HJh3MN21jUOTIEpePUzYs
V6nBSZGvlBg5lBOsvLIqfzKb8X5Uj/6+zZt8ofO54ELfukcUVzHPFPQqTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKM6RzIHlHOT9jhWQyLcu17UioHNMB8GA1UdIwQY
MBaAFPKGgyrdpAqX64Y6WmSCyUaTGmbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG9hREt0MmtDcGZyaGpwYVpJTEpScE1hWnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC80NWU3MzgtMjg2ZS00ZjlhLWJhMDIt
ZDk0MzExNDBlNmYxLzEvb3pwSE1nZVVjNVAyT0ZaREl0eTdYdFNLZ2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC80NWU3MzgtMjg2ZS00ZjlhLWJhMDItZDk0MzExNDBlNmYx
LzEvOG9hREt0MmtDcGZyaGpwYVpJTEpScE1hWnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeBCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBZG5NBqenYcH7CKgkfZe/SOPy5cC3uNVIDjEmt
eSkCiW7agCn1PgMD8RpM8z7lAWs9MURw0fq4IxrkRucLUi51fmwt6OBXAQS2LxhV
rT0/Te0uFrVVH50agl6CkUcEJ+FppaAH++K9YaTOCMVAsNuo1VMUO8G92QNPYl4q
3WqJmbwwFzb33FjdpOX5AlrOurzXXjEZzoJbCrQQ6SOZ8YWqn6RvYSmfEMBPUNA+
XvqYYCl0D66HY7DnCwsP4qXThRCzCKPwGMxMOLgEtNSOBhm/aPLU+iVFrovoRue1
5blv3sAXt08nHyQXDeikowoaV8On9KeyS21nX53SaQW4wsfb
-----END CERTIFICATE-----
Generated at Mon Jul 21 00:16:00 2025 by rpki-client