Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/yUt1uXf52d0XPmCsx-a7WJ7Hg1c.roa
File: yUt1uXf52d0XPmCsx-a7WJ7Hg1c.roa (raw, json)
Hash identifier: rs2D1LTzbwgrTiG8MeDaOgusnRg8+NKAsqngIxD5aQE=
Subject key identifier: C9:4B:75:B9:77:F9:D9:DD:17:3E:60:AC:C7:E6:BB:58:9E:C7:83:57
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01980E6BE5F3B77FAF274A8A5FCAE9FB69CF
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/yUt1uXf52d0XPmCsx-a7WJ7Hg1c.roa
Signing time: Tue 15 Jul 2025 14:10:08 +0000
ROA not before: Tue 15 Jul 2025 14:10:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200927
IP address blocks: 2a03:5840:f0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Jul 2025 16:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:6b:e5:f3:b7:7f:af:27:4a:8a:5f:ca:e9:fb:69:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jul 15 14:10:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c94b75b977f9d9dd173e60acc7e6bb589ec78357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5a:94:ca:14:70:8c:12:2c:eb:9e:d6:94:2c:
b7:0e:2d:ca:39:a3:52:0d:2c:7f:47:bd:65:1e:e5:
1a:bc:eb:d2:e7:e6:a5:9e:ad:62:c4:7b:d4:24:53:
3e:2a:8b:2a:ca:53:b7:da:3e:e4:70:e0:b2:bd:d1:
df:53:04:5b:b4:af:28:25:ae:2e:2b:9b:9e:17:c0:
bf:64:97:b5:71:93:9f:6e:7b:f3:69:78:d0:fa:43:
07:61:03:4b:e5:c2:19:06:21:f2:05:f0:ae:2f:8d:
8f:11:8c:67:e0:be:bd:67:26:73:6b:66:20:6d:5e:
3f:82:82:57:bb:58:a2:97:02:65:34:09:e0:ae:97:
e3:90:83:2c:08:47:38:e0:58:b3:dc:20:56:51:43:
85:99:a0:89:54:7d:b3:32:2b:6d:59:71:04:42:c5:
f2:28:08:d6:35:15:2d:ec:48:41:a7:5f:69:98:ef:
a0:e7:e9:64:8c:9c:9a:df:d4:6f:99:22:21:43:a3:
12:7f:02:1b:21:79:83:00:48:33:5d:0a:a3:26:9e:
c4:db:55:7e:33:e8:37:c2:ea:3d:de:fb:ef:12:00:
6b:ae:4e:9d:62:c1:f3:58:6b:a4:84:29:c1:fd:c5:
d3:88:c0:be:46:3a:da:2d:8b:87:04:13:ed:f2:33:
ba:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4B:75:B9:77:F9:D9:DD:17:3E:60:AC:C7:E6:BB:58:9E:C7:83:57
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/yUt1uXf52d0XPmCsx-a7WJ7Hg1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:f0::/48
Signature Algorithm: sha256WithRSAEncryption
4d:7b:e5:3b:a7:de:50:3c:08:19:06:7e:45:f7:d5:00:79:12:
bd:08:f7:71:94:77:f0:d2:8b:51:59:0c:a3:91:a5:f9:a2:40:
13:ea:e8:14:5e:3b:35:75:31:2a:ec:48:0f:3d:bc:ae:f1:83:
d2:0b:14:fa:84:10:90:65:bd:0b:45:db:fd:a5:51:5b:71:6a:
e1:b9:15:b7:b3:eb:82:62:87:c6:97:f6:7c:f6:1f:04:f3:2e:
75:09:9b:a7:81:cd:26:12:93:2a:fa:2f:dc:b3:e4:d7:0e:86:
36:5e:cf:d0:d9:50:92:5a:7b:48:0d:e2:1d:0f:cd:50:86:a3:
90:72:b3:20:81:11:a0:13:50:85:22:3a:54:4c:95:2d:91:b9:
aa:0b:42:40:9d:24:90:8c:24:02:b2:03:5f:10:c3:3c:45:84:
2c:f7:4d:0c:c9:af:65:88:54:3d:c1:0f:18:65:83:6e:2d:36:
cc:45:bb:62:d0:3c:2e:62:49:83:8e:6c:23:8d:b0:79:b8:b8:
63:91:53:4c:a9:77:e3:ce:ff:3d:59:47:e0:0b:71:1b:60:c5:
c3:ea:f7:9c:fa:5c:34:39:62:35:fd:8d:9a:8d:08:4e:47:c4:
5f:44:0d:fc:e2:7d:93:99:37:f0:cf:ab:08:4c:95:bc:b7:0c:
f3:6f:92:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZgOa+Xzt3+vJ0qKX8rp+2nPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwNzE1MTQxMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRiNzViOTc3ZjlkOWRkMTczZTYwYWNjN2U2YmI1ODllYzc4MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFqUyhRwjBIs657WlCy3Di3KOaNS
DSx/R71lHuUavOvS5+alnq1ixHvUJFM+KosqylO32j7kcOCyvdHfUwRbtK8oJa4u
K5ueF8C/ZJe1cZOfbnvzaXjQ+kMHYQNL5cIZBiHyBfCuL42PEYxn4L69ZyZza2Yg
bV4/goJXu1iilwJlNAngrpfjkIMsCEc44Fiz3CBWUUOFmaCJVH2zMittWXEEQsXy
KAjWNRUt7EhBp19pmO+g5+lkjJya39RvmSIhQ6MSfwIbIXmDAEgzXQqjJp7E21V+
M+g3wuo93vvvEgBrrk6dYsHzWGukhCnB/cXTiMC+RjraLYuHBBPt8jO6QwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMlLdbl3+dndFz5grMfmu1iex4NXMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEveVV0MXVYZjUyZDBYUG1Dc3gtYTdXSjdIZzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQADw
MA0GCSqGSIb3DQEBCwUAA4IBAQBNe+U7p95QPAgZBn5F99UAeRK9CPdxlHfw0otR
WQyjkaX5okAT6ugUXjs1dTEq7EgPPbyu8YPSCxT6hBCQZb0LRdv9pVFbcWrhuRW3
s+uCYofGl/Z89h8E8y51CZungc0mEpMq+i/cs+TXDoY2Xs/Q2VCSWntIDeIdD81Q
hqOQcrMggRGgE1CFIjpUTJUtkbmqC0JAnSSQjCQCsgNfEMM8RYQs900Mya9liFQ9
wQ8YZYNuLTbMRbti0DwuYkmDjmwjjbB5uLhjkVNMqXfjzv89WUfgC3EbYMXD6vec
+lw0OWI1/Y2ajQhOR8RfRA384n2TmTfwz6sITJW8twzzb5Kr
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:43:59 2025 by rpki-client