Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7LVYLn8CUgWxVA2AH7CqXpnTxsM.roa
File: 7LVYLn8CUgWxVA2AH7CqXpnTxsM.roa (raw, json)
Hash identifier: esJ2DPW4BdXJcVt7SOTQN7zAM1LlAWqh7Nae8FFboYU=
Subject key identifier: EC:B5:58:2E:7F:02:52:05:B1:54:0D:80:1F:B0:AA:5E:99:D3:C6:C3
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0197891ACA191429A0E260070599B5F6EF83
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7LVYLn8CUgWxVA2AH7CqXpnTxsM.roa
Signing time: Thu 19 Jun 2025 16:52:03 +0000
ROA not before: Thu 19 Jun 2025 16:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27552
IP address blocks: 2a0c:3ac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Jun 2025 03:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:89:1a:ca:19:14:29:a0:e2:60:07:05:99:b5:f6:ef:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jun 19 16:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecb5582e7f025205b1540d801fb0aa5e99d3c6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d2:b0:60:d9:5f:26:15:2b:d6:a5:45:af:24:
7b:a0:a4:d6:91:4b:1c:f6:03:1c:5b:39:3d:fd:32:
bc:14:cd:55:57:09:ac:e3:ba:44:de:36:fb:c3:0d:
db:e8:13:98:0e:fd:04:c6:54:41:67:53:eb:b6:0b:
ad:a2:02:be:66:39:6a:3b:92:64:45:93:69:60:8b:
99:4b:1d:71:a1:85:bc:30:d8:e3:9d:33:db:10:e2:
5b:d8:8b:2d:f3:23:cf:7d:4d:2b:3c:f0:b9:7e:a4:
f4:04:ac:df:7b:f4:c8:6a:13:3e:6e:ab:17:34:82:
37:7c:cd:94:af:0e:ce:03:95:24:33:11:1a:c9:e9:
90:2d:72:6f:bb:27:3f:74:2c:5b:6f:d9:61:2e:7d:
47:0a:f6:ae:4c:6a:d7:8a:de:db:07:ee:27:c4:87:
66:44:8b:10:ee:76:08:08:a9:9e:8d:30:95:4d:0f:
28:0c:a0:12:7e:3f:17:7c:d6:6f:91:10:14:ae:a2:
e2:81:08:75:8b:e7:e2:e9:65:fd:ba:64:ee:c3:8b:
79:de:44:84:a6:a6:58:3a:63:4d:0b:d1:b1:41:f1:
78:2d:4c:ca:a8:3c:04:80:db:1a:d7:07:fe:de:88:
24:4c:11:de:be:85:11:32:3c:f4:d1:2e:47:f2:be:
1a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B5:58:2E:7F:02:52:05:B1:54:0D:80:1F:B0:AA:5E:99:D3:C6:C3
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/7LVYLn8CUgWxVA2AH7CqXpnTxsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:3ac0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:ef:a0:3c:63:30:3f:ca:59:4a:8e:10:33:07:a0:42:0c:57:
c5:9e:76:c0:62:de:14:18:3c:a0:03:d0:74:49:e4:d8:71:00:
40:f8:bb:c8:e3:5e:27:9c:09:93:8e:6e:b4:e6:17:a9:e6:40:
dc:7f:88:31:42:ee:00:aa:16:84:27:37:da:4b:6f:2e:41:75:
52:7d:b4:0d:a9:1e:62:51:da:f7:a8:f0:90:b2:d3:10:bc:e2:
72:4b:bd:59:4c:ff:f2:60:ca:58:79:25:40:f8:a6:80:dd:a3:
39:f2:52:26:41:5b:88:d1:54:23:88:41:5c:85:64:78:e7:fc:
4d:cb:8c:31:41:8d:16:6c:9a:89:a5:67:d7:da:65:6d:a9:dd:
63:af:c4:7d:4e:ea:2a:ab:fd:0e:b2:07:d0:9f:8f:98:b5:aa:
2b:07:5e:c9:c3:e0:45:57:76:2d:39:b3:6f:6a:b5:5a:aa:45:
2d:1a:1e:9e:d2:c3:04:72:42:a2:71:cc:59:b5:0e:11:33:9d:
bc:4b:2f:91:b5:9c:7c:82:37:b0:f3:75:4b:cd:56:f7:79:0e:
8c:48:87:79:90:d2:42:16:8e:fd:3e:70:64:ae:f5:6b:f9:a9:
69:1b:20:85:cd:1b:eb:d1:d3:e5:67:61:e6:94:b0:50:c1:86:
23:2b:1b:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZeJGsoZFCmg4mAHBZm19u+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNjE5MTY1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I1NTgyZTdmMDI1MjA1YjE1NDBkODAxZmIwYWE1ZTk5ZDNjNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNKwYNlfJhUr1qVFryR7oKTWkUsc
9gMcWzk9/TK8FM1VVwms47pE3jb7ww3b6BOYDv0ExlRBZ1PrtgutogK+ZjlqO5Jk
RZNpYIuZSx1xoYW8MNjjnTPbEOJb2Ist8yPPfU0rPPC5fqT0BKzfe/TIahM+bqsX
NII3fM2Urw7OA5UkMxEayemQLXJvuyc/dCxbb9lhLn1HCvauTGrXit7bB+4nxIdm
RIsQ7nYICKmejTCVTQ8oDKASfj8XfNZvkRAUrqLigQh1i+fi6WX9umTuw4t53kSE
pqZYOmNNC9GxQfF4LUzKqDwEgNsa1wf+3ogkTBHevoURMjz00S5H8r4aMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOy1WC5/AlIFsVQNgB+wql6Z08bDMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvN0xWWUxuOENVZ1d4VkEyQUg3Q3FYcG5UeHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgw6wDAN
BgkqhkiG9w0BAQsFAAOCAQEAiu+gPGMwP8pZSo4QMwegQgxXxZ52wGLeFBg8oAPQ
dEnk2HEAQPi7yONeJ5wJk45utOYXqeZA3H+IMULuAKoWhCc32ktvLkF1Un20Dake
YlHa96jwkLLTELzicku9WUz/8mDKWHklQPimgN2jOfJSJkFbiNFUI4hBXIVkeOf8
TcuMMUGNFmyaiaVn19plbandY6/EfU7qKqv9DrIH0J+PmLWqKwdeycPgRVd2LTmz
b2q1WqpFLRoentLDBHJConHMWbUOETOdvEsvkbWcfII3sPN1S81W93kOjEiHeZDS
QhaO/T5wZK71a/mpaRsghc0b69HT5Wdh5pSwUMGGIysbQw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:25:02 2025 by rpki-client