Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/C1UlQhLbn4RRJzk-EqfU2nLKMpk.roa
File: C1UlQhLbn4RRJzk-EqfU2nLKMpk.roa (raw, json)
Hash identifier: 4ycj/n6r6nHRwnHsm3mJCqnAUPGYfDDJrzLeVSqiMSA=
Subject key identifier: 0B:55:25:42:12:DB:9F:84:51:27:39:3E:12:A7:D4:DA:72:CA:32:99
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0197D61F43B5A1F8CA20C4B1B9AA425A544B
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/C1UlQhLbn4RRJzk-EqfU2nLKMpk.roa
Signing time: Fri 04 Jul 2025 15:47:42 +0000
ROA not before: Fri 04 Jul 2025 15:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62513
IP address blocks: 2a0f:b240::/46 maxlen: 48
2a0f:b240:1000::/36 maxlen: 48
2a0f:b240:2000::/36 maxlen: 48
2a0f:b240:3000::/36 maxlen: 48
2a0f:b240:4000::/36 maxlen: 48
2a0f:b241:8::/46 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Jul 2025 22:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:1f:43:b5:a1:f8:ca:20:c4:b1:b9:aa:42:5a:54:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jul 4 15:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b55254212db9f845127393e12a7d4da72ca3299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:51:35:99:a5:3c:21:a3:e1:31:66:e0:34:49:
53:4e:93:dd:1c:5d:8f:39:ca:97:35:8c:e1:e1:9d:
c3:77:b8:37:bb:33:1f:df:5c:3a:7f:c4:5c:16:47:
53:90:e4:31:92:66:49:a5:fb:47:ed:7a:63:22:71:
e8:6c:00:b8:f3:79:43:95:45:b6:6e:ef:a2:a8:a5:
28:0c:36:80:28:dd:92:1f:43:c9:ba:e0:e1:f7:5d:
c0:aa:08:fb:79:26:cc:d1:29:c3:0d:3b:b3:a9:20:
6c:fd:96:37:e5:07:3c:9b:c3:c9:5c:78:2f:f4:c5:
0b:1d:d9:2e:57:ab:47:35:74:91:a4:37:4c:54:86:
30:ce:f5:2c:d7:17:fc:ff:be:41:82:59:cb:7f:b2:
9f:2d:7d:ff:69:fc:ad:50:24:a0:c4:d0:55:52:e9:
fc:83:f1:22:7b:9e:3c:1d:b4:12:96:c7:5d:be:64:
35:99:be:ff:41:3d:0f:16:0d:6a:28:92:90:af:6b:
c5:f6:36:6e:e5:4e:40:b4:c0:18:b2:66:62:9b:4b:
95:7e:ee:40:79:93:b0:56:0a:60:04:a8:56:7e:87:
71:5f:21:da:ee:56:b5:a3:cd:6e:fb:cc:81:ab:da:
61:6f:63:87:66:cd:51:2e:5f:54:12:06:d8:a3:29:
c4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:55:25:42:12:DB:9F:84:51:27:39:3E:12:A7:D4:DA:72:CA:32:99
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/C1UlQhLbn4RRJzk-EqfU2nLKMpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b240::/46
2a0f:b240:1000::-2a0f:b240:4fff:ffff:ffff:ffff:ffff:ffff
2a0f:b241:8::/46
Signature Algorithm: sha256WithRSAEncryption
18:e8:a0:c0:ac:15:74:1b:4c:f4:16:6d:bb:3f:e0:4b:c3:64:
32:02:69:8e:c5:8d:4c:02:72:78:40:51:0e:36:2c:5d:e9:15:
4c:bd:18:33:01:1a:62:cf:1d:92:8f:d2:0f:7e:5b:5a:09:69:
46:34:b2:07:7b:53:9b:70:f4:d8:0a:9f:1c:ff:5e:c1:dc:6c:
68:97:f1:62:46:35:3c:2a:13:38:a7:fa:fc:fc:27:e6:15:ba:
43:5f:7e:75:f8:c4:02:68:9c:90:21:e8:91:ea:80:e5:e3:f0:
39:11:cc:30:d5:79:54:7a:57:1a:9c:2e:ef:07:db:ce:cc:68:
2a:d0:90:76:20:06:52:f0:57:76:5b:8f:06:8c:a5:ce:57:fd:
9d:41:0e:ec:55:92:9e:51:33:96:a8:47:3a:67:15:aa:09:f5:
70:c9:d7:6f:7c:cc:b4:d9:6a:db:b1:48:8b:e1:99:d3:43:4d:
49:c1:61:8e:6b:e4:d0:a9:1d:7c:8d:93:55:fa:68:04:dc:34:
01:55:18:89:70:f2:6a:b6:42:f2:25:46:93:3e:d5:0b:8d:f7:
58:43:06:24:72:04:39:12:ab:9a:63:56:6e:d6:26:3a:f2:8c:
ef:b4:f8:45:bc:f1:3a:67:62:e5:a7:f0:71:a4:95:20:a6:65:
54:b1:48:2f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZfWH0O1ofjKIMSxuapCWlRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwNzA0MTU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjU1MjU0MjEyZGI5Zjg0NTEyNzM5M2UxMmE3ZDRkYTcyY2EzMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlE1maU8IaPhMWbgNElTTpPdHF2P
OcqXNYzh4Z3Dd7g3uzMf31w6f8RcFkdTkOQxkmZJpftH7XpjInHobAC483lDlUW2
bu+iqKUoDDaAKN2SH0PJuuDh913Aqgj7eSbM0SnDDTuzqSBs/ZY35Qc8m8PJXHgv
9MULHdkuV6tHNXSRpDdMVIYwzvUs1xf8/75BglnLf7KfLX3/afytUCSgxNBVUun8
g/Eie548HbQSlsddvmQ1mb7/QT0PFg1qKJKQr2vF9jZu5U5AtMAYsmZim0uVfu5A
eZOwVgpgBKhWfodxXyHa7la1o81u+8yBq9phb2OHZs1RLl9UEgbYoynE4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAtVJUIS25+EUSc5PhKn1NpyyjKZMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvQzFVbFFoTGJuNFJSSnprLUVxZlUybkxLTXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcCKg+yQAAA
MBADBgQqD7JAEAMGBCoPskBAAwcCKg+yQQAIMA0GCSqGSIb3DQEBCwUAA4IBAQAY
6KDArBV0G0z0Fm27P+BLw2QyAmmOxY1MAnJ4QFEONixd6RVMvRgzARpizx2Sj9IP
fltaCWlGNLIHe1ObcPTYCp8c/17B3Gxol/FiRjU8KhM4p/r8/CfmFbpDX351+MQC
aJyQIeiR6oDl4/A5Ecww1XlUelcanC7vB9vOzGgq0JB2IAZS8Fd2W48GjKXOV/2d
QQ7sVZKeUTOWqEc6ZxWqCfVwyddvfMy02WrbsUiL4ZnTQ01JwWGOa+TQqR18jZNV
+mgE3DQBVRiJcPJqtkLyJUaTPtULjfdYQwYkcgQ5EquaY1Zu1iY68ozvtPhFvPE6
Z2Llp/BxpJUgpmVUsUgv
-----END CERTIFICATE-----
Generated at Fri Jul 25 01:02:11 2025 by rpki-client