Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/3S6htJ3E6FyHt5qeDa59CACAzvM.roa
File: 3S6htJ3E6FyHt5qeDa59CACAzvM.roa (raw, json)
Hash identifier: CyfdpfPOO7KDuSWcQngcQ7whd2sWleGopV1Y0xaNVw0=
Subject key identifier: DD:2E:A1:B4:9D:C4:E8:5C:87:B7:9A:9E:0D:AE:7D:08:00:80:CE:F3
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197E5683F918A8FFC836E44F6D8C899E746
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/3S6htJ3E6FyHt5qeDa59CACAzvM.roa
Signing time: Mon 07 Jul 2025 15:01:43 +0000
ROA not before: Mon 07 Jul 2025 15:01:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211009
IP address blocks: 2a0a:c380::/32 maxlen: 32
2a11:c700::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Jul 2025 17:45:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:68:3f:91:8a:8f:fc:83:6e:44:f6:d8:c8:99:e7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 7 15:01:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd2ea1b49dc4e85c87b79a9e0dae7d080080cef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9a:55:70:43:be:cc:72:58:9c:b5:72:08:09:
b2:46:7d:4a:fe:fe:80:9f:b2:42:60:dd:2a:46:d4:
c0:10:7b:b5:69:9c:c2:ce:3f:13:d2:49:b5:ab:97:
d5:5f:17:e4:a8:b4:90:08:5f:e9:d6:93:0f:29:35:
a1:73:3f:db:ef:26:f6:03:2c:f3:ee:3d:6f:73:45:
ec:f9:5a:0b:af:6a:d6:9c:ac:fe:b3:a9:cf:36:84:
55:bd:84:74:11:af:eb:61:15:e1:24:84:0b:57:1a:
11:b9:4c:83:44:fa:79:4b:e5:5e:8f:2d:ae:34:6f:
55:38:2e:08:1c:26:be:67:e4:43:b1:b1:99:63:c9:
b9:62:4a:d2:b8:40:da:a0:78:88:45:37:a4:73:df:
65:1f:d7:76:17:b7:3f:3d:c8:7d:fe:0a:af:37:af:
41:c3:7b:0f:f7:71:e7:44:5e:af:f9:bf:ac:3a:0c:
2a:f5:2f:10:fc:56:a2:96:1d:aa:44:fd:77:97:1f:
39:fb:2a:c1:19:c4:cb:b7:35:86:12:58:cc:35:10:
39:09:4c:09:dd:ac:7f:7e:a5:5f:f0:0d:c3:1c:67:
96:34:d7:2b:c0:43:89:25:e1:75:fe:06:2e:c1:67:
1f:ea:44:11:f7:f0:53:c7:30:8b:ff:e4:58:ed:f1:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2E:A1:B4:9D:C4:E8:5C:87:B7:9A:9E:0D:AE:7D:08:00:80:CE:F3
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/3S6htJ3E6FyHt5qeDa59CACAzvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c380::/32
2a11:c700::/32
Signature Algorithm: sha256WithRSAEncryption
c0:f3:d5:f3:69:ad:b1:75:db:0a:61:5e:57:61:49:cd:12:a1:
96:e3:3a:8b:b9:16:0d:8a:e0:d2:8a:26:d1:fe:7e:ae:18:35:
17:dc:60:82:23:f8:00:90:e0:cc:35:fb:88:72:23:44:d1:4f:
89:9e:12:4c:ab:1d:4b:4d:d9:07:d9:fd:14:38:37:a0:98:f4:
25:25:19:6d:9a:aa:5b:32:43:d8:9b:ef:0c:e9:5c:d4:92:41:
54:e5:9f:28:d2:5c:20:3e:2f:a1:ac:14:b6:83:d8:d6:24:5f:
6f:c0:07:04:ca:48:98:8a:e4:2a:38:15:c0:a7:43:6d:6c:10:
ce:7d:39:62:66:a6:b1:39:8d:9c:06:35:34:58:d4:c9:62:f3:
41:f2:d3:3a:0f:9c:2a:31:9b:3f:8a:1e:2a:0e:61:f6:40:a9:
49:47:8a:79:90:94:20:16:0a:e0:89:6d:03:3e:67:69:56:60:
86:44:b0:63:e5:dd:f7:f1:71:54:bb:ba:c9:88:b7:a0:03:15:
de:83:a6:af:a0:ac:d1:4b:d8:b5:f2:da:8a:70:0c:22:76:c4:
a7:0b:8b:ff:65:d8:c2:fc:f2:04:a5:6c:b5:5c:b2:f1:3f:d0:
29:d9:b7:3d:c4:6a:46:fa:57:b3:74:f8:d7:15:8a:bf:be:8d:
02:3e:e9:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZflaD+Rio/8g25E9tjImedGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzA3MTUwMTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJlYTFiNDlkYzRlODVjODdiNzlhOWUwZGFlN2QwODAwODBjZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJpVcEO+zHJYnLVyCAmyRn1K/v6A
n7JCYN0qRtTAEHu1aZzCzj8T0km1q5fVXxfkqLSQCF/p1pMPKTWhcz/b7yb2Ayzz
7j1vc0Xs+VoLr2rWnKz+s6nPNoRVvYR0Ea/rYRXhJIQLVxoRuUyDRPp5S+Vejy2u
NG9VOC4IHCa+Z+RDsbGZY8m5YkrSuEDaoHiIRTekc99lH9d2F7c/Pch9/gqvN69B
w3sP93HnRF6v+b+sOgwq9S8Q/Failh2qRP13lx85+yrBGcTLtzWGEljMNRA5CUwJ
3ax/fqVf8A3DHGeWNNcrwEOJJeF1/gYuwWcf6kQR9/BTxzCL/+RY7fFTywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN0uobSdxOhch7eang2ufQgAgM7zMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvM1M2aHRKM0U2RnlIdDVxZURhNTlDQUNBenZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgrDgAMF
ACoRxwAwDQYJKoZIhvcNAQELBQADggEBAMDz1fNprbF12wphXldhSc0SoZbjOou5
Fg2K4NKKJtH+fq4YNRfcYIIj+ACQ4Mw1+4hyI0TRT4meEkyrHUtN2QfZ/RQ4N6CY
9CUlGW2aqlsyQ9ib7wzpXNSSQVTlnyjSXCA+L6GsFLaD2NYkX2/ABwTKSJiK5Co4
FcCnQ21sEM59OWJmprE5jZwGNTRY1Mli80Hy0zoPnCoxmz+KHioOYfZAqUlHinmQ
lCAWCuCJbQM+Z2lWYIZEsGPl3ffxcVS7usmIt6ADFd6Dpq+grNFL2LXy2opwDCJ2
xKcLi/9l2ML88gSlbLVcsvE/0CnZtz3Eakb6V7N0+NcVir++jQI+6cg=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:32:16 2025 by rpki-client