Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/D5vcDi_lC6ER9U_B9ydxxZd_ako.roa
File: D5vcDi_lC6ER9U_B9ydxxZd_ako.roa (raw, json)
Hash identifier: 3mDIcb5QhB5t+zWZy8uKj7F1qDrsB1WJEYfNNAmnYvk=
Subject key identifier: 0F:9B:DC:0E:2F:E5:0B:A1:11:F5:4F:C1:F7:27:71:C5:97:7F:6A:4A
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197CC574D0EE719050BE76261D8287C79C9
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/D5vcDi_lC6ER9U_B9ydxxZd_ako.roa
Signing time: Wed 02 Jul 2025 18:12:42 +0000
ROA not before: Wed 02 Jul 2025 18:12:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:c387::/32 maxlen: 32
2a11:5882::/32 maxlen: 32
2a11:8440::/32 maxlen: 32
2a11:8446::/32 maxlen: 32
2a11:b784::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:be86::/32 maxlen: 32
2a11:c103::/32 maxlen: 32
2a11:c706::/32 maxlen: 32
2a11:d086::/32 maxlen: 32
2a11:fb40::/32 maxlen: 32
2a11:fec4::/32 maxlen: 32
2a12:1800::/32 maxlen: 32
2a12:1806::/32 maxlen: 32
2a12:1940::/32 maxlen: 32
2a12:1cc2::/32 maxlen: 32
2a12:2c41::/32 maxlen: 32
2a12:4c00::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Jul 2025 17:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:57:4d:0e:e7:19:05:0b:e7:62:61:d8:28:7c:79:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 2 18:12:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f9bdc0e2fe50ba111f54fc1f72771c5977f6a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:3d:93:2a:eb:4e:f2:c4:f9:43:40:06:2b:
90:7d:32:ed:85:fb:77:cd:d3:ae:48:30:86:59:ec:
e4:ff:33:cf:d6:84:0c:87:c1:59:6b:d8:c5:b2:1c:
46:81:78:a8:fe:15:ae:08:b4:a0:79:f1:a6:38:b3:
f9:2f:a8:77:cd:a3:0c:9d:6b:c6:6d:4e:3d:b7:ee:
cd:10:d0:69:e9:e3:ef:ca:64:42:55:b8:88:4c:d0:
cc:85:cf:a0:c5:d3:08:4f:49:e5:49:1b:d8:50:b0:
ac:76:07:03:76:08:d6:a0:de:11:70:46:51:10:0d:
15:0a:8e:de:ce:c2:e6:46:36:d5:44:b8:be:35:41:
43:b2:ab:52:66:04:43:a1:82:15:d9:3b:a1:6d:75:
9c:da:64:c7:76:34:61:a9:08:68:8a:1a:35:f2:a7:
42:cd:09:25:92:dc:b2:9d:05:40:24:ed:68:26:62:
80:95:19:ae:cf:c8:56:06:f5:1b:25:03:ac:f0:84:
6d:55:7d:9f:e2:76:de:e0:40:7f:0b:36:3c:5e:c5:
2a:6b:c4:7a:79:7d:75:72:50:1f:31:07:b3:b0:0e:
89:50:fb:d4:82:a4:93:56:cf:18:44:1b:ca:c6:33:
76:db:2c:90:17:65:1b:1c:6a:ec:80:1f:fe:a8:62:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9B:DC:0E:2F:E5:0B:A1:11:F5:4F:C1:F7:27:71:C5:97:7F:6A:4A
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/D5vcDi_lC6ER9U_B9ydxxZd_ako.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c387::/32
2a11:5882::/32
2a11:8440::/32
2a11:8446::/32
2a11:b784::/31
2a11:be86::/32
2a11:c103::/32
2a11:c706::/32
2a11:d086::/32
2a11:fb40::/32
2a11:fec4::/32
2a12:1800::/32
2a12:1806::/32
2a12:1940::/32
2a12:1cc2::/32
2a12:2c41::/32
2a12:4c00::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
01:a8:4f:18:d2:7e:55:54:cc:d3:52:a7:1e:38:b2:fc:fb:49:
ac:f5:f6:48:c5:68:99:a6:60:ae:8c:2f:23:7b:4a:3c:4e:4b:
37:8d:8c:93:cb:bb:bc:0c:32:23:e0:11:d9:79:00:ec:47:e9:
d1:00:80:39:f4:04:61:6a:48:38:99:81:fe:63:9b:be:28:77:
8b:6a:e1:3a:6e:6e:51:1b:bd:48:88:05:0a:29:9f:aa:89:90:
13:e6:96:39:59:35:6e:c8:26:3c:a8:15:31:45:70:81:18:7c:
39:f6:d8:37:b1:ff:0e:88:fa:88:54:21:cd:b9:3d:c7:fd:e8:
05:1b:02:06:00:8e:d3:57:43:e1:3a:80:15:3c:ab:dd:3d:d2:
a9:84:d0:81:4b:48:f0:c3:62:bc:61:28:df:f0:92:aa:54:68:
6c:ff:71:fa:9d:0b:d1:39:57:79:cd:32:aa:fc:e6:31:51:54:
54:cc:b6:17:07:e6:c9:bb:f0:7e:da:58:01:33:9c:cd:68:f1:
64:fd:8b:d4:11:41:48:3b:1f:df:31:38:52:be:1a:2d:d5:3d:
a4:36:09:59:be:cf:a9:24:63:7a:9d:c2:2c:1a:e8:06:74:e7:
62:38:aa:a0:68:77:85:e3:95:39:e3:89:32:d8:ff:2e:8d:e3:
2f:1b:f6:4d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZfMV00O5xkFC+diYdgofHnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzAyMTgxMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjliZGMwZTJmZTUwYmExMTFmNTRmYzFmNzI3NzFjNTk3N2Y2YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2389kyrrTvLE+UNABiuQfTLthft3
zdOuSDCGWezk/zPP1oQMh8FZa9jFshxGgXio/hWuCLSgefGmOLP5L6h3zaMMnWvG
bU49t+7NENBp6ePvymRCVbiITNDMhc+gxdMIT0nlSRvYULCsdgcDdgjWoN4RcEZR
EA0VCo7ezsLmRjbVRLi+NUFDsqtSZgRDoYIV2TuhbXWc2mTHdjRhqQhoiho18qdC
zQklktyynQVAJO1oJmKAlRmuz8hWBvUbJQOs8IRtVX2f4nbe4EB/CzY8XsUqa8R6
eX11clAfMQezsA6JUPvUgqSTVs8YRBvKxjN22yyQF2UbHGrsgB/+qGLtHQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFA+b3A4v5QuhEfVPwfcnccWXf2pKMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvRDV2Y0RpX2xDNkVSOVVfQjl5ZHh4WmRfYWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFACoK
w4cDBQAqEViCAwUAKhGEQAMFACoRhEYDBQEqEbeEAwUAKhG+hgMFACoRwQMDBQAq
EccGAwUAKhHQhgMFACoR+0ADBQAqEf7EAwUAKhIYAAMFACoSGAYDBQAqEhlAAwUA
KhIcwgMFACoSLEEDBQAqEkwAAwUAKhJMBjANBgkqhkiG9w0BAQsFAAOCAQEAAahP
GNJ+VVTM01KnHjiy/PtJrPX2SMVomaZgrowvI3tKPE5LN42Mk8u7vAwyI+AR2XkA
7Efp0QCAOfQEYWpIOJmB/mObvih3i2rhOm5uURu9SIgFCimfqomQE+aWOVk1bsgm
PKgVMUVwgRh8OfbYN7H/Doj6iFQhzbk9x/3oBRsCBgCO01dD4TqAFTyr3T3SqYTQ
gUtI8MNivGEo3/CSqlRobP9x+p0L0TlXec0yqvzmMVFUVMy2FwfmybvwftpYATOc
zWjxZP2L1BFBSDsf3zE4Ur4aLdU9pDYJWb7PqSRjep3CLBroBnTnYjiqoGh3heOV
OeOJMtj/Lo3jLxv2TQ==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:49:45 2025 by rpki-client