
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/XMpLxXWN48kX8ReZlMjTQq0YgG0.roa
File: XMpLxXWN48kX8ReZlMjTQq0YgG0.roa (raw, json)
Hash identifier: Sy31+cD4A7xSQei7nSIPOvXZJGdyWsWD63LXax9n/70=
Subject key identifier: 5C:CA:4B:C5:75:8D:E3:C9:17:F1:17:99:94:C8:D3:42:AD:18:80:6D
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197E5FEC74C935F40F5FF5B154A49299073
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/XMpLxXWN48kX8ReZlMjTQq0YgG0.roa
Signing time: Mon 07 Jul 2025 17:46:08 +0000
ROA not before: Mon 07 Jul 2025 17:46:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:c383::/32 maxlen: 32
2a0a:c387::/32 maxlen: 32
2a11:5881::/32 maxlen: 32
2a11:5882::/32 maxlen: 32
2a11:8440::/32 maxlen: 32
2a11:8446::/32 maxlen: 32
2a11:b784::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:be81::/32 maxlen: 32
2a11:be86::/32 maxlen: 32
2a11:c103::/32 maxlen: 32
2a11:c706::/32 maxlen: 32
2a11:c707::/32 maxlen: 32
2a11:d086::/32 maxlen: 32
2a11:fb40::/32 maxlen: 32
2a11:fec4::/32 maxlen: 32
2a12:1800::/32 maxlen: 32
2a12:1806::/32 maxlen: 32
2a12:1940::/32 maxlen: 32
2a12:1941::/32 maxlen: 32
2a12:1cc2::/32 maxlen: 32
2a12:2c40::/32 maxlen: 32
2a12:2c41::/32 maxlen: 32
2a12:4c00::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Jul 2025 15:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:fe:c7:4c:93:5f:40:f5:ff:5b:15:4a:49:29:90:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 7 17:46:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cca4bc5758de3c917f1179994c8d342ad18806d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1f:e7:66:4b:2c:a6:ad:0d:35:c0:f9:c1:01:
92:b6:fc:ce:3b:6c:aa:fa:d1:e7:83:93:34:43:bc:
a0:f1:f2:f2:3d:86:3a:7c:07:3d:a6:ad:a2:82:2c:
71:ef:7a:88:dd:4d:d1:11:08:ed:20:59:1a:51:e6:
1b:af:b3:56:0d:04:f9:6b:d3:f2:d1:64:32:0c:0d:
7d:78:a0:12:dd:71:d5:a0:c8:5e:ce:25:01:f7:10:
8f:62:fc:10:56:e6:72:e4:71:82:5e:e2:d0:38:d5:
3b:26:c4:7e:1c:03:47:20:76:6d:32:f5:3f:fb:ba:
65:ad:79:1b:73:16:fb:d1:ac:08:cb:e7:ef:01:b8:
d1:7a:5c:54:ed:f0:01:9a:45:53:b0:77:54:46:44:
af:bf:cd:e0:b4:e1:98:fc:ed:6a:bf:5e:d0:b4:40:
2f:d5:ad:49:f8:5e:78:60:63:c9:55:8f:f0:1f:f8:
c3:f9:f6:a4:92:c7:45:4c:74:f2:35:3e:72:46:8c:
74:3b:cd:88:a9:f8:68:5d:f8:15:86:b5:4b:3b:65:
9b:45:f1:76:32:c7:27:0d:7c:95:46:67:5f:22:0a:
ba:86:f6:0d:3b:0d:b0:d0:77:46:74:96:f7:2c:8c:
29:2c:b3:34:b0:5f:53:0d:7b:ca:e6:17:ce:c7:79:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CA:4B:C5:75:8D:E3:C9:17:F1:17:99:94:C8:D3:42:AD:18:80:6D
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/XMpLxXWN48kX8ReZlMjTQq0YgG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c383::/32
2a0a:c387::/32
2a11:5881::-2a11:5882:ffff:ffff:ffff:ffff:ffff:ffff
2a11:8440::/32
2a11:8446::/32
2a11:b784::/31
2a11:be81::/32
2a11:be86::/32
2a11:c103::/32
2a11:c706::/31
2a11:d086::/32
2a11:fb40::/32
2a11:fec4::/32
2a12:1800::/32
2a12:1806::/32
2a12:1940::/31
2a12:1cc2::/32
2a12:2c40::/31
2a12:4c00::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
29:31:5c:bf:78:61:65:96:76:3e:e7:57:5e:ab:79:3e:ed:39:
b1:0e:7f:e7:2a:e3:ff:54:ca:42:b8:95:1a:b6:32:47:3e:e7:
3e:d1:9e:fa:d5:be:de:ce:c1:76:ce:99:24:e2:55:5a:be:61:
c7:cb:ef:ab:b8:e8:76:27:7b:9c:ee:a4:a7:b5:a9:89:73:4b:
8b:cc:0e:cb:a7:c5:17:2d:e2:fa:01:53:52:6c:0d:c4:13:65:
86:de:a8:59:26:f3:cb:f5:ac:42:2b:da:fe:b7:3c:da:36:4c:
0a:e7:33:59:b8:7d:32:8a:5a:df:0e:d1:d5:4e:49:af:b0:28:
16:48:b0:d7:29:95:00:fa:b4:14:96:15:6c:63:f4:63:7a:e1:
a2:03:43:ad:eb:f4:fa:18:12:c9:95:c4:6f:11:67:76:70:a2:
c7:e4:d8:90:3b:c7:38:6a:3f:c8:6c:f3:3b:37:ca:25:44:f5:
e7:c5:42:01:aa:01:f4:c0:77:94:27:23:20:e5:6e:f7:bf:9a:
e8:b5:1f:10:88:e3:1d:49:eb:d3:86:54:e7:5f:e5:0e:11:23:
ae:fb:8d:d2:e1:20:26:ed:bb:e9:aa:28:a9:3a:48:e4:49:d0:
03:15:df:dc:de:08:30:e7:bc:2b:b6:57:cc:35:c5:d0:a1:05:
9b:9f:72:8b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZfl/sdMk19A9f9bFUpJKZBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzA3MTc0NjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NhNGJjNTc1OGRlM2M5MTdmMTE3OTk5NGM4ZDM0MmFkMTg4MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB/nZksspq0NNcD5wQGStvzOO2yq
+tHng5M0Q7yg8fLyPYY6fAc9pq2igixx73qI3U3REQjtIFkaUeYbr7NWDQT5a9Py
0WQyDA19eKAS3XHVoMheziUB9xCPYvwQVuZy5HGCXuLQONU7JsR+HANHIHZtMvU/
+7plrXkbcxb70awIy+fvAbjRelxU7fABmkVTsHdURkSvv83gtOGY/O1qv17QtEAv
1a1J+F54YGPJVY/wH/jD+fakksdFTHTyNT5yRox0O82IqfhoXfgVhrVLO2WbRfF2
MscnDXyVRmdfIgq6hvYNOw2w0HdGdJb3LIwpLLM0sF9TDXvK5hfOx3nSNQIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFFzKS8V1jePJF/EXmZTI00KtGIBtMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvWE1wTHhYV040OGtYOFJlWmxNalRRcTBZZ0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBnAQCAAIwgZUDBQAq
CsODAwUAKgrDhzAOAwUAKhFYgQMFACoRWIIDBQAqEYRAAwUAKhGERgMFASoRt4QD
BQAqEb6BAwUAKhG+hgMFACoRwQMDBQEqEccGAwUAKhHQhgMFACoR+0ADBQAqEf7E
AwUAKhIYAAMFACoSGAYDBQEqEhlAAwUAKhIcwgMFASoSLEADBQAqEkwAAwUAKhJM
BjANBgkqhkiG9w0BAQsFAAOCAQEAKTFcv3hhZZZ2PudXXqt5Pu05sQ5/5yrj/1TK
QriVGrYyRz7nPtGe+tW+3s7Bds6ZJOJVWr5hx8vvq7jodid7nO6kp7WpiXNLi8wO
y6fFFy3i+gFTUmwNxBNlht6oWSbzy/WsQiva/rc82jZMCuczWbh9Mopa3w7R1U5J
r7AoFkiw1ymVAPq0FJYVbGP0Y3rhogNDrev0+hgSyZXEbxFndnCix+TYkDvHOGo/
yGzzOzfKJUT158VCAaoB9MB3lCcjIOVu97+a6LUfEIjjHUnr04ZU51/lDhEjrvuN
0uEgJu276aooqTpI5EnQAxXf3N4IMOe8K7ZXzDXF0KEFm59yiw==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:50:18 2025 by rpki-client