Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hNZhy0njPci4qZyWzkzrtM7R7oQ.roa
File: hNZhy0njPci4qZyWzkzrtM7R7oQ.roa (raw, json)
Hash identifier: x0ad292FfMEi4cz+VtSQQCuaGDijyozAON9wZXXXZAg=
Subject key identifier: 84:D6:61:CB:49:E3:3D:C8:B8:A9:9C:96:CE:4C:EB:B4:CE:D1:EE:84
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197E57337DA42FFFD18E39C8BC74254E568
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hNZhy0njPci4qZyWzkzrtM7R7oQ.roa
Signing time: Mon 07 Jul 2025 15:13:42 +0000
ROA not before: Mon 07 Jul 2025 15:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0a:c385::/32 maxlen: 32
2a11:5880::/32 maxlen: 32
2a11:6506::/32 maxlen: 32
2a11:7685::/32 maxlen: 32
2a11:8300::/32 maxlen: 32
2a11:b783::/32 maxlen: 32
2a11:be84::/32 maxlen: 32
2a11:c106::/32 maxlen: 32
2a11:c701::/32 maxlen: 32
2a11:c704::/32 maxlen: 32
2a11:cd00::/32 maxlen: 32
2a11:d084::/32 maxlen: 32
2a12:1942::/32 maxlen: 32
2a12:1cc3::/32 maxlen: 32
2a12:2c43::/32 maxlen: 32
2a12:3b40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Jul 2025 11:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:73:37:da:42:ff:fd:18:e3:9c:8b:c7:42:54:e5:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 7 15:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84d661cb49e33dc8b8a99c96ce4cebb4ced1ee84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:1e:5d:e1:9c:45:fc:b5:45:9f:6a:83:2e:
75:65:09:10:8f:07:d2:be:56:6c:e0:cd:f2:c0:0d:
07:28:ce:ae:52:8c:96:f2:be:0c:47:4c:1d:83:6d:
32:71:2a:55:2b:0c:4d:51:dc:ba:be:bf:58:34:67:
59:83:43:01:e1:51:ca:a1:b3:4e:74:4a:9a:32:36:
d8:71:33:9a:b2:cc:f9:8d:a3:dc:b8:82:bc:85:72:
13:d7:b5:d9:4e:09:ab:87:01:96:db:09:5a:0f:99:
48:3b:2d:8a:7a:8d:4a:54:d8:4d:b7:ff:4a:da:bb:
68:74:7f:1c:7d:2d:07:dc:cc:ce:19:f7:07:61:97:
ee:5f:70:f2:3c:08:6c:6e:52:d7:e4:73:44:23:24:
b6:b2:dd:05:bf:82:74:36:b8:0b:04:a3:d4:08:8d:
8b:a1:12:9a:dc:ce:bc:78:7f:40:c9:d8:ae:ef:c6:
bd:8e:a8:28:23:7c:4e:e7:e3:25:94:2c:7b:57:b0:
89:c4:6a:64:f1:f7:f6:3d:c5:3f:6e:a9:e8:e8:14:
36:86:9c:4d:63:fb:dd:85:b6:ca:12:3c:ea:c8:f7:
0b:c2:17:ee:22:87:92:72:c0:56:65:61:97:c1:7a:
cf:b8:e5:1a:89:ec:ee:7a:8b:b8:db:1e:ff:bb:23:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D6:61:CB:49:E3:3D:C8:B8:A9:9C:96:CE:4C:EB:B4:CE:D1:EE:84
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hNZhy0njPci4qZyWzkzrtM7R7oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c385::/32
2a11:5880::/32
2a11:6506::/32
2a11:7685::/32
2a11:8300::/32
2a11:b783::/32
2a11:be84::/32
2a11:c106::/32
2a11:c701::/32
2a11:c704::/32
2a11:cd00::/32
2a11:d084::/32
2a12:1942::/32
2a12:1cc3::/32
2a12:2c43::/32
2a12:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
47:d7:c7:e7:bf:f2:df:c2:88:4a:14:8d:d3:be:14:96:2d:b8:
6e:f2:ba:dd:7e:65:83:7c:72:d1:c6:43:e9:eb:e7:4b:8a:d8:
86:34:26:39:ff:fc:46:56:c9:71:e9:66:fa:9a:60:4b:57:f5:
70:f9:40:1d:b9:61:fc:9e:ca:19:92:c9:b3:43:c0:f2:d8:79:
5d:35:9b:89:fe:04:cc:ce:9b:6f:27:0f:d3:4a:c3:bd:b1:b3:
3c:cd:84:5f:c3:87:15:fc:d2:8a:f8:eb:13:b8:60:df:1e:f8:
53:cc:c2:a0:25:c2:45:92:55:27:e9:89:9f:19:76:50:71:25:
fe:d3:7a:8f:c9:38:f7:75:aa:90:16:8c:a8:94:2e:b5:7d:4f:
db:03:ee:13:37:a0:58:95:bb:6f:bb:80:e0:5e:96:bc:17:62:
9e:a0:49:fd:b1:60:76:e1:93:b6:9e:68:0c:3e:57:71:51:ab:
c8:75:0f:50:5a:72:d5:15:36:e1:d5:b7:5f:b3:13:eb:97:10:
c6:32:2e:a3:c7:e9:b8:75:13:1b:d1:af:4d:4f:a1:a3:77:6d:
2f:f0:da:cf:cf:71:1e:d4:b0:10:dc:55:be:01:5d:ec:f3:2f:
2c:4b:b1:34:16:ab:b8:65:9e:d1:fe:bc:40:09:ca:32:3c:52:
40:4f:c4:9e
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZflczfaQv/9GOOci8dCVOVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzA3MTUxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ2NjFjYjQ5ZTMzZGM4YjhhOTljOTZjZTRjZWJiNGNlZDFlZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SoeXeGcRfy1RZ9qgy51ZQkQjwfS
vlZs4M3ywA0HKM6uUoyW8r4MR0wdg20ycSpVKwxNUdy6vr9YNGdZg0MB4VHKobNO
dEqaMjbYcTOassz5jaPcuIK8hXIT17XZTgmrhwGW2wlaD5lIOy2Keo1KVNhNt/9K
2rtodH8cfS0H3MzOGfcHYZfuX3DyPAhsblLX5HNEIyS2st0Fv4J0NrgLBKPUCI2L
oRKa3M68eH9Aydiu78a9jqgoI3xO5+MllCx7V7CJxGpk8ff2PcU/bqno6BQ2hpxN
Y/vdhbbKEjzqyPcLwhfuIoeScsBWZWGXwXrPuOUaiezueou42x7/uyN3UwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFITWYctJ4z3IuKmcls5M67TO0e6EMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvaE5aaHkwbmpQY2k0cVp5V3prenJ0TTdSN29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFACoKw4UD
BQAqEViAAwUAKhFlBgMFACoRdoUDBQAqEYMAAwUAKhG3gwMFACoRvoQDBQAqEcEG
AwUAKhHHAQMFACoRxwQDBQAqEc0AAwUAKhHQhAMFACoSGUIDBQAqEhzDAwUAKhIs
QwMFACoSO0AwDQYJKoZIhvcNAQELBQADggEBAEfXx+e/8t/CiEoUjdO+FJYtuG7y
ut1+ZYN8ctHGQ+nr50uK2IY0Jjn//EZWyXHpZvqaYEtX9XD5QB25YfyeyhmSybND
wPLYeV01m4n+BMzOm28nD9NKw72xszzNhF/DhxX80or46xO4YN8e+FPMwqAlwkWS
VSfpiZ8ZdlBxJf7Teo/JOPd1qpAWjKiULrV9T9sD7hM3oFiVu2+7gOBelrwXYp6g
Sf2xYHbhk7aeaAw+V3FRq8h1D1BactUVNuHVt1+zE+uXEMYyLqPH6bh1ExvRr01P
oaN3bS/w2s/PcR7UsBDcVb4BXezzLyxLsTQWq7hlntH+vEAJyjI8UkBPxJ4=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:50:30 2025 by rpki-client