Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/u45ksmlLyl3ZFHtIswGCjcPiE2g.roa
File: u45ksmlLyl3ZFHtIswGCjcPiE2g.roa (raw, json)
Hash identifier: yQuo+5R0qjNwzvwxXcUYYEKPCGFTM2MnPI5RI4hzxvU=
Subject key identifier: BB:8E:64:B2:69:4B:CA:5D:D9:14:7B:48:B3:01:82:8D:C3:E2:13:68
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0197D60A34D3AA7463602EC8B51567F95F4C
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/u45ksmlLyl3ZFHtIswGCjcPiE2g.roa
Signing time: Fri 04 Jul 2025 15:24:42 +0000
ROA not before: Fri 04 Jul 2025 15:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0a:c385::/32 maxlen: 32
2a11:5880::/32 maxlen: 32
2a11:6506::/32 maxlen: 32
2a11:7680::/32 maxlen: 32
2a11:7685::/32 maxlen: 32
2a11:8300::/32 maxlen: 32
2a11:b783::/32 maxlen: 32
2a11:b786::/32 maxlen: 32
2a11:be84::/32 maxlen: 32
2a11:c106::/32 maxlen: 32
2a11:c701::/32 maxlen: 32
2a11:c704::/32 maxlen: 32
2a11:cd00::/32 maxlen: 32
2a11:d080::/32 maxlen: 32
2a11:d084::/32 maxlen: 32
2a12:1942::/32 maxlen: 32
2a12:1cc3::/32 maxlen: 32
2a12:2c43::/32 maxlen: 32
2a12:3b40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Jul 2025 15:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:0a:34:d3:aa:74:63:60:2e:c8:b5:15:67:f9:5f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jul 4 15:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb8e64b2694bca5dd9147b48b301828dc3e21368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:e1:8f:f3:9a:d8:6d:9a:df:ea:82:d3:8c:
47:ee:fe:a6:10:04:46:45:c9:11:65:e3:ef:5e:1b:
eb:f4:d4:7e:8b:74:4a:92:76:37:d5:09:1a:91:6d:
19:5b:3a:de:e4:b6:f7:5d:f0:12:d2:b2:19:52:00:
9f:cd:ef:c4:05:05:0e:76:ea:72:a6:68:ad:19:1c:
62:7e:0f:5c:bb:e5:4a:aa:2d:17:5d:12:f8:a1:e0:
0e:55:fa:d6:6a:94:dc:01:b1:93:be:52:49:da:f7:
30:19:b7:35:d2:8a:41:f5:cb:f0:f0:b0:70:64:f3:
27:02:07:8c:11:39:34:e4:06:38:d2:9c:3e:5d:05:
c6:f1:c8:d4:f3:30:65:67:cf:75:f3:70:f2:07:b6:
de:b1:f0:40:b1:df:89:ab:bb:c8:ba:2c:63:3e:19:
cc:96:ef:83:d0:84:3c:49:4e:25:cb:d4:64:e9:be:
3e:6b:f2:2b:41:27:3b:b7:8b:6c:58:a0:32:cf:cc:
b3:0f:18:18:2c:20:81:45:3a:6b:50:75:dd:9e:1a:
8c:5b:42:db:8d:49:bb:fd:cb:5e:64:10:b8:df:e1:
ff:f7:21:aa:cf:ee:ba:1d:3f:b4:78:b9:15:13:78:
95:86:ce:61:0c:ca:13:ad:e4:1c:08:ea:16:00:66:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8E:64:B2:69:4B:CA:5D:D9:14:7B:48:B3:01:82:8D:C3:E2:13:68
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/u45ksmlLyl3ZFHtIswGCjcPiE2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c385::/32
2a11:5880::/32
2a11:6506::/32
2a11:7680::/32
2a11:7685::/32
2a11:8300::/32
2a11:b783::/32
2a11:b786::/32
2a11:be84::/32
2a11:c106::/32
2a11:c701::/32
2a11:c704::/32
2a11:cd00::/32
2a11:d080::/32
2a11:d084::/32
2a12:1942::/32
2a12:1cc3::/32
2a12:2c43::/32
2a12:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
b4:46:10:ce:3d:ad:db:f9:2d:d9:cb:10:04:9d:b6:4b:49:49:
a1:40:cc:f4:a3:ee:4b:81:7f:43:c0:0d:a3:d4:02:51:02:fc:
3b:b9:d3:d5:85:ad:b6:c4:66:83:57:3d:a5:12:40:1f:52:6e:
38:de:97:c6:66:bf:6e:dc:0a:59:c7:72:d3:73:7b:07:d6:20:
6c:c0:68:bd:06:6c:d9:7b:80:c7:bd:0d:1e:74:71:0f:f7:82:
e1:a0:f4:34:0c:e4:6d:be:f7:a4:db:0d:48:96:17:76:7f:11:
0a:09:b1:38:9b:fb:12:ba:cf:36:b1:fe:b9:f7:d2:92:97:bf:
1d:c6:e8:79:78:fc:49:53:52:c4:66:9e:48:65:c4:a2:3a:6a:
f3:6f:52:34:45:8e:25:69:f1:b1:75:a2:46:8f:2d:92:b5:d3:
e4:5e:06:94:d9:80:cf:ec:91:07:a0:79:4d:94:a3:60:1b:37:
d4:4f:60:65:57:5e:da:9f:45:3f:2f:6a:89:8a:5e:00:fb:b1:
40:f0:f0:41:01:1d:b3:93:74:40:e4:6b:e9:5b:c7:03:33:74:
f2:ec:e3:b8:86:db:65:fc:65:89:03:c0:9e:b2:ff:cf:40:6e:
f3:11:0f:90:ae:ea:da:00:de:5d:a3:2d:42:22:99:e4:c3:ad:
d4:a2:01:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZfWCjTTqnRjYC7ItRVn+V9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNzA0MTUyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhlNjRiMjY5NGJjYTVkZDkxNDdiNDhiMzAxODI4ZGMzZTIxMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5nhj/Oa2G2a3+qC04xH7v6mEARG
RckRZePvXhvr9NR+i3RKknY31QkakW0ZWzre5Lb3XfAS0rIZUgCfze/EBQUOdupy
pmitGRxifg9cu+VKqi0XXRL4oeAOVfrWapTcAbGTvlJJ2vcwGbc10opB9cvw8LBw
ZPMnAgeMETk05AY40pw+XQXG8cjU8zBlZ89183DyB7besfBAsd+Jq7vIuixjPhnM
lu+D0IQ8SU4ly9Rk6b4+a/IrQSc7t4tsWKAyz8yzDxgYLCCBRTprUHXdnhqMW0Lb
jUm7/cteZBC43+H/9yGqz+66HT+0eLkVE3iVhs5hDMoTreQcCOoWAGYE+wIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFLuOZLJpS8pd2RR7SLMBgo3D4hNoMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvdTQ1a3NtbEx5bDNaRkh0SXN3R0NqY1BpRTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAIwgYUDBQAq
CsOFAwUAKhFYgAMFACoRZQYDBQAqEXaAAwUAKhF2hQMFACoRgwADBQAqEbeDAwUA
KhG3hgMFACoRvoQDBQAqEcEGAwUAKhHHAQMFACoRxwQDBQAqEc0AAwUAKhHQgAMF
ACoR0IQDBQAqEhlCAwUAKhIcwwMFACoSLEMDBQAqEjtAMA0GCSqGSIb3DQEBCwUA
A4IBAQC0RhDOPa3b+S3ZyxAEnbZLSUmhQMz0o+5LgX9DwA2j1AJRAvw7udPVha22
xGaDVz2lEkAfUm443pfGZr9u3ApZx3LTc3sH1iBswGi9BmzZe4DHvQ0edHEP94Lh
oPQ0DORtvvek2w1Ilhd2fxEKCbE4m/sSus82sf6599KSl78dxuh5ePxJU1LEZp5I
ZcSiOmrzb1I0RY4lafGxdaJGjy2StdPkXgaU2YDP7JEHoHlNlKNgGzfUT2BlV17a
n0U/L2qJil4A+7FA8PBBAR2zk3RA5GvpW8cDM3Ty7OO4httl/GWJA8Cesv/PQG7z
EQ+QruraAN5doy1CIpnkw63UogG+
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:44:43 2025 by rpki-client