Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/DYtX1NLGPc6V6DzndhvOMnP-ST4.roa
File: DYtX1NLGPc6V6DzndhvOMnP-ST4.roa (raw, json)
Hash identifier: SYjxagOsfKa9ImN1AhiQcjOX55+v9yFk5R4nzkt1N0g=
Subject key identifier: 0D:8B:57:D4:D2:C6:3D:CE:95:E8:3C:E7:76:1B:CE:32:73:FE:49:3E
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 019731FE973ED7781FD026F6330226C8206A
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/DYtX1NLGPc6V6DzndhvOMnP-ST4.roa
Signing time: Mon 02 Jun 2025 18:54:17 +0000
ROA not before: Mon 02 Jun 2025 18:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3701::/32 maxlen: 32
2a0c:ac0::/32 maxlen: 32
2a0d:adc2::/32 maxlen: 32
2a0d:adc7::/32 maxlen: 32
2a11:5a41::/32 maxlen: 32
2a11:5a45::/32 maxlen: 32
2a12:7307::/32 maxlen: 32
2a14:9701::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 17:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:fe:97:3e:d7:78:1f:d0:26:f6:33:02:26:c8:20:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 2 18:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d8b57d4d2c63dce95e83ce7761bce3273fe493e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:4a:f6:0f:2d:d8:16:32:b6:0d:8e:16:5c:
a4:c4:c6:cc:91:8e:6d:a8:db:e6:5b:55:07:4c:45:
5c:09:a4:0e:7a:c8:0f:fb:33:9a:d4:75:44:ac:a2:
36:94:c5:72:4f:5f:da:10:d1:52:cd:4b:bf:c6:96:
45:fc:a1:fd:66:aa:ee:08:5b:3e:08:ce:12:cf:ec:
2d:2b:55:0c:33:16:84:5e:a3:4c:16:dd:79:fd:5f:
cf:c1:b0:6b:d4:18:d0:00:2e:0f:a0:ba:a1:06:21:
d1:e2:63:a3:25:0b:9c:c7:6b:2e:b1:3f:7d:a7:39:
f1:9a:b5:6a:47:3a:5e:0b:98:40:b2:4c:b7:62:0c:
20:61:2d:bc:89:1b:61:ff:f2:de:bf:0d:b9:5a:20:
93:41:44:32:ff:33:e8:34:34:b8:b4:3f:be:9b:aa:
22:44:f8:20:d2:4e:ab:41:be:87:91:17:79:50:c7:
88:67:70:f8:d7:f0:8a:ac:6b:97:1e:3f:08:06:41:
41:f2:94:86:3b:36:f7:d5:01:f8:40:67:77:38:e5:
84:c4:bc:26:c2:fd:96:bd:03:b8:67:b6:18:be:d5:
54:90:61:fd:88:45:05:bd:5d:e0:f7:9c:87:16:68:
e8:7c:2f:37:76:0c:4a:1f:5e:ce:3b:1a:da:a5:93:
47:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8B:57:D4:D2:C6:3D:CE:95:E8:3C:E7:76:1B:CE:32:73:FE:49:3E
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/DYtX1NLGPc6V6DzndhvOMnP-ST4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3701::/32
2a0c:ac0::/32
2a0d:adc2::/32
2a0d:adc7::/32
2a11:5a41::/32
2a11:5a45::/32
2a12:7307::/32
2a14:9701::/32
Signature Algorithm: sha256WithRSAEncryption
39:73:e3:93:c4:6d:43:28:8a:20:eb:91:29:c8:10:bc:f5:4a:
77:e5:ad:cd:62:84:f6:61:57:8b:5a:3a:fc:7e:e8:70:4e:e0:
5c:04:49:09:93:d6:12:d6:3b:17:84:0a:23:8f:5e:9f:cd:c5:
cf:bf:04:bc:c1:f1:c5:b4:21:f3:73:d9:9d:95:2a:6a:66:c5:
c6:e6:c6:df:ff:4e:80:14:75:72:6f:e2:7e:86:8f:60:6a:c3:
08:5e:19:8d:f0:bd:f8:96:46:0b:c9:2e:31:cc:cb:69:5d:af:
84:44:a2:e3:ec:4d:8b:70:b5:ed:1f:7e:b1:7c:7d:eb:c0:e0:
09:84:19:dc:11:3e:6a:b7:74:34:ad:d2:3b:1d:69:e4:70:25:
ba:5c:1c:ec:a4:b9:b6:47:95:a9:8a:13:62:21:17:f7:c1:aa:
fe:b4:11:78:c0:99:bc:ce:32:9b:03:52:b2:31:25:c6:c5:50:
a7:8a:40:67:c1:2b:c6:69:e6:b8:63:07:53:bf:1d:92:68:62:
d5:c3:9f:05:5d:0a:61:c0:a1:1c:96:19:b9:13:13:a1:73:88:
4a:7c:44:1d:e6:f1:9f:8e:00:7a:2c:f7:de:5d:da:9b:23:3e:
b0:b8:ec:dd:26:e4:45:2f:94:a2:96:fd:18:fc:3a:e7:e9:77:
de:67:48:c3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZcx/pc+13gf0Cb2MwImyCBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjAyMTg1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhiNTdkNGQyYzYzZGNlOTVlODNjZTc3NjFiY2UzMjczZmU0OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvltK9g8t2BYytg2OFlykxMbMkY5t
qNvmW1UHTEVcCaQOesgP+zOa1HVErKI2lMVyT1/aENFSzUu/xpZF/KH9ZqruCFs+
CM4Sz+wtK1UMMxaEXqNMFt15/V/PwbBr1BjQAC4PoLqhBiHR4mOjJQucx2susT99
pznxmrVqRzpeC5hAsky3YgwgYS28iRth//Levw25WiCTQUQy/zPoNDS4tD++m6oi
RPgg0k6rQb6HkRd5UMeIZ3D41/CKrGuXHj8IBkFB8pSGOzb31QH4QGd3OOWExLwm
wv2WvQO4Z7YYvtVUkGH9iEUFvV3g95yHFmjofC83dgxKH17OOxrapZNHBwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFA2LV9TSxj3Oleg853YbzjJz/kk+MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvRFl0WDFOTEdQYzZWNkR6bmRodk9NblAtU1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgk3AQMF
ACoMCsADBQAqDa3CAwUAKg2txwMFACoRWkEDBQAqEVpFAwUAKhJzBwMFACoUlwEw
DQYJKoZIhvcNAQELBQADggEBADlz45PEbUMoiiDrkSnIELz1Snflrc1ihPZhV4ta
Ovx+6HBO4FwESQmT1hLWOxeECiOPXp/Nxc+/BLzB8cW0IfNz2Z2VKmpmxcbmxt//
ToAUdXJv4n6Gj2BqwwheGY3wvfiWRgvJLjHMy2ldr4REouPsTYtwte0ffrF8fevA
4AmEGdwRPmq3dDSt0jsdaeRwJbpcHOykubZHlamKE2IhF/fBqv60EXjAmbzOMpsD
UrIxJcbFUKeKQGfBK8Zp5rhjB1O/HZJoYtXDnwVdCmHAoRyWGbkTE6FziEp8RB3m
8Z+OAHos995d2psjPrC47N0m5EUvlKKW/Rj8Oufpd95nSMM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:12:13 2025 by rpki-client