Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/LeYx4wEUMUDguASRBoHcf7NdSNQ.roa
File: LeYx4wEUMUDguASRBoHcf7NdSNQ.roa (raw, json)
Hash identifier: Szmo/d6lDLjQjV1IdixvW+qj+B5y592gMcvER0G4MR4=
Subject key identifier: 2D:E6:31:E3:01:14:31:40:E0:B8:04:91:06:81:DC:7F:B3:5D:48:D4
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 0197F4D376AF87B6B88F724642F7F84A0CF8
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/LeYx4wEUMUDguASRBoHcf7NdSNQ.roa
Signing time: Thu 10 Jul 2025 14:53:08 +0000
ROA not before: Thu 10 Jul 2025 14:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a0a:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Jul 2025 10:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:d3:76:af:87:b6:b8:8f:72:46:42:f7:f8:4a:0c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Jul 10 14:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2de631e301143140e0b804910681dc7fb35d48d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:47:46:20:2f:46:3d:ea:43:b3:09:38:3f:
52:b4:c2:6d:e1:83:69:46:11:da:f4:58:79:4e:24:
95:68:a2:c4:e5:6c:b6:e0:a3:d2:d6:dd:b1:12:73:
57:d0:ae:1b:2d:23:b5:fc:1a:18:22:9f:64:57:11:
eb:b3:b9:cf:c9:b1:5e:be:22:00:1c:3f:43:91:a8:
71:81:45:67:d2:11:38:64:fa:ea:87:f5:ac:41:af:
99:0d:d6:9f:71:79:9f:bb:1a:04:df:7c:a1:9a:3e:
1b:4a:ec:2c:fa:91:aa:a0:b8:6f:dc:d7:40:97:bf:
f5:9c:cc:c8:a0:1b:ce:de:5a:17:57:d4:12:8d:99:
05:28:f4:b7:1f:1a:d2:44:d5:48:19:f0:51:5d:9c:
a6:44:44:e7:01:f7:39:21:0e:f7:56:6b:97:9b:4f:
9b:32:b0:e7:2f:46:c6:b5:8c:94:b5:38:bd:66:11:
5c:88:13:f1:ad:fb:05:bb:28:22:87:09:5a:50:23:
6d:4a:b8:b4:1d:74:33:51:15:08:6a:f5:83:f8:fa:
0d:28:21:84:e1:bd:07:51:d0:db:79:5d:34:12:36:
b3:d8:25:86:d4:e6:6e:6a:17:3e:4b:4b:9f:20:6f:
a8:e2:8e:dc:43:34:91:00:8f:24:ea:f8:62:2b:18:
ae:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E6:31:E3:01:14:31:40:E0:B8:04:91:06:81:DC:7F:B3:5D:48:D4
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/LeYx4wEUMUDguASRBoHcf7NdSNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
1a:98:14:6a:08:5a:8a:22:fa:d6:c5:4a:30:47:c9:fb:41:66:
24:38:8c:80:28:25:86:a3:35:fe:43:fc:39:65:79:5d:bd:9e:
46:02:7c:70:34:21:a3:e0:98:a7:72:08:e4:21:9c:1c:13:e6:
f1:5f:73:e8:9d:0d:17:12:6f:c1:9c:4b:a8:13:c6:1a:0d:20:
17:34:d6:72:bf:77:a1:fd:d7:a9:45:52:3a:f0:7e:34:98:0a:
02:62:08:dd:7d:48:79:09:3e:dd:82:9f:83:d2:75:64:47:69:
d6:d1:f7:f0:9d:0e:d6:db:1d:3a:05:9b:c8:d0:37:79:30:4d:
8c:02:7b:4b:2f:23:5a:b7:22:7f:e7:d8:82:a3:06:df:3e:6e:
60:47:da:19:62:f2:03:a5:03:c6:51:f8:35:97:7e:08:cc:51:
ff:d1:1d:57:05:65:45:8d:d1:be:09:8b:02:4d:9d:b2:46:c0:
fd:bf:3d:08:58:33:8f:1e:6c:b2:78:d7:8f:04:43:c7:64:af:
cd:52:94:cc:37:02:b6:37:24:70:3b:99:e4:79:b4:f0:26:2f:
44:ce:29:60:43:71:d1:56:52:fd:ed:e1:36:c0:f4:99:46:33:
5d:03:da:13:78:5b:27:51:bb:a6:86:c3:7e:85:cd:ce:4b:ce:
34:81:d9:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf003avh7a4j3JGQvf4Sgz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjUwNzEwMTQ1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU2MzFlMzAxMTQzMTQwZTBiODA0OTEwNjgxZGM3ZmIzNWQ0OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7xHRiAvRj3qQ7MJOD9StMJt4YNp
RhHa9Fh5TiSVaKLE5Wy24KPS1t2xEnNX0K4bLSO1/BoYIp9kVxHrs7nPybFeviIA
HD9DkahxgUVn0hE4ZPrqh/WsQa+ZDdafcXmfuxoE33yhmj4bSuws+pGqoLhv3NdA
l7/1nMzIoBvO3loXV9QSjZkFKPS3HxrSRNVIGfBRXZymRETnAfc5IQ73VmuXm0+b
MrDnL0bGtYyUtTi9ZhFciBPxrfsFuygihwlaUCNtSri0HXQzURUIavWD+PoNKCGE
4b0HUdDbeV00Ejaz2CWG1OZuahc+S0ufIG+o4o7cQzSRAI8k6vhiKxiuJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC3mMeMBFDFA4LgEkQaB3H+zXUjUMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvTGVZeDR3RVVNVURndUFTUkJvSGNmN05kU05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgofQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGpgUaghaiiL61sVKMEfJ+0FmJDiMgCglhqM1/kP8
OWV5Xb2eRgJ8cDQho+CYp3II5CGcHBPm8V9z6J0NFxJvwZxLqBPGGg0gFzTWcr93
of3XqUVSOvB+NJgKAmII3X1IeQk+3YKfg9J1ZEdp1tH38J0O1tsdOgWbyNA3eTBN
jAJ7Sy8jWrcif+fYgqMG3z5uYEfaGWLyA6UDxlH4NZd+CMxR/9EdVwVlRY3RvgmL
Ak2dskbA/b89CFgzjx5ssnjXjwRDx2SvzVKUzDcCtjckcDuZ5Hm08CYvRM4pYENx
0VZS/e3hNsD0mUYzXQPaE3hbJ1G7pobDfoXNzkvONIHZxQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:25:38 2025 by rpki-client