Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/TAc5ATmjqKe-EFGnGTwf0QGQ5OM.roa
File: TAc5ATmjqKe-EFGnGTwf0QGQ5OM.roa (raw, json)
Hash identifier: YP+WHFXs9q6hTIrg/4Smg81AtipmwUk99s8RGMVQFLg=
Subject key identifier: 4C:07:39:01:39:A3:A8:A7:BE:10:51:A7:19:3C:1F:D1:01:90:E4:E3
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 0197F4D3778696F942CC9FF8297EFED030AF
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/TAc5ATmjqKe-EFGnGTwf0QGQ5OM.roa
Signing time: Thu 10 Jul 2025 14:53:08 +0000
ROA not before: Thu 10 Jul 2025 14:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397651
IP address blocks: 2a0a:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Jul 2025 10:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:d3:77:86:96:f9:42:cc:9f:f8:29:7e:fe:d0:30:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Jul 10 14:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c07390139a3a8a7be1051a7193c1fd10190e4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:74:ae:7d:9a:6c:a9:b3:a5:28:62:89:dc:11:
67:fc:da:45:a1:bf:df:1f:bb:bf:98:a3:b2:dc:67:
c5:24:19:6a:ec:91:b2:8d:d9:57:b3:9e:71:89:dd:
55:6c:6f:5f:2b:9e:e3:de:74:22:7a:70:c0:0a:22:
fa:a8:bc:ea:ce:34:fe:6f:7d:dd:b1:26:e6:4b:e7:
52:d4:69:dc:3c:3c:cb:f6:61:1d:72:cf:22:f3:ee:
f3:ce:0f:17:e3:e8:8a:9f:b7:66:ce:5d:ea:78:4d:
75:46:9e:aa:61:e1:48:6d:6a:bc:41:64:4a:dd:4b:
d6:e4:e7:59:54:25:8e:af:df:df:8b:76:05:90:41:
84:84:d5:0d:3d:4a:1c:90:73:00:bb:10:d3:2e:6f:
85:20:a2:78:59:fe:46:a1:bd:b5:06:94:42:d5:9e:
4e:1d:99:15:5b:b2:74:3d:f0:f5:b0:83:dd:57:b7:
56:62:5e:53:3d:a6:8a:29:db:11:5d:d6:61:63:10:
9b:9c:b0:c1:f9:6f:32:81:29:09:f8:5e:10:d8:d1:
92:aa:1a:eb:d6:e7:ac:5a:15:e2:74:82:04:78:7e:
bd:86:2c:24:6c:25:cd:7e:34:f1:b1:8c:47:ba:85:
76:e4:72:d5:99:e7:f2:c6:92:56:0a:81:20:29:01:
f3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:07:39:01:39:A3:A8:A7:BE:10:51:A7:19:3C:1F:D1:01:90:E4:E3
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/TAc5ATmjqKe-EFGnGTwf0QGQ5OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
6e:ae:ce:7e:57:75:c1:e3:80:cf:3b:3b:cd:70:3f:ad:76:68:
8e:a0:6f:b3:7d:ce:84:95:67:3a:ae:24:31:96:b9:b1:33:e9:
8e:c7:5f:0e:06:31:c4:75:f5:d9:6d:08:ab:d4:8a:8e:4f:eb:
cc:72:61:b0:58:40:db:87:b2:d3:4e:23:ed:fa:3d:06:51:cb:
30:fa:94:74:1d:85:1b:f8:ac:d7:cc:61:02:9b:6b:5d:a0:06:
46:a0:c6:17:9d:a8:6a:76:8a:87:78:2f:87:1d:04:12:50:fb:
58:86:dd:36:d3:28:ef:99:c2:2d:8b:c3:9f:72:2b:5b:bf:fb:
5c:a2:67:bd:c3:be:e5:67:a7:a3:53:ee:d7:e5:8d:ec:bf:42:
5f:b0:6b:9e:58:28:0f:a0:da:2a:ce:01:02:4b:dd:c2:af:18:
ed:83:b8:a0:07:e6:31:c5:27:99:a0:fc:74:f7:86:33:83:bc:
86:2b:78:16:6b:19:17:de:2f:b0:f7:8a:71:59:ae:6d:6d:f5:
06:e3:f2:d2:8f:06:9e:ff:d2:33:66:1c:92:32:a4:7f:26:5d:
57:c0:28:d6:ea:7c:1b:f3:da:f7:6b:32:4d:e7:fa:76:d7:ed:
1a:03:ec:32:9f:0d:60:a0:b1:f1:a9:53:19:96:d9:7b:0e:29:
8b:16:e7:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf003eGlvlCzJ/4KX7+0DCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjUwNzEwMTQ1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzA3MzkwMTM5YTNhOGE3YmUxMDUxYTcxOTNjMWZkMTAxOTBlNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnSufZpsqbOlKGKJ3BFn/NpFob/f
H7u/mKOy3GfFJBlq7JGyjdlXs55xid1VbG9fK57j3nQienDACiL6qLzqzjT+b33d
sSbmS+dS1GncPDzL9mEdcs8i8+7zzg8X4+iKn7dmzl3qeE11Rp6qYeFIbWq8QWRK
3UvW5OdZVCWOr9/fi3YFkEGEhNUNPUockHMAuxDTLm+FIKJ4Wf5Gob21BpRC1Z5O
HZkVW7J0PfD1sIPdV7dWYl5TPaaKKdsRXdZhYxCbnLDB+W8ygSkJ+F4Q2NGSqhrr
1uesWhXidIIEeH69hiwkbCXNfjTxsYxHuoV25HLVmefyxpJWCoEgKQHzIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEwHOQE5o6invhBRpxk8H9EBkOTjMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvVEFjNUFUbWpxS2UtRUZHbkdUd2YwUUdRNU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgofQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbq7Ofld1weOAzzs7zXA/rXZojqBvs33OhJVnOq4k
MZa5sTPpjsdfDgYxxHX12W0Iq9SKjk/rzHJhsFhA24ey004j7fo9BlHLMPqUdB2F
G/is18xhAptrXaAGRqDGF52oanaKh3gvhx0EElD7WIbdNtMo75nCLYvDn3IrW7/7
XKJnvcO+5Weno1Pu1+WN7L9CX7BrnlgoD6DaKs4BAkvdwq8Y7YO4oAfmMcUnmaD8
dPeGM4O8hit4FmsZF94vsPeKcVmubW31BuPy0o8Gnv/SM2YckjKkfyZdV8Ao1up8
G/Pa92syTef6dtftGgPsMp8NYKCx8alTGZbZew4pixbntQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:28:16 2025 by rpki-client