Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/uoXg2A3I26WSuAKTw7Rxi7818Z8.roa
File: uoXg2A3I26WSuAKTw7Rxi7818Z8.roa (raw, json)
Hash identifier: YxHGKXDtE/PoBjIUGeCaS5nV2jY6jPIk82mAAjnVqtc=
Subject key identifier: BA:85:E0:D8:0D:C8:DB:A5:92:B8:02:93:C3:B4:71:8B:BF:35:F1:9F
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 0197F4D28CBF010FBBEEAD34BC966BFF0A8C
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/uoXg2A3I26WSuAKTw7Rxi7818Z8.roa
Signing time: Thu 10 Jul 2025 14:52:08 +0000
ROA not before: Thu 10 Jul 2025 14:52:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 2a09:dc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Jul 2025 10:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:d2:8c:bf:01:0f:bb:ee:ad:34:bc:96:6b:ff:0a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Jul 10 14:52:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba85e0d80dc8dba592b80293c3b4718bbf35f19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:94:a2:e9:b3:64:21:ae:63:73:6e:0d:da:
1d:4b:6c:79:fe:0a:a2:4e:51:c4:8b:cf:94:e5:1e:
af:2b:6a:57:17:d8:13:df:08:7d:f3:5e:51:c5:a2:
06:b3:8b:1e:d0:e7:c4:fd:d6:22:98:b5:dc:88:ed:
69:d5:6e:a3:ae:d5:d3:8e:05:57:6d:3d:60:07:a3:
c5:21:e4:80:00:34:30:53:c7:d4:7c:13:9b:d6:45:
36:df:9d:c2:4c:4d:6c:e3:c4:6b:45:d9:09:e8:24:
df:79:d6:a8:cb:d5:88:a0:d0:3d:ac:3d:53:2e:f5:
48:dc:4d:1e:9a:0c:ba:fe:d5:62:af:3e:61:69:c9:
e4:b6:7e:48:ac:e4:18:dd:ff:7c:8b:4b:da:f2:8b:
5c:df:29:f0:94:99:64:05:9b:8d:dd:2f:44:74:fd:
12:63:a9:37:f7:e9:80:4f:da:48:65:59:a2:d0:fe:
a2:8d:f9:b8:26:fd:5b:e1:ee:12:d4:4c:d3:67:05:
ed:7e:d7:69:a5:03:dc:f1:dc:db:5e:6c:8f:e5:cf:
4e:25:67:24:f6:dd:07:38:e7:a6:d7:2a:6c:cf:0f:
3a:6f:3b:1e:5d:b5:0b:b1:43:93:b0:27:8f:38:09:
89:0b:83:29:03:1e:65:05:2c:a1:b0:e0:f5:32:5c:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:85:E0:D8:0D:C8:DB:A5:92:B8:02:93:C3:B4:71:8B:BF:35:F1:9F
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/uoXg2A3I26WSuAKTw7Rxi7818Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
48:6d:d2:8e:6f:13:41:40:87:f8:60:99:88:7a:d0:c0:da:9d:
b7:86:88:85:51:37:fc:2e:0e:49:4e:07:6f:ff:60:41:83:a8:
7c:f5:4b:b0:cf:96:f4:c1:a6:a8:2e:79:b4:52:ff:e3:34:03:
29:9e:e7:dc:57:70:28:ce:db:d9:91:fc:1e:d6:ae:23:30:e8:
4c:f3:dd:f2:c9:07:60:0a:dd:35:d0:23:ad:92:8f:4c:52:04:
9d:b5:a5:aa:35:79:8d:e9:89:fb:2b:80:14:95:48:83:ef:31:
a4:fd:6b:a1:de:b5:e7:cb:31:29:d6:61:bf:24:b3:e3:eb:0a:
4d:70:05:62:58:95:e3:d8:d7:4a:b4:d8:43:de:46:72:44:84:
3b:d7:c7:30:b1:f6:09:8f:5d:71:bc:20:02:6b:32:61:e8:39:
b7:e8:93:83:05:fa:d1:b0:13:1f:db:5a:76:5a:3f:9e:65:e3:
bb:c2:6a:00:39:f2:2f:67:2d:6e:07:99:04:41:72:dd:29:c3:
46:af:3b:8f:2a:52:01:5f:e8:9a:e9:ff:47:67:04:83:b7:54:
18:e6:d0:59:b7:72:b6:9f:5d:b5:4e:0d:d8:0b:74:16:2b:84:
5c:9e:ad:42:82:9f:a9:e6:12:67:a8:2b:26:ee:ed:2f:0b:f4:
1a:39:00:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZf00oy/AQ+77q00vJZr/wqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjUwNzEwMTQ1MjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg1ZTBkODBkYzhkYmE1OTJiODAyOTNjM2I0NzE4YmJmMzVmMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzCUoumzZCGuY3NuDdodS2x5/gqi
TlHEi8+U5R6vK2pXF9gT3wh9815RxaIGs4se0OfE/dYimLXciO1p1W6jrtXTjgVX
bT1gB6PFIeSAADQwU8fUfBOb1kU2353CTE1s48RrRdkJ6CTfedaoy9WIoNA9rD1T
LvVI3E0emgy6/tVirz5hacnktn5IrOQY3f98i0va8otc3ynwlJlkBZuN3S9EdP0S
Y6k39+mAT9pIZVmi0P6ijfm4Jv1b4e4S1EzTZwXtftdppQPc8dzbXmyP5c9OJWck
9t0HOOem1ypszw86bzseXbULsUOTsCePOAmJC4MpAx5lBSyhsOD1MlynDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLqF4NgNyNulkrgCk8O0cYu/NfGfMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvdW9YZzJBM0kyNldTdUFLVHc3UnhpNzgxOFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgncADAN
BgkqhkiG9w0BAQsFAAOCAQEASG3Sjm8TQUCH+GCZiHrQwNqdt4aIhVE3/C4OSU4H
b/9gQYOofPVLsM+W9MGmqC55tFL/4zQDKZ7n3FdwKM7b2ZH8HtauIzDoTPPd8skH
YArdNdAjrZKPTFIEnbWlqjV5jemJ+yuAFJVIg+8xpP1rod6158sxKdZhvySz4+sK
TXAFYliV49jXSrTYQ95GckSEO9fHMLH2CY9dcbwgAmsyYeg5t+iTgwX60bATH9ta
dlo/nmXju8JqADnyL2ctbgeZBEFy3SnDRq87jypSAV/omun/R2cEg7dUGObQWbdy
tp9dtU4N2At0FiuEXJ6tQoKfqeYSZ6grJu7tLwv0GjkAhA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:37:43 2025 by rpki-client