Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/0z-oyc4dHY_OhKJUFJGi439A6u4.roa
File: 0z-oyc4dHY_OhKJUFJGi439A6u4.roa (raw, json)
Hash identifier: NoS84oJOqN7GlCU6CTbrKPZeTEFMMmSZpBMewedibtU=
Subject key identifier: D3:3F:A8:C9:CE:1D:1D:8F:CE:84:A2:54:14:91:A2:E3:7F:40:EA:EE
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01974B8A34308FB3280CC928A021DD84BE3B
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/0z-oyc4dHY_OhKJUFJGi439A6u4.roa
Signing time: Sat 07 Jun 2025 17:57:17 +0000
ROA not before: Sat 07 Jun 2025 17:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:b682::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Jun 2025 21:18:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:8a:34:30:8f:b3:28:0c:c9:28:a0:21:dd:84:be:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 7 17:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d33fa8c9ce1d1d8fce84a2541491a2e37f40eaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:75:9a:c3:3a:75:71:4a:72:71:4d:f0:fe:7c:
f2:17:8c:92:cc:2f:eb:a4:b3:bf:3a:f9:27:41:a7:
f2:72:ed:5d:62:2a:34:91:f9:a4:9e:47:c9:d4:d8:
f8:f7:a5:6d:26:f9:d2:42:d8:31:e5:8d:92:6e:a4:
40:bd:13:44:e0:6b:34:76:05:69:c5:e0:e6:1f:34:
f2:df:52:b8:fa:52:6a:27:ac:ff:80:ed:38:93:9e:
02:fb:a8:a5:14:79:e1:4a:df:f5:31:f9:e0:7b:de:
be:8f:1c:57:44:d0:23:f7:1a:43:ce:47:0a:60:8e:
43:ad:24:7e:d1:07:40:ff:e6:e4:d2:f9:71:bf:f4:
1c:74:db:c9:a5:a0:bb:1c:91:be:58:32:fa:6f:05:
6e:09:4d:10:4b:70:4c:3d:b8:28:e1:16:a2:3f:f6:
5c:7f:c5:21:ae:ac:4c:93:a9:2e:0e:34:92:b5:86:
90:46:38:90:26:cf:46:cd:60:4a:c7:13:ce:3c:30:
f4:77:a2:b6:3a:68:b8:f5:2b:28:3b:97:2b:e8:c2:
0b:a0:1d:ea:b1:fe:c1:b4:cd:99:be:c3:21:f4:3d:
f5:84:24:13:4d:3d:7c:db:32:64:39:87:41:6b:cb:
90:d8:47:12:0c:0f:c2:a6:c8:68:a8:86:d7:24:ce:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3F:A8:C9:CE:1D:1D:8F:CE:84:A2:54:14:91:A2:E3:7F:40:EA:EE
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/0z-oyc4dHY_OhKJUFJGi439A6u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b682::/32
Signature Algorithm: sha256WithRSAEncryption
70:b5:af:19:ee:7c:0c:11:71:90:db:9f:56:c7:cf:32:74:ea:
6c:17:fa:de:76:8d:2d:92:cc:74:6b:8c:57:6b:e2:1f:6a:ce:
ad:8c:a0:53:0e:ec:bb:d3:79:e8:20:9f:aa:47:c1:48:fc:50:
f3:2e:86:04:c1:c3:19:90:1c:ea:42:56:2a:f0:63:e0:85:6b:
3b:0c:1a:b1:b0:fa:bf:b1:54:50:09:c1:b1:62:03:ae:37:19:
d2:69:9e:75:40:f4:96:32:73:b1:45:b0:14:cd:80:cb:b5:c6:
8b:26:0a:cb:c9:40:76:a7:ba:3b:79:a4:e6:c7:21:53:16:60:
2d:06:35:d1:00:1b:4b:f1:c8:e0:c3:c6:d1:66:3f:43:62:a6:
5d:ab:9a:07:4d:07:8c:a7:5d:07:e8:07:96:74:82:b0:3b:8d:
b6:f3:96:89:a1:a1:f5:dd:ff:c7:72:a1:c5:78:e8:8e:84:9e:
97:b6:b8:83:e6:ec:90:28:8f:53:e8:37:07:26:27:e1:09:48:
ab:a1:ab:70:f3:02:db:87:c4:d0:6a:d2:a8:f8:0b:bb:c3:a4:
94:1f:23:a7:d6:83:58:b5:81:7a:ed:fb:1b:e1:2d:26:67:a6:
11:d7:82:cf:01:d5:4b:6c:32:8e:ea:a0:6c:31:47:28:fc:1b:
b5:b8:ae:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZdLijQwj7MoDMkooCHdhL47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjA3MTc1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNmYThjOWNlMWQxZDhmY2U4NGEyNTQxNDkxYTJlMzdmNDBlYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nWawzp1cUpycU3w/nzyF4ySzC/r
pLO/OvknQafycu1dYio0kfmknkfJ1Nj496VtJvnSQtgx5Y2SbqRAvRNE4Gs0dgVp
xeDmHzTy31K4+lJqJ6z/gO04k54C+6ilFHnhSt/1Mfnge96+jxxXRNAj9xpDzkcK
YI5DrSR+0QdA/+bk0vlxv/QcdNvJpaC7HJG+WDL6bwVuCU0QS3BMPbgo4RaiP/Zc
f8UhrqxMk6kuDjSStYaQRjiQJs9GzWBKxxPOPDD0d6K2Omi49SsoO5cr6MILoB3q
sf7BtM2ZvsMh9D31hCQTTT182zJkOYdBa8uQ2EcSDA/CpshoqIbXJM5LJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNM/qMnOHR2PzoSiVBSRouN/QOruMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvMHotb3ljNGRIWV9PaEtKVUZKR2k0MzlBNnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhG2gjAN
BgkqhkiG9w0BAQsFAAOCAQEAcLWvGe58DBFxkNufVsfPMnTqbBf63naNLZLMdGuM
V2viH2rOrYygUw7su9N56CCfqkfBSPxQ8y6GBMHDGZAc6kJWKvBj4IVrOwwasbD6
v7FUUAnBsWIDrjcZ0mmedUD0ljJzsUWwFM2Ay7XGiyYKy8lAdqe6O3mk5schUxZg
LQY10QAbS/HI4MPG0WY/Q2KmXauaB00HjKddB+gHlnSCsDuNtvOWiaGh9d3/x3Kh
xXjojoSel7a4g+bskCiPU+g3ByYn4QlIq6GrcPMC24fE0GrSqPgLu8OklB8jp9aD
WLWBeu37G+EtJmemEdeCzwHVS2wyjuqgbDFHKPwbtbiuWQ==
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:05:38 2025 by rpki-client