Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4grfkCQMX5atrW3iV3I12zmkBc4.roa
File: 4grfkCQMX5atrW3iV3I12zmkBc4.roa (raw, json)
Hash identifier: 5FhE0PGUEFaXnA1D6SOq6Iz8pFpEYtzgBxjEvmitXX8=
Subject key identifier: E2:0A:DF:90:24:0C:5F:96:AD:AD:6D:E2:57:72:35:DB:39:A4:05:CE
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01978970D7C3A730F1981E8A30CF1338D199
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4grfkCQMX5atrW3iV3I12zmkBc4.roa
Signing time: Thu 19 Jun 2025 18:26:03 +0000
ROA not before: Thu 19 Jun 2025 18:26:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:4346::/32 maxlen: 32
2a11:15c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Jun 2025 10:40:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:89:70:d7:c3:a7:30:f1:98:1e:8a:30:cf:13:38:d1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 19 18:26:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e20adf90240c5f96adad6de2577235db39a405ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1e:8b:16:89:2f:97:9b:85:e7:a6:4d:ae:4d:
aa:e0:e0:6b:3f:3c:a2:32:d7:58:e1:fd:9e:65:02:
f6:d1:77:75:da:b5:36:71:86:58:41:80:c3:15:3a:
91:84:9a:b4:77:ee:53:a7:31:a6:13:ac:67:cc:46:
8b:89:49:d0:53:c1:e5:63:df:0d:3c:a9:b4:b0:22:
5a:0d:19:1b:8b:f6:38:70:69:a2:d9:9e:f4:8a:0b:
58:2a:27:d4:e9:5c:fc:3b:32:29:52:a4:ad:e8:23:
7d:b8:27:c4:b0:fe:c5:f1:b5:88:92:39:90:a2:3f:
02:02:6d:d7:a0:61:31:28:1b:71:ee:ee:8b:f4:0e:
33:0e:ba:78:cc:8e:54:ea:5d:c7:43:6d:43:e8:fb:
19:88:a8:44:dc:d8:85:6d:1f:2a:01:af:c1:cb:cd:
cc:4a:65:11:3b:e8:dc:68:73:02:dc:6e:a5:19:3a:
19:37:6e:f0:7a:fc:c2:f3:38:32:da:c7:5b:6e:fa:
5e:55:21:24:f3:1f:bc:8d:7c:08:20:5e:80:da:c8:
82:3b:e0:4d:3a:cf:e3:13:62:55:c9:4c:2e:6c:56:
1e:6c:a7:81:f2:01:f0:d5:d3:b5:26:91:d5:3a:a7:
70:3b:2b:e5:0d:6b:6d:db:b2:00:57:64:0d:7c:49:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0A:DF:90:24:0C:5F:96:AD:AD:6D:E2:57:72:35:DB:39:A4:05:CE
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/4grfkCQMX5atrW3iV3I12zmkBc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4346::/32
2a11:15c1::/32
Signature Algorithm: sha256WithRSAEncryption
39:f0:a8:ae:f5:a6:a9:66:81:26:4f:f5:a0:b2:ba:66:df:a3:
f3:73:72:71:52:0e:06:bf:00:ed:4c:d5:94:5b:bd:b9:79:92:
79:ad:28:ef:9e:f3:11:f3:03:e6:cf:b7:61:d1:38:6a:bb:b8:
c7:fa:9c:8d:ee:80:9d:37:6d:b7:55:94:97:f2:ac:fd:47:10:
37:f0:b7:42:1e:46:88:e3:2d:f1:26:36:64:8e:dd:91:c8:09:
1b:3c:40:5c:09:2c:39:8e:4d:79:7e:30:26:73:98:25:52:85:
f7:b5:fb:93:fb:36:ba:9d:d3:d8:16:7d:59:d0:99:1f:11:2c:
4a:b5:95:dd:29:15:fa:5d:3d:de:58:cb:42:0c:89:00:36:a4:
11:5c:4e:66:bd:de:89:bb:90:61:8a:53:7f:58:36:7d:c7:f1:
96:d7:b1:60:db:59:62:f7:7e:c9:16:ad:1d:d1:29:8b:86:09:
d5:f0:3b:9c:85:07:e4:d0:4b:6f:fa:64:85:c5:e0:9a:f3:49:
96:d9:e7:86:d3:cc:ec:c4:8b:4e:f4:e7:ad:af:bd:3b:90:ae:
f5:8f:36:41:ae:3b:e7:07:6b:b7:0f:5e:ac:96:a1:a2:8c:a9:
9e:5f:8a:fb:bf:b2:85:20:54:22:34:b2:c2:91:75:66:cb:88:
e7:5e:64:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZeJcNfDpzDxmB6KMM8TONGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjE5MTgyNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjBhZGY5MDI0MGM1Zjk2YWRhZDZkZTI1NzcyMzVkYjM5YTQwNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh6LFokvl5uF56ZNrk2q4OBrPzyi
MtdY4f2eZQL20Xd12rU2cYZYQYDDFTqRhJq0d+5TpzGmE6xnzEaLiUnQU8HlY98N
PKm0sCJaDRkbi/Y4cGmi2Z70igtYKifU6Vz8OzIpUqSt6CN9uCfEsP7F8bWIkjmQ
oj8CAm3XoGExKBtx7u6L9A4zDrp4zI5U6l3HQ21D6PsZiKhE3NiFbR8qAa/By83M
SmURO+jcaHMC3G6lGToZN27wevzC8zgy2sdbbvpeVSEk8x+8jXwIIF6A2siCO+BN
Os/jE2JVyUwubFYebKeB8gHw1dO1JpHVOqdwOyvlDWtt27IAV2QNfEk2MQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOIK35AkDF+Wra1t4ldyNds5pAXOMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvNGdyZmtDUU1YNWF0clczaVYzSTEyem1rQmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5DRgMF
ACoRFcEwDQYJKoZIhvcNAQELBQADggEBADnwqK71pqlmgSZP9aCyumbfo/NzcnFS
Dga/AO1M1ZRbvbl5knmtKO+e8xHzA+bPt2HROGq7uMf6nI3ugJ03bbdVlJfyrP1H
EDfwt0IeRojjLfEmNmSO3ZHICRs8QFwJLDmOTXl+MCZzmCVShfe1+5P7Nrqd09gW
fVnQmR8RLEq1ld0pFfpdPd5Yy0IMiQA2pBFcTma93om7kGGKU39YNn3H8ZbXsWDb
WWL3fskWrR3RKYuGCdXwO5yFB+TQS2/6ZIXF4JrzSZbZ54bTzOzEi070562vvTuQ
rvWPNkGuO+cHa7cPXqyWoaKMqZ5fivu/soUgVCI0ssKRdWbLiOdeZBk=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:50:00 2025 by rpki-client