Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OGIu0fYHtRHcl6rQQrST399v-No.roa
File: OGIu0fYHtRHcl6rQQrST399v-No.roa (raw, json)
Hash identifier: WDAXVL+2+UrAVuBkezcwNfxHxnSUrEMtAp+SoDebrdY=
Subject key identifier: 38:62:2E:D1:F6:07:B5:11:DC:97:AA:D0:42:B4:93:DF:DF:6F:F8:DA
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197CFA53E6660CDE986DAC99A6E52AEDEA5
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OGIu0fYHtRHcl6rQQrST399v-No.roa
Signing time: Thu 03 Jul 2025 09:36:42 +0000
ROA not before: Thu 03 Jul 2025 09:36:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:f04::/32 maxlen: 32
2a0e:f07::/32 maxlen: 32
2a0e:67c5::/32 maxlen: 32
2a11:15c1::/32 maxlen: 32
2a11:3180::/32 maxlen: 32
2a11:4a04::/32 maxlen: 32
2a11:4a07::/32 maxlen: 32
2a11:7883::/32 maxlen: 32
2a11:8500::/32 maxlen: 32
2a11:8507::/32 maxlen: 32
2a12:4144::/32 maxlen: 32
2a12:4147::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Jul 2025 15:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:a5:3e:66:60:cd:e9:86:da:c9:9a:6e:52:ae:de:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 3 09:36:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38622ed1f607b511dc97aad042b493dfdf6ff8da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:53:eb:4a:f0:61:92:31:1f:63:ec:f7:3d:0b:
a9:2f:ed:c7:de:82:8d:70:c2:16:2b:5e:b8:3b:b5:
89:6c:6b:77:47:34:e0:5d:08:db:90:fb:b4:49:04:
32:b6:f8:d5:35:d4:77:37:1e:ca:3b:33:25:02:84:
02:e1:21:75:b6:b6:b1:72:bf:c4:e7:f2:ad:d1:c5:
84:82:8b:bc:3b:38:6d:b7:d3:21:48:5c:dc:8d:2c:
f6:03:3f:8e:e9:2c:36:12:02:9f:65:05:fb:14:37:
67:b9:25:b3:ea:db:54:78:a5:7e:c1:4f:12:6d:33:
72:25:06:db:94:0a:13:c0:d9:38:68:97:bb:71:83:
d5:b6:06:e2:0a:fd:62:c0:73:0a:b0:84:08:5e:c1:
8f:9a:76:90:53:d1:b6:ae:df:f2:32:e0:4f:27:9b:
ff:39:e6:bb:8c:b7:cf:2b:ff:e7:43:e6:bb:84:13:
3e:28:d7:92:a4:0d:75:24:19:0d:d3:4a:ee:58:cc:
60:d9:f0:f9:cd:4e:3c:8a:c7:0c:80:19:23:fa:04:
18:e2:3e:82:ac:ad:7e:cb:97:f7:f1:e9:62:3e:52:
5e:12:e8:ef:2c:63:4c:7d:7c:a5:2e:ed:21:aa:4d:
64:c1:ce:bb:ec:fb:db:b0:a1:6f:8a:75:d6:3d:f1:
74:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:62:2E:D1:F6:07:B5:11:DC:97:AA:D0:42:B4:93:DF:DF:6F:F8:DA
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OGIu0fYHtRHcl6rQQrST399v-No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f04::/32
2a0e:f07::/32
2a0e:67c5::/32
2a11:15c1::/32
2a11:3180::/32
2a11:4a04::/32
2a11:4a07::/32
2a11:7883::/32
2a11:8500::/32
2a11:8507::/32
2a12:4144::/32
2a12:4147::/32
Signature Algorithm: sha256WithRSAEncryption
a1:f9:4a:3b:69:1e:59:bc:68:79:ef:e3:7d:01:37:cb:8a:06:
33:cc:03:6c:0a:49:85:4b:4e:41:9d:4c:10:18:69:b2:bb:85:
a3:58:25:51:e5:11:64:54:de:06:0b:d6:f0:95:44:0b:9c:24:
21:05:b7:09:c0:7f:31:0b:ed:88:00:fb:71:73:57:8d:73:cc:
b5:fb:53:16:dc:87:e0:05:ff:76:81:6f:5a:d7:12:85:63:70:
1c:a0:51:9a:1c:1c:b6:50:f2:f3:7d:34:e6:e8:15:64:06:3e:
ae:cb:8c:61:c8:25:34:cc:38:c3:73:c1:28:e0:37:63:92:ee:
f3:6f:cf:bb:db:31:85:a4:80:4b:42:77:ee:82:24:02:11:5d:
0e:ae:95:65:b1:29:a5:12:3e:13:2d:ad:64:77:b0:79:5d:6c:
1b:e5:6a:b6:2a:42:70:e2:28:ef:cf:bd:26:3e:ee:a9:26:51:
92:3f:5f:ee:78:a4:3e:a3:87:8b:76:81:c4:cf:45:3b:3c:b0:
7a:a7:f0:48:66:9e:7f:99:36:09:20:30:48:85:44:8d:82:15:
d0:18:b7:42:42:dc:f0:87:20:e5:19:a1:38:e2:c4:17:c5:d5:
03:18:6c:82:e8:ff:50:09:fb:aa:e3:eb:c2:22:cd:00:61:5c:
ec:ca:22:00
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZfPpT5mYM3phtrJmm5Srt6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNzAzMDkzNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODYyMmVkMWY2MDdiNTExZGM5N2FhZDA0MmI0OTNkZmRmNmZmOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylPrSvBhkjEfY+z3PQupL+3H3oKN
cMIWK164O7WJbGt3RzTgXQjbkPu0SQQytvjVNdR3Nx7KOzMlAoQC4SF1traxcr/E
5/Kt0cWEgou8Ozhtt9MhSFzcjSz2Az+O6Sw2EgKfZQX7FDdnuSWz6ttUeKV+wU8S
bTNyJQbblAoTwNk4aJe7cYPVtgbiCv1iwHMKsIQIXsGPmnaQU9G2rt/yMuBPJ5v/
Oea7jLfPK//nQ+a7hBM+KNeSpA11JBkN00ruWMxg2fD5zU48iscMgBkj+gQY4j6C
rK1+y5f38eliPlJeEujvLGNMfXylLu0hqk1kwc677PvbsKFvinXWPfF0TwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDhiLtH2B7UR3Jeq0EK0k9/fb/jaMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvT0dJdTBmWUh0UkhjbDZyUVFyU1QzOTl2LU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKg4PBAMF
ACoODwcDBQAqDmfFAwUAKhEVwQMFACoRMYADBQAqEUoEAwUAKhFKBwMFACoReIMD
BQAqEYUAAwUAKhGFBwMFACoSQUQDBQAqEkFHMA0GCSqGSIb3DQEBCwUAA4IBAQCh
+Uo7aR5ZvGh57+N9ATfLigYzzANsCkmFS05BnUwQGGmyu4WjWCVR5RFkVN4GC9bw
lUQLnCQhBbcJwH8xC+2IAPtxc1eNc8y1+1MW3IfgBf92gW9a1xKFY3AcoFGaHBy2
UPLzfTTm6BVkBj6uy4xhyCU0zDjDc8Eo4Ddjku7zb8+72zGFpIBLQnfugiQCEV0O
rpVlsSmlEj4TLa1kd7B5XWwb5Wq2KkJw4ijvz70mPu6pJlGSP1/ueKQ+o4eLdoHE
z0U7PLB6p/BIZp5/mTYJIDBIhUSNghXQGLdCQtzwhyDlGaE44sQXxdUDGGyC6P9Q
Cfuq4+vCIs0AYVzsyiIA
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:04:01 2025 by rpki-client