Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxLXY6wIiD0BCTdb38A1gk7FfUk.roa
File: VxLXY6wIiD0BCTdb38A1gk7FfUk.roa (raw, json)
Hash identifier: /76hrDQWyBUrWyQ5UsKuW57Z0HfiZP7/jGD5Q8wVW48=
Subject key identifier: 57:12:D7:63:AC:08:88:3D:01:09:37:5B:DF:C0:35:82:4E:C5:7D:49
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197E5FFB179E17D3426075D64D31AB7840B
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxLXY6wIiD0BCTdb38A1gk7FfUk.roa
Signing time: Mon 07 Jul 2025 17:47:08 +0000
ROA not before: Mon 07 Jul 2025 17:47:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0c:2841::/32 maxlen: 32
2a11:15c0::/32 maxlen: 32
2a11:15c2::/32 maxlen: 32
2a11:4a00::/32 maxlen: 32
2a11:4a06::/32 maxlen: 32
2a11:b682::/32 maxlen: 32
2a12:4142::/32 maxlen: 32
2a12:4145::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Jul 2025 15:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:ff:b1:79:e1:7d:34:26:07:5d:64:d3:1a:b7:84:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 7 17:47:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5712d763ac08883d0109375bdfc035824ec57d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:74:92:3a:74:6a:1b:53:ea:de:00:5e:24:50:
f5:1b:b3:41:dc:35:40:3b:8c:76:1a:ef:6a:e1:a3:
10:b4:be:51:5b:6f:55:e4:ae:dd:fc:32:3f:2a:f0:
a2:90:63:51:79:88:a2:ec:0a:0f:c6:b7:63:eb:28:
f6:4f:78:ee:9a:0e:27:e9:f0:12:b1:7e:7b:aa:3d:
41:62:88:f5:e1:e5:41:9e:fa:ec:05:d3:d4:44:61:
08:67:ad:92:bb:83:bd:50:24:b7:6c:f7:d3:0a:97:
08:55:d3:0b:2b:ca:da:f0:2e:87:2b:93:19:73:d4:
06:aa:74:9e:8a:84:03:e9:cc:8e:ae:ba:b9:ff:df:
1a:09:d0:e1:0c:51:aa:95:bf:00:b1:76:31:02:59:
0e:d3:39:a7:4a:80:4c:1b:5f:be:3e:ed:95:5e:b4:
b6:ac:16:1f:40:14:de:01:f5:66:63:cd:ea:3f:4d:
4c:40:9e:e5:94:1d:81:d5:d4:f1:d8:72:9e:59:ac:
15:f0:07:0d:f3:8b:d1:39:8d:31:d3:af:da:8a:fe:
08:c3:74:f2:84:e7:1e:49:41:ec:22:27:24:7e:e2:
2f:3a:cc:a5:fa:dd:7a:fa:66:60:f2:cc:35:dd:48:
9d:c0:99:fe:67:e4:67:d4:54:4a:b7:8d:a8:25:08:
66:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:12:D7:63:AC:08:88:3D:01:09:37:5B:DF:C0:35:82:4E:C5:7D:49
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/VxLXY6wIiD0BCTdb38A1gk7FfUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2841::/32
2a11:15c0::/32
2a11:15c2::/32
2a11:4a00::/32
2a11:4a06::/32
2a11:b682::/32
2a12:4142::/32
2a12:4145::/32
Signature Algorithm: sha256WithRSAEncryption
2d:49:18:9d:36:e8:ca:72:f0:89:38:99:60:54:1d:54:7a:a7:
61:74:2d:69:c2:46:5c:a4:45:e9:48:17:32:d2:6d:95:7d:e0:
10:e8:2e:3d:45:c1:b8:d3:aa:e6:5e:9d:bc:65:73:d9:81:36:
b3:0e:80:df:29:fe:2a:47:68:a7:99:e9:48:ff:05:25:3d:44:
f9:65:cd:d4:e4:fa:1f:ca:af:4d:44:e0:e0:38:3a:4e:12:96:
57:1c:db:82:0e:05:6d:cc:58:6b:02:75:1c:ae:1d:55:ce:9a:
01:42:6a:87:bc:a7:9c:92:e8:d0:e3:8d:c9:e5:02:3d:25:1b:
6a:c6:92:1e:2e:36:48:46:a2:23:75:7e:38:18:a1:3c:3b:2a:
a4:f2:6a:a0:6b:e3:24:c8:c0:bb:b2:79:1f:e7:3e:18:38:7b:
03:34:36:5e:09:57:98:1a:45:36:6e:7d:25:56:4c:61:b7:2e:
df:09:bd:0f:55:c3:18:30:96:1b:18:14:6d:fa:bb:ed:32:26:
2f:8c:1c:2a:9c:5b:75:72:68:18:05:71:75:48:f7:09:b8:19:
02:2b:9b:8a:be:92:b2:93:15:d7:54:8d:66:85:94:32:96:db:
c7:cc:0a:6e:35:30:d1:3d:55:c5:1f:6d:76:06:7e:47:04:ba:
d0:aa:00:72
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZfl/7F54X00JgddZNMat4QLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNzA3MTc0NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzEyZDc2M2FjMDg4ODNkMDEwOTM3NWJkZmMwMzU4MjRlYzU3ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nSSOnRqG1Pq3gBeJFD1G7NB3DVA
O4x2Gu9q4aMQtL5RW29V5K7d/DI/KvCikGNReYii7AoPxrdj6yj2T3jumg4n6fAS
sX57qj1BYoj14eVBnvrsBdPURGEIZ62Su4O9UCS3bPfTCpcIVdMLK8ra8C6HK5MZ
c9QGqnSeioQD6cyOrrq5/98aCdDhDFGqlb8AsXYxAlkO0zmnSoBMG1++Pu2VXrS2
rBYfQBTeAfVmY83qP01MQJ7llB2B1dTx2HKeWawV8AcN84vROY0x06/aiv4Iw3Ty
hOceSUHsIickfuIvOsyl+t16+mZg8sw13UidwJn+Z+Rn1FRKt42oJQhm/wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFcS12OsCIg9AQk3W9/ANYJOxX1JMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvVnhMWFk2d0lpRDBCQ1RkYjM4QTFnazdGZlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKgwoQQMF
ACoRFcADBQAqERXCAwUAKhFKAAMFACoRSgYDBQAqEbaCAwUAKhJBQgMFACoSQUUw
DQYJKoZIhvcNAQELBQADggEBAC1JGJ026Mpy8Ik4mWBUHVR6p2F0LWnCRlykRelI
FzLSbZV94BDoLj1FwbjTquZenbxlc9mBNrMOgN8p/ipHaKeZ6Uj/BSU9RPllzdTk
+h/Kr01E4OA4Ok4Sllcc24IOBW3MWGsCdRyuHVXOmgFCaoe8p5yS6NDjjcnlAj0l
G2rGkh4uNkhGoiN1fjgYoTw7KqTyaqBr4yTIwLuyeR/nPhg4ewM0Nl4JV5gaRTZu
fSVWTGG3Lt8JvQ9VwxgwlhsYFG36u+0yJi+MHCqcW3VyaBgFcXVI9wm4GQIrm4q+
krKTFddUjWaFlDKW28fMCm41MNE9VcUfbXYGfkcEutCqAHI=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:45:02 2025 by rpki-client