Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/jHH5CoI0x-YP7kBMFc-OmkfhMNw.roa
File: jHH5CoI0x-YP7kBMFc-OmkfhMNw.roa (raw, json)
Hash identifier: 7gdFESI3o8kW2Yr3o0IGj3o/OXjYjcJKqCD0Bczwf8U=
Subject key identifier: 8C:71:F9:0A:82:34:C7:E6:0F:EE:40:4C:15:CF:8E:9A:47:E1:30:DC
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0197F50E0F0F677AB61925AE39821DA70864
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/jHH5CoI0x-YP7kBMFc-OmkfhMNw.roa
Signing time: Thu 10 Jul 2025 15:57:08 +0000
ROA not before: Thu 10 Jul 2025 15:57:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0c:2843::/32 maxlen: 32
2a11:15c3::/32 maxlen: 32
2a12:4143::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 21 Jul 2025 16:53:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:0e:0f:0f:67:7a:b6:19:25:ae:39:82:1d:a7:08:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 10 15:57:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c71f90a8234c7e60fee404c15cf8e9a47e130dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6b:ff:10:8b:0d:de:ed:1e:f3:39:6d:3f:54:
36:a3:d2:5a:05:49:69:c2:e6:b0:d5:21:13:8b:8f:
72:32:bd:79:9f:32:e3:b5:9e:e2:9c:53:87:0a:ce:
41:73:02:79:1c:f3:c0:8d:55:ae:da:6a:98:dd:cc:
0b:0a:95:60:dd:76:70:4f:da:2d:9e:0a:c0:ad:23:
15:6a:cb:d1:52:e8:6e:59:73:4a:ab:c5:77:14:d3:
65:8a:6b:90:5e:72:47:d0:a4:72:b3:03:0a:1e:a7:
a7:68:f2:96:30:7c:5d:2f:7b:09:d0:19:82:7f:78:
e3:6d:f3:50:41:d5:17:ea:70:71:d3:97:86:3e:fb:
e4:d0:c1:5c:b9:48:78:2e:49:04:d7:de:56:b1:59:
b7:0b:96:ba:c1:06:09:b4:7b:5b:85:66:5f:90:0d:
58:82:2c:0f:45:8d:96:2d:e1:e9:3e:c0:f0:5c:bb:
7d:81:e5:f6:04:ca:40:b6:d7:b8:6b:da:36:88:9b:
da:c3:bc:50:85:26:8b:12:65:e6:17:1f:7a:90:f9:
6c:88:13:8f:f0:55:cf:06:de:24:6b:47:53:4b:77:
4e:28:0f:84:9c:60:9e:0c:e2:0b:2b:4c:9a:ac:20:
23:91:5b:ae:da:86:90:7f:16:b6:1e:5a:8d:2a:08:
bb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:71:F9:0A:82:34:C7:E6:0F:EE:40:4C:15:CF:8E:9A:47:E1:30:DC
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/jHH5CoI0x-YP7kBMFc-OmkfhMNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2843::/32
2a11:15c3::/32
2a12:4143::/32
Signature Algorithm: sha256WithRSAEncryption
cd:b4:b7:b9:11:29:a9:d5:17:0d:ed:d0:0f:4d:2d:76:f0:d4:
63:f7:73:7d:02:03:a4:c4:7b:be:8d:f2:0e:32:26:94:bb:00:
d4:bf:60:b4:fb:a3:30:ee:28:f3:69:f0:a6:7e:4b:b0:fc:0a:
cc:ec:8c:07:87:03:85:78:dc:e1:c1:f8:24:2b:c9:97:7a:22:
22:b5:dd:a6:19:a9:d6:00:cf:55:93:46:a6:e1:08:15:57:70:
8c:14:76:7d:ad:75:e9:b4:0a:c3:88:75:24:d4:b1:d9:9f:56:
f5:2c:38:9b:2e:16:ac:00:c5:41:b0:4e:46:92:14:d1:c2:e4:
64:63:35:a6:11:0f:49:fa:c8:06:ce:5b:6f:66:10:60:00:c6:
95:0e:88:cc:4c:df:b5:bf:33:85:b6:90:62:2d:ec:58:52:e2:
e1:34:01:d5:aa:e6:d2:04:df:24:e4:aa:b5:c5:1e:3f:44:f1:
3d:d6:49:73:41:5a:99:94:c2:ab:25:ca:ed:c6:8e:e7:d5:50:
8c:ba:71:bc:7b:8d:0a:25:a7:a6:9b:44:cb:b7:16:30:35:6e:
58:f6:c2:42:9d:a7:58:3d:b4:0e:e8:70:41:e7:16:76:53:e9:
27:9e:a6:d8:30:f9:92:89:e2:75:0a:04:cb:89:87:1d:60:56:
1f:6a:10:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZf1Dg8PZ3q2GSWuOYIdpwhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNzEwMTU1NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzcxZjkwYTgyMzRjN2U2MGZlZTQwNGMxNWNmOGU5YTQ3ZTEzMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2v/EIsN3u0e8zltP1Q2o9JaBUlp
wuaw1SETi49yMr15nzLjtZ7inFOHCs5BcwJ5HPPAjVWu2mqY3cwLCpVg3XZwT9ot
ngrArSMVasvRUuhuWXNKq8V3FNNlimuQXnJH0KRyswMKHqenaPKWMHxdL3sJ0BmC
f3jjbfNQQdUX6nBx05eGPvvk0MFcuUh4LkkE195WsVm3C5a6wQYJtHtbhWZfkA1Y
giwPRY2WLeHpPsDwXLt9geX2BMpAtte4a9o2iJvaw7xQhSaLEmXmFx96kPlsiBOP
8FXPBt4ka0dTS3dOKA+EnGCeDOILK0yarCAjkVuu2oaQfxa2HlqNKgi7BQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIxx+QqCNMfmD+5ATBXPjppH4TDcMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvakhINUNvSTB4LVlQN2tCTUZjLU9ta2ZoTU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgwoQwMF
ACoRFcMDBQAqEkFDMA0GCSqGSIb3DQEBCwUAA4IBAQDNtLe5ESmp1RcN7dAPTS12
8NRj93N9AgOkxHu+jfIOMiaUuwDUv2C0+6Mw7ijzafCmfkuw/ArM7IwHhwOFeNzh
wfgkK8mXeiIitd2mGanWAM9Vk0am4QgVV3CMFHZ9rXXptArDiHUk1LHZn1b1LDib
LhasAMVBsE5GkhTRwuRkYzWmEQ9J+sgGzltvZhBgAMaVDojMTN+1vzOFtpBiLexY
UuLhNAHVqubSBN8k5Kq1xR4/RPE91klzQVqZlMKrJcrtxo7n1VCMunG8e40KJaem
m0TLtxYwNW5Y9sJCnadYPbQO6HBB5xZ2U+knnqbYMPmSieJ1CgTLiYcdYFYfahAq
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:35:59 2025 by rpki-client