Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/xpO9rzEbUj_GbaseCPM2i3ig6AM.roa
File: xpO9rzEbUj_GbaseCPM2i3ig6AM.roa (raw, json)
Hash identifier: N6O2rsiY4zctmduGOkQG4oprJy5VZOrIfIvEHJWqU84=
Subject key identifier: C6:93:BD:AF:31:1B:52:3F:C6:6D:AB:1E:08:F3:36:8B:78:A0:E8:03
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01977FC1D17A6B0990C0235117303F384CD4
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/xpO9rzEbUj_GbaseCPM2i3ig6AM.roa
Signing time: Tue 17 Jun 2025 21:18:17 +0000
ROA not before: Tue 17 Jun 2025 21:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:3183::/32 maxlen: 32
2a11:b682::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 26 Jun 2025 19:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:c1:d1:7a:6b:09:90:c0:23:51:17:30:3f:38:4c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 17 21:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c693bdaf311b523fc66dab1e08f3368b78a0e803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:6d:a1:66:6e:3b:cb:3e:64:44:97:1e:06:
42:53:dd:21:5e:66:c8:ec:fc:d6:bb:17:a1:57:79:
96:86:72:be:a9:c9:08:08:3a:b2:cf:1b:45:f1:85:
20:e7:ea:9f:37:33:8a:14:a6:77:ea:8a:11:46:23:
83:38:e6:9e:c7:6c:b0:fe:0d:d3:ea:b9:3a:e3:06:
45:b9:9c:8d:20:3c:33:55:e2:fb:c2:88:d5:c1:1b:
08:8e:cf:57:4f:93:4f:a9:68:ba:76:88:38:1e:cf:
1f:57:d6:48:98:df:ee:6f:ba:24:c8:7c:0a:6f:5d:
77:03:86:ad:af:f3:91:6e:c9:d3:87:ab:a3:fc:2a:
54:d2:d2:4a:15:c4:40:a0:d2:a1:b6:1f:19:95:27:
ec:25:92:70:03:60:2d:62:5e:67:e9:9a:26:5a:4d:
91:f4:e3:0c:11:14:e9:92:ca:c2:46:77:0c:0d:f3:
0c:f0:3c:69:ed:77:6b:6f:9c:03:ce:b4:67:8a:60:
38:50:b3:3f:16:74:25:20:55:8d:ff:68:b8:ee:d7:
dc:69:cb:88:8b:6b:cc:7d:9d:d9:72:58:1a:ef:c1:
7f:15:0c:53:f9:c8:54:8c:91:10:c2:14:1c:bc:6f:
af:c1:b7:43:fc:e6:24:c2:f8:16:c6:f0:78:dd:59:
7a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:93:BD:AF:31:1B:52:3F:C6:6D:AB:1E:08:F3:36:8B:78:A0:E8:03
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/xpO9rzEbUj_GbaseCPM2i3ig6AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3183::/32
2a11:b682::/32
Signature Algorithm: sha256WithRSAEncryption
8d:93:29:47:c3:e0:37:87:32:12:3d:17:b6:02:0e:58:c9:24:
d1:81:25:39:b9:5a:69:06:a8:fe:51:91:a1:cd:fb:d4:01:68:
4e:43:17:34:01:d5:83:4f:7b:88:8f:c9:fa:86:c1:90:93:11:
ce:65:45:4b:84:8d:7b:3b:94:78:7a:9e:d0:39:ab:bf:aa:b6:
88:4b:c4:a8:58:6e:d7:3d:aa:5d:2f:b4:ce:52:68:4b:d5:1d:
02:f8:fa:04:76:5a:d4:3b:c0:dc:d4:79:ea:b6:27:81:1a:fa:
63:54:ee:c7:3f:9e:a9:1d:41:7a:fd:68:70:89:f8:0c:a2:33:
2b:5c:a9:69:31:73:47:32:a7:e8:06:a4:f4:b9:3f:83:4c:a2:
fb:41:d1:b5:23:50:94:18:34:38:8d:7a:0f:00:98:b1:15:e8:
4c:f7:32:5b:27:18:6e:24:9a:f3:79:74:b4:62:17:9f:bb:5f:
e0:0c:a4:71:e6:1a:b9:01:a6:c6:b8:28:66:6d:11:f8:ec:43:
18:ee:23:40:be:54:88:ae:b0:7c:d7:9f:bc:92:30:0c:ac:96:
2e:32:73:22:df:cd:8d:2c:57:4c:05:53:b9:35:93:2a:7f:c0:
0f:ea:7c:55:e1:6b:1f:56:78:6e:d4:24:4e:07:90:05:6e:d6:
46:4f:2a:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZd/wdF6awmQwCNRFzA/OEzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNjE3MjExODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjkzYmRhZjMxMWI1MjNmYzY2ZGFiMWUwOGYzMzY4Yjc4YTBlODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMltoWZuO8s+ZESXHgZCU90hXmbI
7PzWuxehV3mWhnK+qckICDqyzxtF8YUg5+qfNzOKFKZ36ooRRiODOOaex2yw/g3T
6rk64wZFuZyNIDwzVeL7wojVwRsIjs9XT5NPqWi6dog4Hs8fV9ZImN/ub7okyHwK
b113A4atr/ORbsnTh6uj/CpU0tJKFcRAoNKhth8ZlSfsJZJwA2AtYl5n6ZomWk2R
9OMMERTpksrCRncMDfMM8Dxp7Xdrb5wDzrRnimA4ULM/FnQlIFWN/2i47tfcacuI
i2vMfZ3Zclga78F/FQxT+chUjJEQwhQcvG+vwbdD/OYkwvgWxvB43Vl6iQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMaTva8xG1I/xm2rHgjzNot4oOgDMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEveHBPOXJ6RWJVal9HYmFzZUNQTTJpM2lnNkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhExgwMF
ACoRtoIwDQYJKoZIhvcNAQELBQADggEBAI2TKUfD4DeHMhI9F7YCDljJJNGBJTm5
WmkGqP5RkaHN+9QBaE5DFzQB1YNPe4iPyfqGwZCTEc5lRUuEjXs7lHh6ntA5q7+q
tohLxKhYbtc9ql0vtM5SaEvVHQL4+gR2WtQ7wNzUeeq2J4Ea+mNU7sc/nqkdQXr9
aHCJ+AyiMytcqWkxc0cyp+gGpPS5P4NMovtB0bUjUJQYNDiNeg8AmLEV6Ez3Mlsn
GG4kmvN5dLRiF5+7X+AMpHHmGrkBpsa4KGZtEfjsQxjuI0C+VIiusHzXn7ySMAys
li4ycyLfzY0sV0wFU7k1kyp/wA/qfFXhax9WeG7UJE4HkAVu1kZPKvA=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:28:09 2025 by rpki-client