Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/CuvyFrOQAig8UpgdjyQhEOhjaYc.roa
File: CuvyFrOQAig8UpgdjyQhEOhjaYc.roa (raw, json)
Hash identifier: Jh73loJk31erfis4eofzEMHkHz8LV73ZRTnhzyxUqZ8=
Subject key identifier: 0A:EB:F2:16:B3:90:02:28:3C:52:98:1D:8F:24:21:10:E8:63:69:87
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0197EA38040B7F5EF0545C16BB05814C1185
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/CuvyFrOQAig8UpgdjyQhEOhjaYc.roa
Signing time: Tue 08 Jul 2025 13:27:09 +0000
ROA not before: Tue 08 Jul 2025 13:27:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a03:5000:431::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Jul 2025 20:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:38:04:0b:7f:5e:f0:54:5c:16:bb:05:81:4c:11:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jul 8 13:27:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aebf216b39002283c52981d8f242110e8636987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:6e:66:c1:62:91:e0:8c:5b:57:e7:ed:95:
82:42:70:c3:14:4f:fa:62:20:fe:da:f3:5c:ea:ee:
d0:6b:b5:92:00:08:36:f1:88:b7:8b:79:f4:ae:3a:
36:93:3a:d6:8d:25:ee:ee:b4:c7:92:0c:7a:c0:73:
b8:fb:59:68:c7:19:b7:ce:f7:0e:a5:f4:2f:c0:d9:
14:5b:da:ad:7f:c2:78:99:2a:17:45:12:75:28:56:
08:ad:e3:e1:b3:76:72:2e:a3:b9:89:7c:d8:f6:dd:
08:18:0c:db:66:15:4f:61:6b:62:94:c9:29:e5:17:
15:ed:a0:28:cf:e7:57:e5:67:a1:95:e6:28:83:f5:
f2:8c:31:98:e6:5f:fa:80:ab:63:2d:45:b9:e4:8a:
6f:3a:56:e8:43:56:37:0e:6f:9e:ad:80:df:3c:1f:
9f:24:2a:28:44:9b:dc:c3:d1:1a:c8:df:53:d7:8e:
62:81:a6:a3:24:6c:5a:8a:d6:2e:f8:40:fe:6c:b6:
08:2a:64:f3:31:89:fa:22:71:55:9a:6d:c0:1b:a3:
be:81:e6:f6:01:58:26:2a:d5:8a:db:5c:fb:8c:f2:
dd:e7:f8:85:d5:22:92:46:77:69:6a:63:3a:de:5d:
83:cf:a6:9e:a8:82:32:a7:7b:06:8c:57:d1:c1:9b:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EB:F2:16:B3:90:02:28:3C:52:98:1D:8F:24:21:10:E8:63:69:87
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/CuvyFrOQAig8UpgdjyQhEOhjaYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:431::/48
Signature Algorithm: sha256WithRSAEncryption
da:6e:68:e1:05:76:42:39:6c:39:1e:4b:f0:c9:3c:4a:5d:7b:
57:20:fc:ad:4f:e6:3f:a5:0c:1d:17:64:01:73:87:bb:2f:ef:
8f:a2:fd:f8:2a:e5:75:06:78:87:65:dc:70:ca:19:13:5c:96:
2d:4c:fa:eb:93:06:af:b9:3f:83:b6:71:bd:7a:17:26:f0:ce:
1e:a6:a2:64:1a:00:89:5a:bf:2a:26:ec:1d:e9:24:82:30:ef:
d5:87:b2:87:e8:19:05:8e:55:ac:9c:1a:bb:d6:88:4b:52:fb:
0c:7b:b2:ad:a5:9e:dd:08:fa:7b:5e:76:a6:18:4d:67:d2:10:
65:e8:eb:dc:2e:69:4f:b7:5e:86:85:dd:cb:99:e9:b9:30:9f:
1a:bc:58:2b:e6:b0:69:5d:1c:a4:ab:06:f0:2d:e4:5c:84:0e:
92:13:b9:d6:70:81:f6:88:5c:26:75:11:2b:6a:58:3a:e0:0e:
5e:c8:c1:a4:1c:a7:f7:fd:15:b0:13:1a:6e:7a:2d:62:4c:de:
0e:38:bf:8a:d0:04:b1:2b:4a:23:34:98:af:ab:36:7b:41:00:
96:76:70:40:9e:33:ea:4b:a4:ad:f9:ec:2d:01:c3:47:a6:5a:
e9:20:9b:c2:2a:43:2c:82:27:e7:20:a4:97:bc:5d:ed:c1:52:
c5:60:63:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZfqOAQLf17wVFwWuwWBTBGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwNzA4MTMyNzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWViZjIxNmIzOTAwMjI4M2M1Mjk4MWQ4ZjI0MjExMGU4NjM2OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbJuZsFikeCMW1fn7ZWCQnDDFE/6
YiD+2vNc6u7Qa7WSAAg28Yi3i3n0rjo2kzrWjSXu7rTHkgx6wHO4+1loxxm3zvcO
pfQvwNkUW9qtf8J4mSoXRRJ1KFYIrePhs3ZyLqO5iXzY9t0IGAzbZhVPYWtilMkp
5RcV7aAoz+dX5WehleYog/XyjDGY5l/6gKtjLUW55IpvOlboQ1Y3Dm+erYDfPB+f
JCooRJvcw9EayN9T145igaajJGxaitYu+ED+bLYIKmTzMYn6InFVmm3AG6O+geb2
AVgmKtWK21z7jPLd5/iF1SKSRndpamM63l2Dz6aeqIIyp3sGjFfRwZssxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFArr8hazkAIoPFKYHY8kIRDoY2mHMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvQ3V2eUZyT1FBaWc4VXBnZGp5UWhFT2hqYVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNQAAQx
MA0GCSqGSIb3DQEBCwUAA4IBAQDabmjhBXZCOWw5HkvwyTxKXXtXIPytT+Y/pQwd
F2QBc4e7L++Pov34KuV1BniHZdxwyhkTXJYtTPrrkwavuT+DtnG9ehcm8M4epqJk
GgCJWr8qJuwd6SSCMO/Vh7KH6BkFjlWsnBq71ohLUvsMe7KtpZ7dCPp7XnamGE1n
0hBl6OvcLmlPt16Ghd3Lmem5MJ8avFgr5rBpXRykqwbwLeRchA6SE7nWcIH2iFwm
dREralg64A5eyMGkHKf3/RWwExpuei1iTN4OOL+K0ASxK0ojNJivqzZ7QQCWdnBA
njPqS6St+ewtAcNHplrpIJvCKkMsgifnIKSXvF3twVLFYGOU
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:58:07 2025 by rpki-client