Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ygqg2DjEX-fcnR8_nimP23K-iKI.roa
File: ygqg2DjEX-fcnR8_nimP23K-iKI.roa (raw, json)
Hash identifier: ZNkEEUQOcnvP4jBhzdr1ijDKFZShB7W0vdMx1xBfMz4=
Subject key identifier: CA:0A:A0:D8:38:C4:5F:E7:DC:9D:1F:3F:9E:29:8F:DB:72:BE:88:A2
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0197EA3803A967384F29E79BE7742A031761
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ygqg2DjEX-fcnR8_nimP23K-iKI.roa
Signing time: Tue 08 Jul 2025 13:27:08 +0000
ROA not before: Tue 08 Jul 2025 13:27:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a03:5000:431::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Jul 2025 20:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:38:03:a9:67:38:4f:29:e7:9b:e7:74:2a:03:17:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jul 8 13:27:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca0aa0d838c45fe7dc9d1f3f9e298fdb72be88a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:6a:ac:dc:03:71:5c:6e:38:fd:a6:fc:a4:
2d:3d:91:5b:dd:01:55:13:2e:02:a6:d5:7b:f1:e8:
cd:e6:a3:4a:c8:c4:ba:3c:ea:3d:db:ca:c7:fc:25:
ce:4d:5a:2b:93:ce:df:42:53:57:c6:d0:6f:25:ad:
98:d8:2e:3c:c9:1d:29:78:2f:da:48:c3:2e:f7:ae:
c5:de:e0:96:c7:65:3b:23:a4:1a:fd:18:fe:be:95:
43:c4:f5:5c:5a:cc:48:cd:67:d8:f6:7f:0d:6e:99:
7d:08:4e:c4:02:79:10:d4:e3:07:c1:8d:48:81:d6:
1a:a7:8f:46:9b:e0:bc:06:4f:6e:3e:99:7e:9d:9b:
d0:0c:f7:15:d8:02:0f:97:74:40:e4:4c:d6:11:88:
b7:19:21:95:3e:94:1f:7e:18:8d:1d:63:35:6c:b6:
aa:4b:1b:1d:dd:88:3c:cf:0c:43:09:05:5e:9a:0d:
15:bf:67:e3:75:9e:b2:70:75:2f:25:4a:39:32:07:
c2:3f:28:3f:71:51:24:e0:2c:ca:0e:10:05:e8:be:
60:7b:32:b3:52:0b:ed:25:37:29:96:d9:0a:c3:eb:
4f:2b:bb:05:b5:b0:12:3f:5b:29:3e:d5:f5:fe:1c:
27:ec:a3:d6:d4:63:78:6e:9c:56:37:d7:8a:71:04:
72:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0A:A0:D8:38:C4:5F:E7:DC:9D:1F:3F:9E:29:8F:DB:72:BE:88:A2
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ygqg2DjEX-fcnR8_nimP23K-iKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:431::/48
Signature Algorithm: sha256WithRSAEncryption
1e:55:57:2f:f3:6f:08:62:22:a6:41:cc:a6:6f:21:0c:7c:b3:
5c:e6:05:c1:dd:cf:44:7f:4f:7e:8d:f4:9c:b2:d0:a8:95:b3:
24:73:70:27:f0:ec:40:16:13:5c:66:fd:43:1e:12:f0:68:c7:
fa:b1:c9:0f:56:b7:a7:e3:5e:02:f5:6d:da:17:91:46:ba:35:
fb:60:c4:38:2b:0f:ef:df:ce:13:68:27:ae:2b:13:9c:79:fb:
28:3f:c6:07:ab:65:f5:9b:53:1f:1e:74:c6:da:db:7f:86:c5:
19:db:0e:4c:73:98:d8:e8:c8:0b:ef:92:8b:35:6f:60:96:89:
db:c4:de:a7:69:93:38:01:f8:94:a1:f1:ad:01:5d:7e:58:e8:
4a:3b:69:8c:8a:12:ef:b8:b5:6b:5c:a3:88:fc:c0:92:e1:7e:
39:92:e6:6f:83:22:4f:5c:67:56:b8:ec:ab:42:19:65:cd:db:
f2:21:a1:ed:e0:81:1a:62:9e:fb:86:13:2e:1f:7b:96:cd:0d:
5a:fe:2a:71:1c:7f:6d:f8:70:34:86:35:7d:a3:fe:7b:83:14:
4f:f6:42:79:b2:08:85:9b:72:e0:0c:28:85:f7:8a:f1:7c:f5:
8d:68:9c:80:5c:d2:37:c1:44:e2:5d:f4:de:23:65:bd:af:b3:
cb:7e:3c:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZfqOAOpZzhPKeeb53QqAxdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwNzA4MTMyNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBhYTBkODM4YzQ1ZmU3ZGM5ZDFmM2Y5ZTI5OGZkYjcyYmU4OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu51qrNwDcVxuOP2m/KQtPZFb3QFV
Ey4CptV78ejN5qNKyMS6POo928rH/CXOTVork87fQlNXxtBvJa2Y2C48yR0peC/a
SMMu967F3uCWx2U7I6Qa/Rj+vpVDxPVcWsxIzWfY9n8Nbpl9CE7EAnkQ1OMHwY1I
gdYap49Gm+C8Bk9uPpl+nZvQDPcV2AIPl3RA5EzWEYi3GSGVPpQffhiNHWM1bLaq
Sxsd3Yg8zwxDCQVemg0Vv2fjdZ6ycHUvJUo5MgfCPyg/cVEk4CzKDhAF6L5gezKz
UgvtJTcpltkKw+tPK7sFtbASP1spPtX1/hwn7KPW1GN4bpxWN9eKcQRy0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMoKoNg4xF/n3J0fP54pj9tyvoiiMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEveWdxZzJEakVYLWZjblI4X25pbVAyM0staUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNQAAQx
MA0GCSqGSIb3DQEBCwUAA4IBAQAeVVcv828IYiKmQcymbyEMfLNc5gXB3c9Ef09+
jfScstColbMkc3An8OxAFhNcZv1DHhLwaMf6sckPVren414C9W3aF5FGujX7YMQ4
Kw/v384TaCeuKxOcefsoP8YHq2X1m1MfHnTG2tt/hsUZ2w5Mc5jY6MgL75KLNW9g
lonbxN6naZM4AfiUofGtAV1+WOhKO2mMihLvuLVrXKOI/MCS4X45kuZvgyJPXGdW
uOyrQhllzdvyIaHt4IEaYp77hhMuH3uWzQ1a/ipxHH9t+HA0hjV9o/57gxRP9kJ5
sgiFm3LgDCiF94rxfPWNaJyAXNI3wUTiXfTeI2W9r7PLfjyy
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:47:32 2025 by rpki-client