Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u3Bj8Z9lwN_ColE6RLDXsMjOprM.roa
File: u3Bj8Z9lwN_ColE6RLDXsMjOprM.roa (raw, json)
Hash identifier: /FqKmRfMh8Pp7FMOqETkIrdsfpnywHQ5D0nKjni70Xs=
Subject key identifier: BB:70:63:F1:9F:65:C0:DF:C2:A2:51:3A:44:B0:D7:B0:C8:CE:A6:B3
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFAA1FAF17B4F2C3795259C8B3BEE33
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u3Bj8Z9lwN_ColE6RLDXsMjOprM.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212740
IP address blocks: 2a0c:b641:4d0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Mar 2025 12:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a1:fa:f1:7b:4f:2c:37:95:25:9c:8b:3b:ee:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb7063f19f65c0dfc2a2513a44b0d7b0c8cea6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:e7:9f:5c:09:30:9a:d0:56:c0:86:56:ba:
04:f7:6d:c6:06:7a:c3:5e:e6:d8:5f:18:62:1e:9d:
02:c7:21:64:00:c0:1e:78:9a:07:7d:06:d2:f4:87:
37:1d:02:d5:06:d9:8c:cf:dd:bb:8b:52:ed:ed:a2:
11:cb:96:b4:b3:af:78:1c:1c:41:9b:57:44:44:e9:
c7:6d:76:f9:75:57:04:81:f8:48:fc:c0:80:f8:14:
05:41:dd:8b:31:a8:31:94:46:24:d6:d8:45:56:35:
f1:33:04:13:94:e3:6f:5b:a0:d2:5c:87:32:60:e8:
72:1a:76:f4:e9:ba:18:4c:85:9c:dd:e1:d5:42:f5:
bf:d1:50:2a:cd:48:b6:14:c2:7f:70:59:ca:7a:13:
36:65:ee:05:f6:4c:6e:17:49:34:91:9d:1a:7c:27:
9e:a0:7a:06:9a:bd:c6:5c:32:21:8c:f8:0c:74:bb:
17:54:51:ae:6a:fa:43:ad:26:61:20:45:c4:54:fa:
20:d2:ea:a1:ce:b6:ad:04:80:82:ea:65:af:23:2c:
81:54:63:2d:6e:bc:b2:a8:29:70:a3:41:d9:ca:08:
fc:45:94:9b:91:cb:44:01:3f:c8:dc:1e:2b:a8:12:
af:bf:16:25:ef:20:9f:5e:4f:a4:53:66:9c:65:c5:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:70:63:F1:9F:65:C0:DF:C2:A2:51:3A:44:B0:D7:B0:C8:CE:A6:B3
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u3Bj8Z9lwN_ColE6RLDXsMjOprM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:4d0::/44
Signature Algorithm: sha256WithRSAEncryption
2b:b3:a1:ac:86:b8:fe:58:fa:60:d5:e0:ea:13:f4:64:ae:6e:
f7:76:71:2b:da:24:31:c4:c3:cf:cb:ed:8f:bb:f8:ab:48:ff:
dc:53:26:50:3a:64:8b:8d:da:2d:54:a3:d9:a1:b8:e5:2f:0c:
bd:02:9d:97:0b:0d:af:50:46:30:4e:11:9c:a7:39:fa:9f:48:
2a:da:ad:d6:ce:36:ef:8d:b2:8b:f7:94:96:71:11:a3:72:6d:
ee:54:d9:db:fa:45:4a:17:cb:ff:a8:80:5b:8f:05:61:0f:ab:
86:8e:0f:f4:35:40:b7:59:3a:0e:c2:18:92:07:d8:23:5c:00:
b1:79:50:47:11:04:af:16:6b:67:bb:20:14:2e:cc:b7:c9:94:
76:02:10:00:fb:a9:46:67:b7:80:59:2a:e0:de:41:84:c4:8f:
b3:11:0f:eb:1b:c8:d7:a8:6c:8d:e8:f9:57:36:bd:5d:53:23:
95:aa:be:70:59:6f:88:19:90:6f:79:2e:e5:9d:fe:dc:3b:6f:
bb:35:c5:54:3b:6a:fb:47:f0:ed:9a:fb:5a:f5:88:40:51:9e:
1e:f6:9d:e4:50:6f:eb:41:5c:24:a8:e0:24:22:33:c2:fc:99:
2d:79:b3:ca:8e:56:d5:a9:28:fb:29:37:18:2e:f8:75:2e:a8:
bb:dc:94:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qH68XtPLDeVJZyLO+4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjcwNjNmMTlmNjVjMGRmYzJhMjUxM2E0NGIwZDdiMGM4Y2VhNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulDnn1wJMJrQVsCGVroE923GBnrD
XubYXxhiHp0CxyFkAMAeeJoHfQbS9Ic3HQLVBtmMz927i1Lt7aIRy5a0s694HBxB
m1dEROnHbXb5dVcEgfhI/MCA+BQFQd2LMagxlEYk1thFVjXxMwQTlONvW6DSXIcy
YOhyGnb06boYTIWc3eHVQvW/0VAqzUi2FMJ/cFnKehM2Ze4F9kxuF0k0kZ0afCee
oHoGmr3GXDIhjPgMdLsXVFGuavpDrSZhIEXEVPog0uqhzratBICC6mWvIyyBVGMt
bryyqClwo0HZygj8RZSbkctEAT/I3B4rqBKvvxYl7yCfXk+kU2acZcXHdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLtwY/GfZcDfwqJROkSw17DIzqazMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvdTNCajhaOWx3Tl9Db2xFNlJMRFhzTWpPcHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQTQ
MA0GCSqGSIb3DQEBCwUAA4IBAQArs6Gshrj+WPpg1eDqE/Rkrm73dnEr2iQxxMPP
y+2Pu/irSP/cUyZQOmSLjdotVKPZobjlLwy9Ap2XCw2vUEYwThGcpzn6n0gq2q3W
zjbvjbKL95SWcRGjcm3uVNnb+kVKF8v/qIBbjwVhD6uGjg/0NUC3WToOwhiSB9gj
XACxeVBHEQSvFmtnuyAULsy3yZR2AhAA+6lGZ7eAWSrg3kGExI+zEQ/rG8jXqGyN
6PlXNr1dUyOVqr5wWW+IGZBveS7lnf7cO2+7NcVUO2r7R/Dtmvta9YhAUZ4e9p3k
UG/rQVwkqOAkIjPC/JktebPKjlbVqSj7KTcYLvh1Lqi73JSJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:15 2025 by rpki-client