Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/a9dOojd2GQMg-RqTtLPypn3TcPg.roa
File: a9dOojd2GQMg-RqTtLPypn3TcPg.roa (raw, json)
Hash identifier: 6ykDAKls1BBLpS7BFdTv7DZlMm0fyTo3ceZjIna7vqg=
Subject key identifier: 6B:D7:4E:A2:37:76:19:03:20:F9:1A:93:B4:B3:F2:A6:7D:D3:70:F8
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 01973511F15C1F5E4EFF48B4C074EDE14461
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/a9dOojd2GQMg-RqTtLPypn3TcPg.roa
Signing time: Tue 03 Jun 2025 09:14:17 +0000
ROA not before: Tue 03 Jun 2025 09:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 192.175.45.0/24 maxlen: 24
2001:671::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Jun 2025 07:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:11:f1:5c:1f:5e:4e:ff:48:b4:c0:74:ed:e1:44:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jun 3 09:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bd74ea23776190320f91a93b4b3f2a67dd370f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f0:cf:33:ba:10:03:12:73:4f:8d:e8:f5:da:
39:f5:0c:f8:c4:7d:eb:fb:88:d0:10:26:d2:5a:b4:
0d:3c:38:c6:6b:3a:43:97:0c:7e:15:51:0a:45:b7:
c1:32:43:7c:8b:df:60:b1:23:8f:43:07:a6:43:a7:
b0:6a:88:97:09:18:79:3e:3a:46:04:9f:c4:aa:dd:
b6:03:93:8d:85:bd:f8:33:ed:fc:c1:06:84:48:17:
12:c2:24:a3:81:68:81:c1:74:39:68:72:fc:56:a4:
da:db:c6:6c:6b:4f:3d:8a:9d:96:bf:cd:fa:38:98:
27:51:3b:8f:bf:b4:7e:61:5e:1b:7e:e1:5a:8b:5f:
10:af:57:44:b1:dc:76:bd:55:f9:4d:c3:bd:8e:94:
64:be:a9:a8:da:0a:10:5a:7d:df:da:96:08:7d:97:
2b:8d:25:42:bc:24:22:bf:39:14:ed:c0:c9:f8:f0:
58:b7:13:36:f0:49:81:28:14:9a:9c:23:08:60:e4:
e9:90:7c:2d:5b:6f:78:ea:fc:77:6a:5e:a4:53:bb:
ae:40:a7:f4:28:26:7c:9f:7a:fe:75:14:a3:5c:62:
c9:9a:92:08:95:2d:5e:6f:10:01:0b:d0:1c:16:fe:
14:45:20:c7:99:66:59:f4:ca:ae:5d:da:7c:bc:92:
52:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D7:4E:A2:37:76:19:03:20:F9:1A:93:B4:B3:F2:A6:7D:D3:70:F8
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/a9dOojd2GQMg-RqTtLPypn3TcPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.175.45.0/24
IPv6:
2001:671::/48
Signature Algorithm: sha256WithRSAEncryption
5f:e4:23:86:5d:90:31:37:71:c3:92:32:73:73:03:d5:bd:ed:
30:89:5a:86:8c:42:a0:98:e3:3c:96:96:04:27:f1:2f:a2:36:
ab:91:be:b7:88:55:2d:ba:2f:af:aa:8d:f7:49:d5:c0:18:cc:
a2:c6:b4:65:39:dd:b6:67:cb:ba:2d:dd:7f:7e:c0:66:e4:3b:
ca:37:4b:55:ac:16:d2:19:06:06:84:99:48:c8:74:f1:ca:34:
98:83:cb:8d:5b:0d:c4:bc:35:30:60:01:2f:56:0b:e8:7b:f7:
42:ba:99:47:f9:bd:41:3f:4e:a9:b6:58:91:93:f7:c4:41:53:
f8:8a:38:6b:21:30:9d:56:61:e5:8a:7c:31:cb:f9:95:4c:7d:
ef:a4:35:2f:7b:4f:4d:5c:d8:c5:ef:95:11:8c:10:dd:72:6b:
b5:7b:79:db:36:31:ae:dd:98:94:82:6d:4e:8b:3f:60:d6:97:
de:11:48:87:a0:a3:d7:4d:15:10:a8:58:d4:a5:8b:6d:ce:2a:
e6:1c:5a:5f:e7:38:ed:03:c8:b0:79:70:4a:32:1d:7a:18:17:
2e:7b:1e:a4:86:35:93:49:22:be:d9:d9:46:68:94:8d:be:a3:
82:cb:e3:cb:ce:c4:76:4a:36:55:3e:ec:c9:b7:c8:59:dc:01:
10:ac:fd:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZc1EfFcH15O/0i0wHTt4URhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwNjAzMDkxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ3NGVhMjM3NzYxOTAzMjBmOTFhOTNiNGIzZjJhNjdkZDM3MGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPDPM7oQAxJzT43o9do59Qz4xH3r
+4jQECbSWrQNPDjGazpDlwx+FVEKRbfBMkN8i99gsSOPQwemQ6ewaoiXCRh5PjpG
BJ/Eqt22A5ONhb34M+38wQaESBcSwiSjgWiBwXQ5aHL8VqTa28Zsa089ip2Wv836
OJgnUTuPv7R+YV4bfuFai18Qr1dEsdx2vVX5TcO9jpRkvqmo2goQWn3f2pYIfZcr
jSVCvCQivzkU7cDJ+PBYtxM28EmBKBSanCMIYOTpkHwtW2946vx3al6kU7uuQKf0
KCZ8n3r+dRSjXGLJmpIIlS1ebxABC9AcFv4URSDHmWZZ9MquXdp8vJJSZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGvXTqI3dhkDIPkak7Sz8qZ903D4MB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvYTlkT29qZDJHUU1nLVJxVHRMUHlwbjNUY1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwK8tMA8E
AgACMAkDBwAgAQZxAAAwDQYJKoZIhvcNAQELBQADggEBAF/kI4ZdkDE3ccOSMnNz
A9W97TCJWoaMQqCY4zyWlgQn8S+iNquRvreIVS26L6+qjfdJ1cAYzKLGtGU53bZn
y7ot3X9+wGbkO8o3S1WsFtIZBgaEmUjIdPHKNJiDy41bDcS8NTBgAS9WC+h790K6
mUf5vUE/Tqm2WJGT98RBU/iKOGshMJ1WYeWKfDHL+ZVMfe+kNS97T01c2MXvlRGM
EN1ya7V7eds2Ma7dmJSCbU6LP2DWl94RSIego9dNFRCoWNSli23OKuYcWl/nOO0D
yLB5cEoyHXoYFy57HqSGNZNJIr7Z2UZolI2+o4LL48vOxHZKNlU+7Mm3yFncARCs
/fw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:31 2025 by rpki-client