Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w2m32M6cNFXTW16F3Dcln-XGHWk.roa
File: w2m32M6cNFXTW16F3Dcln-XGHWk.roa (raw, json)
Hash identifier: Q+tQ6BUCqWAvpZK9pqAHq/B8+6PAaciAZJZEdIQJGJ0=
Subject key identifier: C3:69:B7:D8:CE:9C:34:55:D3:5B:5E:85:DC:37:25:9F:E5:C6:1D:69
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019902543B98F638D65DF4A672D81F87DDD5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w2m32M6cNFXTW16F3Dcln-XGHWk.roa
Signing time: Sun 31 Aug 2025 22:51:38 +0000
ROA not before: Sun 31 Aug 2025 22:51:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:b107:1240::/44 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Sep 2025 09:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:02:54:3b:98:f6:38:d6:5d:f4:a6:72:d8:1f:87:dd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 31 22:51:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c369b7d8ce9c3455d35b5e85dc37259fe5c61d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:85:d5:47:1d:f0:8e:d6:21:eb:f8:32:a9:d4:
45:53:8f:ea:da:6b:06:26:36:de:da:f5:40:d5:c5:
08:94:0b:ff:9d:3b:11:09:40:ff:58:8c:f3:22:4a:
c5:6c:10:c5:a7:ae:4f:89:7a:6b:a6:c2:f4:09:e6:
6f:66:dd:87:bd:a2:04:5c:7c:58:e5:4c:03:a7:d3:
ac:df:a3:ef:95:a7:c5:00:47:ab:53:c4:78:ed:f9:
1e:d2:71:2c:a9:a4:da:68:59:2f:ca:c1:4e:55:86:
92:e8:c9:41:05:89:0a:6c:c3:21:a8:53:c3:f4:82:
e5:e9:4b:e3:f0:c7:b4:74:4e:2b:93:ac:e1:45:31:
4f:49:41:79:f1:dc:4d:f8:63:36:5f:69:8c:8f:7d:
98:64:0f:19:50:87:d0:ea:53:d5:d5:e9:a0:15:91:
3d:46:d4:ba:fe:09:bd:9a:d9:d1:b7:a7:73:3a:d9:
77:20:bb:3f:ba:b9:9c:06:1b:9d:75:0a:39:31:10:
03:b2:e2:40:be:e0:68:67:31:e5:cb:f5:5f:5c:cc:
27:25:0b:73:8b:98:14:4b:73:bd:01:9c:ff:86:fd:
f0:54:00:2e:c5:22:3a:db:ff:ab:71:62:82:97:8f:
21:24:0b:bf:64:60:a3:bb:c4:af:4e:7f:a1:97:6d:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:69:B7:D8:CE:9C:34:55:D3:5B:5E:85:DC:37:25:9F:E5:C6:1D:69
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w2m32M6cNFXTW16F3Dcln-XGHWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1240::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
05:b1:b6:b4:bb:f3:fd:b1:2f:82:5c:f3:f2:35:0b:bb:80:59:
9f:47:a7:e6:8b:97:f5:9d:f8:e8:2c:88:5e:74:bc:e2:33:a6:
24:81:4b:52:c3:b4:d2:50:54:f7:bf:6a:17:f4:5c:e3:b2:b7:
0e:d0:d5:a6:7a:ec:9e:3a:c4:2b:b9:d5:f8:30:81:ff:96:64:
ed:a7:61:ce:e3:89:85:77:d1:fc:3e:d9:8c:e8:c6:ca:6b:cc:
60:89:35:4c:55:27:68:e6:38:1e:7c:2e:17:b7:f5:3e:04:68:
91:69:cc:67:67:0e:a6:3a:f0:a0:69:17:f7:d0:56:c7:56:de:
22:57:89:cd:b6:c9:6d:ae:8f:13:39:e0:d0:bb:0f:59:29:9d:
7d:d1:f9:ff:5d:6e:fe:75:c9:59:d0:af:80:54:de:72:2a:1f:
ae:5e:b3:bc:82:66:46:ec:1e:6d:0a:18:9e:d9:77:fd:2a:44:
16:08:c9:6b:5f:c1:16:87:6c:7f:98:37:86:2e:4b:43:92:cf:
9e:16:bf:4a:c0:9b:6b:5d:36:03:7d:f1:3d:64:98:fe:2b:c2:
12:ea:e3:ef:e0:bb:73:dc:7c:08:08:dc:46:be:51:1e:a5:b5:
aa:da:e1:3d:65:60:06:ec:bb:81:99:1c:f8:0a:13:09:00:cc:
bf:4e:6e:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkCVDuY9jjWXfSmctgfh93VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwODMxMjI1MTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY5YjdkOGNlOWMzNDU1ZDM1YjVlODVkYzM3MjU5ZmU1YzYxZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYXVRx3wjtYh6/gyqdRFU4/q2msG
Jjbe2vVA1cUIlAv/nTsRCUD/WIzzIkrFbBDFp65PiXprpsL0CeZvZt2HvaIEXHxY
5UwDp9Os36PvlafFAEerU8R47fke0nEsqaTaaFkvysFOVYaS6MlBBYkKbMMhqFPD
9ILl6Uvj8Me0dE4rk6zhRTFPSUF58dxN+GM2X2mMj32YZA8ZUIfQ6lPV1emgFZE9
RtS6/gm9mtnRt6dzOtl3ILs/urmcBhuddQo5MRADsuJAvuBoZzHly/VfXMwnJQtz
i5gUS3O9AZz/hv3wVAAuxSI62/+rcWKCl48hJAu/ZGCju8SvTn+hl23KDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMNpt9jOnDRV01tehdw3JZ/lxh1pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdzJtMzJNNmNORlhUVzE2RjNEY2xuLVhHSFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxJA
AwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQAFsba0u/P9sS+CXPPyNQu7gFmf
R6fmi5f1nfjoLIhedLziM6YkgUtSw7TSUFT3v2oX9FzjsrcO0NWmeuyeOsQrudX4
MIH/lmTtp2HO44mFd9H8PtmM6MbKa8xgiTVMVSdo5jgefC4Xt/U+BGiRacxnZw6m
OvCgaRf30FbHVt4iV4nNtsltro8TOeDQuw9ZKZ190fn/XW7+dclZ0K+AVN5yKh+u
XrO8gmZG7B5tChie2Xf9KkQWCMlrX8EWh2x/mDeGLktDks+eFr9KwJtrXTYDffE9
ZJj+K8IS6uPv4Ltz3HwICNxGvlEepbWq2uE9ZWAG7LuBmRz4ChMJAMy/Tm61
-----END CERTIFICATE-----
Generated at Tue Sep 16 04:48:24 2025 by rpki-client