Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/S2uruNf0-WtbyqYzDCo979-lnGQ.roa
File: S2uruNf0-WtbyqYzDCo979-lnGQ.roa (raw, json)
Hash identifier: /eCg6SkIMW/r4C09Kd/sTF5SAQ7AejoK9QvFC2XYMGs=
Subject key identifier: 4B:6B:AB:B8:D7:F4:F9:6B:5B:CA:A6:33:0C:2A:3D:EF:DF:A5:9C:64
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01973C605E4AA4E3B9F643B0ADD671F45BC3
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/S2uruNf0-WtbyqYzDCo979-lnGQ.roa
Signing time: Wed 04 Jun 2025 19:17:17 +0000
ROA not before: Wed 04 Jun 2025 19:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a10:6c40::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:8000::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Jun 2025 10:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:60:5e:4a:a4:e3:b9:f6:43:b0:ad:d6:71:f4:5b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 4 19:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b6babb8d7f4f96b5bcaa6330c2a3defdfa59c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:6c:2c:0c:67:a4:18:6b:c9:ef:3c:25:81:
71:ec:55:df:c9:4a:39:94:21:59:48:a8:ac:c9:c3:
ee:cd:11:8e:25:4e:18:30:db:55:1e:67:9c:1e:96:
5f:31:99:b3:09:2f:93:5a:5b:9b:0c:82:20:8b:67:
ac:24:2e:8e:75:46:41:b2:6c:cb:6c:ca:43:f2:a4:
69:c3:bc:00:dc:28:52:06:67:2f:3d:51:22:e7:2c:
76:1b:68:ba:89:62:4a:ae:3f:aa:d9:52:03:88:3e:
5f:24:8e:fb:4b:d5:80:90:52:bf:3a:83:46:e9:81:
63:82:08:55:38:41:23:bc:63:63:5c:bf:08:72:e3:
fb:23:c0:5d:92:2c:ef:21:94:d3:e8:48:4b:c9:2e:
14:12:ca:ed:99:53:05:e8:9d:1e:14:af:5d:6f:31:
79:39:ef:55:be:90:c3:71:f9:0c:17:72:72:22:e0:
de:18:e1:5c:21:62:d1:2e:45:fe:7a:9c:28:ee:db:
2e:42:b5:5a:b5:78:8d:b7:54:6d:4f:55:ac:4c:0d:
c6:3f:a0:62:9e:13:35:72:6b:86:c8:bb:83:ab:cd:
25:80:52:39:1e:1e:ea:67:15:6a:54:93:ca:a2:44:
78:f0:ed:fc:eb:3b:e6:94:b6:a8:6f:43:43:c2:dd:
3f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6B:AB:B8:D7:F4:F9:6B:5B:CA:A6:33:0C:2A:3D:EF:DF:A5:9C:64
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/S2uruNf0-WtbyqYzDCo979-lnGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6c40::/29
2a10:9600::/29
2a13:8000::/29
2a13:de40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:d3:16:70:b9:34:b5:5b:4f:db:44:f8:b9:3e:18:59:32:5c:
ed:c9:3f:b6:0c:d3:a7:f7:77:db:de:a7:3b:dc:89:e5:16:09:
5d:a4:38:ca:cd:07:2f:e7:66:15:a0:12:1e:97:2a:52:8f:77:
0d:99:1d:a0:47:5d:40:98:16:26:9b:da:f7:36:b1:f8:b2:ef:
3b:7e:98:33:eb:1f:41:9c:7b:2f:e8:f6:00:f9:a8:e7:31:cb:
ee:70:1c:69:58:b8:66:80:d6:79:1b:03:82:2c:25:29:c5:fe:
47:1c:9e:86:c2:f2:1d:72:cb:29:99:70:de:0c:47:55:9b:0b:
e1:ac:34:2f:33:55:85:c7:1b:08:0e:1f:68:00:14:3c:08:a3:
ab:90:13:23:b7:4f:64:f8:d0:07:cb:36:87:23:f6:62:b0:27:
0e:02:9c:9a:2b:fa:c3:60:1b:ec:ff:25:fe:02:3a:8e:17:a2:
e1:80:20:56:c0:6e:a1:0e:da:90:ae:05:c3:b2:5f:52:4f:b7:
9a:10:f4:be:04:96:e4:92:7c:9d:16:af:e2:c8:34:ed:f7:06:
4b:c7:b3:35:14:8b:77:7c:e1:03:54:a4:e8:ae:aa:1a:14:58:
2a:94:ce:3c:c0:1c:45:ff:a7:29:93:0f:77:65:dc:1a:a8:f9:
aa:18:83:61
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZc8YF5KpOO59kOwrdZx9FvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwNjA0MTkxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZiYWJiOGQ3ZjRmOTZiNWJjYWE2MzMwYzJhM2RlZmRmYTU5YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46BsLAxnpBhrye88JYFx7FXfyUo5
lCFZSKisycPuzRGOJU4YMNtVHmecHpZfMZmzCS+TWlubDIIgi2esJC6OdUZBsmzL
bMpD8qRpw7wA3ChSBmcvPVEi5yx2G2i6iWJKrj+q2VIDiD5fJI77S9WAkFK/OoNG
6YFjgghVOEEjvGNjXL8IcuP7I8BdkizvIZTT6EhLyS4UEsrtmVMF6J0eFK9dbzF5
Oe9VvpDDcfkMF3JyIuDeGOFcIWLRLkX+epwo7tsuQrVatXiNt1RtT1WsTA3GP6Bi
nhM1cmuGyLuDq80lgFI5Hh7qZxVqVJPKokR48O386zvmlLaob0NDwt0/8wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEtrq7jX9PlrW8qmMwwqPe/fpZxkMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvUzJ1cnVOZjAtV3RieXFZekRDbzk3OS1sbkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhBsQAMF
AyoQlgADBQMqE4AAAwUDKhPeQDANBgkqhkiG9w0BAQsFAAOCAQEATNMWcLk0tVtP
20T4uT4YWTJc7ck/tgzTp/d3296nO9yJ5RYJXaQ4ys0HL+dmFaASHpcqUo93DZkd
oEddQJgWJpva9zax+LLvO36YM+sfQZx7L+j2APmo5zHL7nAcaVi4ZoDWeRsDgiwl
KcX+RxyehsLyHXLLKZlw3gxHVZsL4aw0LzNVhccbCA4faAAUPAijq5ATI7dPZPjQ
B8s2hyP2YrAnDgKcmiv6w2Ab7P8l/gI6jhei4YAgVsBuoQ7akK4Fw7JfUk+3mhD0
vgSW5JJ8nRav4sg07fcGS8ezNRSLd3zhA1Sk6K6qGhRYKpTOPMAcRf+nKZMPd2Xc
Gqj5qhiDYQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:59:01 2025 by rpki-client