Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Oh68UYgvx8AQSyOPB_SA7J8gRJ8.roa
File: Oh68UYgvx8AQSyOPB_SA7J8gRJ8.roa (raw, json)
Hash identifier: 8z+fdaH5hU0fxq5c68KCsMqYDwOxSqwSJClM6/6cM84=
Subject key identifier: 3A:1E:BC:51:88:2F:C7:C0:10:4B:23:8F:07:F4:80:EC:9F:20:44:9F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019722E6B73AB3BD02979AF640903B7ED9DB
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Oh68UYgvx8AQSyOPB_SA7J8gRJ8.roa
Signing time: Fri 30 May 2025 20:33:54 +0000
ROA not before: Fri 30 May 2025 20:33:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 2a12:bec4:1520::/48 maxlen: 48
2a12:bec4:1651::/48 maxlen: 48
2a12:bec4:1652::/48 maxlen: 48
2a12:bec4:1653::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 30 May 2025 20:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:e6:b7:3a:b3:bd:02:97:9a:f6:40:90:3b:7e:d9:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: May 30 20:33:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a1ebc51882fc7c0104b238f07f480ec9f20449f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:9d:c0:57:7f:0f:40:80:96:87:89:27:97:
3f:a2:6e:3b:9b:d9:8a:f2:6c:78:a2:fd:c7:12:7f:
93:5f:bb:0a:cf:c6:61:30:c3:44:ee:28:61:a3:64:
b9:83:d5:e2:fc:ea:64:78:7d:a5:f2:16:23:7a:80:
50:e9:5a:d1:bb:c2:ce:6b:4a:7b:0f:d5:a9:78:4a:
27:a2:ba:45:c2:a5:ba:4b:18:8e:99:dc:1f:b2:da:
e9:18:da:b2:b5:30:6c:6d:76:3a:82:25:b4:e6:a4:
8a:0b:8a:cc:7e:0e:cf:f6:cc:1e:19:96:83:db:c6:
d5:ac:eb:d8:bb:a4:1f:20:8f:1f:0c:e2:3f:77:ac:
16:a6:bf:10:c4:d5:41:09:0c:ab:1d:09:da:46:98:
a2:e4:43:d1:07:9c:0f:2f:d1:fc:ef:07:41:9d:83:
c8:c5:a4:39:a1:0e:21:44:73:2f:3a:0d:37:d8:28:
83:8f:c5:69:b4:78:33:bc:7f:1b:d4:18:61:42:3e:
16:55:25:aa:7d:c2:59:e9:fd:f5:7c:c4:67:ff:67:
75:92:78:72:8c:83:42:b0:f1:66:93:a6:f3:28:42:
a8:bd:e8:98:4d:2c:04:61:f4:37:ec:49:19:99:8f:
7c:7c:e0:bb:eb:42:d9:7f:2b:58:51:c3:91:a4:f6:
81:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1E:BC:51:88:2F:C7:C0:10:4B:23:8F:07:F4:80:EC:9F:20:44:9F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Oh68UYgvx8AQSyOPB_SA7J8gRJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1520::/48
2a12:bec4:1651::-2a12:bec4:1653:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b1:9a:ad:b9:3f:91:7a:de:d2:89:8c:d2:3e:ca:0f:b4:02:1b:
d0:6b:59:aa:de:b0:48:6d:66:3f:ef:87:02:0d:93:b9:a9:70:
7f:db:7a:c9:e3:bc:d3:5f:e7:d8:b7:ea:12:75:da:f7:a0:07:
38:84:ab:33:55:bf:8c:31:98:1c:88:8e:bb:c7:f8:9a:b6:80:
10:b9:d9:85:6c:ad:2f:70:37:04:42:80:1a:b7:a5:39:06:1b:
77:0b:87:4b:e9:22:ca:82:ff:ae:48:9b:92:4d:74:74:7e:82:
6b:a8:ca:07:10:4e:05:5d:81:fa:1e:1e:78:87:29:ee:36:db:
aa:74:4b:25:42:25:15:9d:c2:f7:c5:68:77:c2:7b:06:70:ac:
b4:38:05:a8:68:37:75:10:1d:4e:b7:b3:53:10:39:5a:98:04:
23:d2:9f:5d:af:2b:20:7b:3c:2a:58:72:56:89:99:80:bd:bf:
1f:b0:a6:ea:24:7d:0f:18:ae:6f:d6:06:2b:c2:60:e7:aa:84:
9f:43:ba:e2:48:21:e3:52:a6:ff:25:af:63:b0:7a:1f:2f:64:
08:a1:0c:05:d0:6f:0e:b2:98:3f:ea:6e:0e:c0:4c:12:eb:3a:
e0:31:a4:3b:5a:b7:ff:dd:13:28:0c:46:aa:ad:7c:63:53:2c:
e1:2c:03:50
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZci5rc6s70Cl5r2QJA7ftnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwNTMwMjAzMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFlYmM1MTg4MmZjN2MwMTA0YjIzOGYwN2Y0ODBlYzlmMjA0NDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXidwFd/D0CAloeJJ5c/om47m9mK
8mx4ov3HEn+TX7sKz8ZhMMNE7ihho2S5g9Xi/OpkeH2l8hYjeoBQ6VrRu8LOa0p7
D9WpeEonorpFwqW6SxiOmdwfstrpGNqytTBsbXY6giW05qSKC4rMfg7P9sweGZaD
28bVrOvYu6QfII8fDOI/d6wWpr8QxNVBCQyrHQnaRpii5EPRB5wPL9H87wdBnYPI
xaQ5oQ4hRHMvOg032CiDj8VptHgzvH8b1BhhQj4WVSWqfcJZ6f31fMRn/2d1knhy
jINCsPFmk6bzKEKoveiYTSwEYfQ37EkZmY98fOC760LZfytYUcORpPaBUwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDoevFGIL8fAEEsjjwf0gOyfIESfMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvT2g2OFVZZ3Z4OEFRU3lPUEJfU0E3SjhnUko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKhK+xBUg
MBIDBwAqEr7EFlEDBwIqEr7EFlAwDQYJKoZIhvcNAQELBQADggEBALGarbk/kXre
0omM0j7KD7QCG9BrWaresEhtZj/vhwINk7mpcH/besnjvNNf59i36hJ12vegBziE
qzNVv4wxmByIjrvH+Jq2gBC52YVsrS9wNwRCgBq3pTkGG3cLh0vpIsqC/65Im5JN
dHR+gmuoygcQTgVdgfoeHniHKe4226p0SyVCJRWdwvfFaHfCewZwrLQ4BahoN3UQ
HU63s1MQOVqYBCPSn12vKyB7PCpYclaJmYC9vx+wpuokfQ8Yrm/WBivCYOeqhJ9D
uuJIIeNSpv8lr2Oweh8vZAihDAXQbw6ymD/qbg7ATBLrOuAxpDtat//dEygMRqqt
fGNTLOEsA1A=
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:26:07 2025 by rpki-client