Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hMETZeaJhdpmSMxxNpApu1nXnhk.roa
File: hMETZeaJhdpmSMxxNpApu1nXnhk.roa (raw, json)
Hash identifier: jaw1iRcoas1HkWvam5rE5NJK81hesdF/05hyoSJt7PI=
Subject key identifier: 84:C1:13:65:E6:89:85:DA:66:48:CC:71:36:90:29:BB:59:D7:9E:19
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0196E78F9B68DFAEE6327ED0CCF40BD5475F
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hMETZeaJhdpmSMxxNpApu1nXnhk.roa
Signing time: Mon 19 May 2025 08:01:10 +0000
ROA not before: Mon 19 May 2025 08:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39686
IP address blocks: 2a07:3500:11e0::/48 maxlen: 48
2a07:3501:1032::/47 maxlen: 48
2a07:3501:1050::/48 maxlen: 48
2a07:3501:1060::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
2a07:3502:11c0::/48 maxlen: 48
2a07:3502:1210::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 May 2025 09:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:8f:9b:68:df:ae:e6:32:7e:d0:cc:f4:0b:d5:47:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 19 08:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84c11365e68985da6648cc71369029bb59d79e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2c:8e:2c:f9:b4:39:74:95:8a:1f:de:4b:58:
e3:c0:6c:53:e1:33:28:72:ad:4f:fb:b7:79:e8:0c:
41:e4:e3:85:79:74:ee:c8:04:c1:ce:e9:84:38:7a:
68:15:23:7a:53:28:cd:52:30:52:45:87:55:97:9a:
9f:e7:80:99:4e:c0:54:d1:dc:5f:e1:f4:e9:bf:8a:
ef:24:09:d4:32:a2:6f:c3:75:92:c2:10:56:28:60:
d0:dd:f4:52:76:cd:ea:03:1f:59:bb:14:a7:58:53:
89:e8:4d:c8:68:f6:f6:7d:5c:a8:d1:ad:7f:32:7b:
a0:91:9c:c1:ba:dc:2a:7f:ee:d5:6f:1f:f7:23:49:
48:13:32:81:7a:79:f0:2a:d2:55:de:66:ce:74:7e:
57:7b:30:0f:6d:13:2c:a3:66:0b:d9:7f:56:b7:b2:
5d:27:be:49:91:47:4b:f1:d1:b6:4a:89:9f:96:76:
e5:a4:df:94:65:ae:c1:b9:ea:02:e4:85:00:8a:bc:
e4:e7:86:2b:1b:5b:dd:ac:9c:92:0f:63:d7:97:06:
49:f4:30:14:ad:64:26:f6:93:cc:2d:7b:49:d5:8a:
ec:bf:19:ee:ae:98:68:bc:8c:0d:0b:9f:52:ac:91:
4d:77:d4:1c:84:8e:2b:dd:03:d6:8e:71:9b:20:9d:
46:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C1:13:65:E6:89:85:DA:66:48:CC:71:36:90:29:BB:59:D7:9E:19
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hMETZeaJhdpmSMxxNpApu1nXnhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:11e0::/48
2a07:3501:1032::/47
2a07:3501:1050::/48
2a07:3501:1060::/48
2a07:3502:10e0::/48
2a07:3502:11c0::/48
2a07:3502:1210::/48
Signature Algorithm: sha256WithRSAEncryption
3f:2b:95:80:87:15:ba:20:7e:8b:51:d5:a9:e8:63:e5:00:4c:
8b:fa:3a:e0:d1:b6:42:2c:b5:cd:cc:c6:27:6f:d8:77:f1:66:
2a:8d:6a:28:d1:30:09:73:49:28:1b:72:aa:54:ff:8c:31:3b:
64:12:64:e2:6f:ac:78:d7:15:7a:9f:bd:54:62:89:52:d2:c8:
33:3f:cc:e7:f8:a0:4f:21:d2:2b:51:71:1d:85:a2:bc:75:7a:
5f:36:13:45:3c:ad:bc:2d:8b:16:a7:de:df:a8:8f:66:b8:e0:
1b:3d:d8:d3:5d:8f:33:64:6f:38:d0:df:78:3e:7d:13:0b:9b:
5a:d3:66:ad:7b:83:fe:db:f9:a3:4a:d8:be:78:0f:31:61:60:
ca:f8:cf:d2:97:79:70:fa:11:93:d2:6a:61:0a:d6:0a:2a:03:
3e:23:86:36:14:47:d7:78:27:41:4b:39:05:78:3a:60:52:57:
f7:f4:13:3e:a8:1f:05:10:0a:23:ab:0b:bd:10:d6:5d:1d:6d:
4a:1d:57:94:d1:ca:8a:1a:36:d0:43:e2:a4:94:14:80:e0:aa:
df:af:1d:94:c1:f3:a0:80:cc:52:54:39:2a:d6:45:d5:9b:3e:
96:f0:38:79:07:18:77:d8:33:c0:c4:25:a1:27:b9:04:15:83:
65:9d:3a:bd
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZbnj5to367mMn7QzPQL1UdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwNTE5MDgwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMxMTM2NWU2ODk4NWRhNjY0OGNjNzEzNjkwMjliYjU5ZDc5ZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniyOLPm0OXSVih/eS1jjwGxT4TMo
cq1P+7d56AxB5OOFeXTuyATBzumEOHpoFSN6UyjNUjBSRYdVl5qf54CZTsBU0dxf
4fTpv4rvJAnUMqJvw3WSwhBWKGDQ3fRSds3qAx9ZuxSnWFOJ6E3IaPb2fVyo0a1/
MnugkZzButwqf+7Vbx/3I0lIEzKBennwKtJV3mbOdH5XezAPbRMso2YL2X9Wt7Jd
J75JkUdL8dG2SomflnblpN+UZa7BueoC5IUAirzk54YrG1vdrJySD2PXlwZJ9DAU
rWQm9pPMLXtJ1YrsvxnurphovIwNC59SrJFNd9QchI4r3QPWjnGbIJ1GKwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFITBE2XmiYXaZkjMcTaQKbtZ154ZMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvaE1FVFplYUpoZHBtU014eE5wQXB1MW5YbmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgc1ABHg
AwcBKgc1ARAyAwcAKgc1ARBQAwcAKgc1ARBgAwcAKgc1AhDgAwcAKgc1AhHAAwcA
Kgc1AhIQMA0GCSqGSIb3DQEBCwUAA4IBAQA/K5WAhxW6IH6LUdWp6GPlAEyL+jrg
0bZCLLXNzMYnb9h38WYqjWoo0TAJc0koG3KqVP+MMTtkEmTib6x41xV6n71UYolS
0sgzP8zn+KBPIdIrUXEdhaK8dXpfNhNFPK28LYsWp97fqI9muOAbPdjTXY8zZG84
0N94Pn0TC5ta02ate4P+2/mjSti+eA8xYWDK+M/Sl3lw+hGT0mphCtYKKgM+I4Y2
FEfXeCdBSzkFeDpgUlf39BM+qB8FEAojqwu9ENZdHW1KHVeU0cqKGjbQQ+KklBSA
4Krfrx2UwfOggMxSVDkq1kXVmz6W8Dh5Bxh32DPAxCWhJ7kEFYNlnTq9
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:34:32 2025 by rpki-client