Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/WklIp3hfI1HzTHDkoGFks_JbMbk.roa
File: WklIp3hfI1HzTHDkoGFks_JbMbk.roa (raw, json)
Hash identifier: xB951qxbd7olAr14K1W5wjtzX0NDh6MEYCdjwFE2jGY=
Subject key identifier: 5A:49:48:A7:78:5F:23:51:F3:4C:70:E4:A0:61:64:B3:F2:5B:31:B9
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195DE5B72850834B237642C5AA49022F2B3
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/WklIp3hfI1HzTHDkoGFks_JbMbk.roa
Signing time: Fri 28 Mar 2025 20:04:49 +0000
ROA not before: Fri 28 Mar 2025 20:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:c445::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:de:5b:72:85:08:34:b2:37:64:2c:5a:a4:90:22:f2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 28 20:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a4948a7785f2351f34c70e4a06164b3f25b31b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:e3:b7:fd:3b:e3:9d:f2:a7:2d:5b:e1:b2:
96:76:ca:e1:46:4e:72:c2:4b:52:79:bd:ce:7c:93:
d4:db:53:1e:8c:52:44:5a:ab:09:2c:67:88:c8:97:
9f:6a:a2:31:02:b8:9c:a4:7f:7b:6b:52:eb:44:b0:
f9:23:56:6f:78:f2:85:fc:d7:0c:e3:96:66:f8:3b:
be:02:f9:e2:3a:3e:2b:80:c9:fc:6d:19:46:c7:1b:
78:c2:ab:b9:9a:3c:c1:9d:37:05:c7:a1:5c:b2:b7:
3c:62:13:8b:4b:7e:c6:5f:cd:df:b3:46:61:dd:cc:
57:59:d6:e1:01:13:55:46:3e:ee:0e:de:a5:f3:7f:
d7:21:74:15:20:0a:c7:27:e7:13:50:36:14:c9:8f:
0b:54:53:68:85:33:9d:7d:40:fd:29:7c:02:2b:b3:
c3:d9:7d:b3:a8:26:28:7d:01:68:01:70:f4:f1:78:
fe:da:a6:0f:66:cf:5d:1e:03:dd:38:89:a0:2c:34:
39:94:18:51:7d:e7:92:c1:8d:5f:01:4b:1e:ed:ec:
50:5c:ac:e6:9e:5e:6c:99:fa:b0:c3:1f:fa:2b:08:
2f:10:34:fd:3d:38:1d:0f:2d:71:32:95:5e:55:b0:
8d:5f:30:4e:f7:7c:e9:e1:b3:1f:57:10:f3:75:f4:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:49:48:A7:78:5F:23:51:F3:4C:70:E4:A0:61:64:B3:F2:5B:31:B9
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/WklIp3hfI1HzTHDkoGFks_JbMbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c445::/32
Signature Algorithm: sha256WithRSAEncryption
67:2e:1e:78:e6:e5:ec:e3:e6:79:67:15:36:94:49:75:6c:10:
b4:71:b5:b2:13:bd:b3:1d:45:0b:d4:cd:72:ca:fc:02:1b:1b:
4d:02:40:bd:01:e8:ba:11:52:3a:ef:70:50:ff:fa:2c:92:45:
f1:4e:52:00:25:24:b4:be:c4:af:b7:8b:31:4d:91:df:e3:ca:
c2:bd:7f:a0:a0:56:12:60:64:e6:4e:62:19:ae:a2:d2:6b:26:
e8:4a:80:f6:fa:03:3f:25:8b:a8:0b:5e:c3:5a:73:99:44:59:
a8:40:ba:e4:af:02:98:a8:c7:d6:34:5b:12:d5:1d:34:e0:3d:
6e:3c:f8:c5:f1:75:de:e0:db:0e:0a:e8:2d:ff:e6:92:25:c0:
3a:a6:58:d9:57:19:d0:ba:b5:f4:35:89:ed:b5:a2:12:6d:b1:
61:5f:fe:36:fb:b6:59:fc:f6:57:9a:24:60:5a:6c:09:04:25:
86:85:95:bc:c9:79:25:e9:2c:59:e0:0b:9e:07:91:6d:a8:42:
a0:f3:41:94:b0:8e:7b:09:ea:ce:37:bf:69:b9:01:b3:8c:b8:
52:0d:b0:2c:30:94:a2:6a:a8:aa:ab:5b:92:e3:7b:ae:47:df:
81:a2:ad:21:8e:3f:6c:a0:a7:11:bc:25:b0:20:32:9c:89:67:
cd:ac:43:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXeW3KFCDSyN2QsWqSQIvKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMzI4MjAwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQ5NDhhNzc4NWYyMzUxZjM0YzcwZTRhMDYxNjRiM2YyNWIzMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZjjt/07453ypy1b4bKWdsrhRk5y
wktSeb3OfJPU21MejFJEWqsJLGeIyJefaqIxAricpH97a1LrRLD5I1ZvePKF/NcM
45Zm+Du+AvniOj4rgMn8bRlGxxt4wqu5mjzBnTcFx6Fcsrc8YhOLS37GX83fs0Zh
3cxXWdbhARNVRj7uDt6l83/XIXQVIArHJ+cTUDYUyY8LVFNohTOdfUD9KXwCK7PD
2X2zqCYofQFoAXD08Xj+2qYPZs9dHgPdOImgLDQ5lBhRfeeSwY1fAUse7exQXKzm
nl5smfqwwx/6KwgvEDT9PTgdDy1xMpVeVbCNXzBO93zp4bMfVxDzdfSQQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFpJSKd4XyNR80xw5KBhZLPyWzG5MB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvV2tsSXAzaGZJMUh6VEhEa29HRmtzX0piTWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHERTAN
BgkqhkiG9w0BAQsFAAOCAQEAZy4eeObl7OPmeWcVNpRJdWwQtHG1shO9sx1FC9TN
csr8AhsbTQJAvQHouhFSOu9wUP/6LJJF8U5SACUktL7Er7eLMU2R3+PKwr1/oKBW
EmBk5k5iGa6i0msm6EqA9voDPyWLqAtew1pzmURZqEC65K8CmKjH1jRbEtUdNOA9
bjz4xfF13uDbDgroLf/mkiXAOqZY2VcZ0Lq19DWJ7bWiEm2xYV/+Nvu2Wfz2V5ok
YFpsCQQlhoWVvMl5JeksWeALngeRbahCoPNBlLCOewnqzje/abkBs4y4Ug2wLDCU
omqoqqtbkuN7rkffgaKtIY4/bKCnEbwlsCAynIlnzaxDpg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:27:28 2025 by rpki-client