Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/5DRB5_opZhFfQ7fkOecbA8CMLl0.roa
File: 5DRB5_opZhFfQ7fkOecbA8CMLl0.roa (raw, json)
Hash identifier: Ql4lw5pVsketXKBBpJUE71bavXLdR3CheULvScCVG1o=
Subject key identifier: E4:34:41:E7:FA:29:66:11:5F:43:B7:E4:39:E7:1B:03:C0:8C:2E:5D
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 019687D95991107538CAFAF8846A6E23633D
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/5DRB5_opZhFfQ7fkOecbA8CMLl0.roa
Signing time: Wed 30 Apr 2025 17:58:10 +0000
ROA not before: Wed 30 Apr 2025 17:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0e:8547::/32 maxlen: 32
2a11:7885::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 01 May 2025 11:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:d9:59:91:10:75:38:ca:fa:f8:84:6a:6e:23:63:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 30 17:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e43441e7fa2966115f43b7e439e71b03c08c2e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:da:75:56:1a:18:d1:b5:73:94:9a:d7:a8:fe:
57:6b:b6:8d:ed:9d:4c:3a:f1:43:18:5b:d3:ff:76:
11:23:61:1b:ff:c8:86:5d:64:bf:28:48:97:f1:9a:
30:4a:a4:fb:ba:73:2d:d0:1e:b2:50:63:9b:c9:b0:
73:f6:9b:d0:91:64:f5:0c:d6:80:13:25:25:aa:21:
bd:3a:2b:21:9d:04:92:68:2e:af:24:ad:39:a7:b3:
e7:39:56:c6:d7:49:f0:00:52:1b:4c:d5:c8:40:70:
76:3a:ed:a0:ee:ff:08:8f:7f:ec:34:b6:90:07:10:
ba:3e:dd:39:e2:92:d5:93:9a:bc:f6:10:0d:25:9a:
64:e4:01:87:14:ff:ad:40:4f:7e:0f:2c:03:68:0f:
55:3b:47:d5:69:9b:f8:6d:f9:78:c5:a8:24:ce:c9:
13:f1:de:8e:71:c1:79:23:cf:6f:fe:0e:68:df:59:
eb:9e:75:c9:03:12:cc:36:37:21:22:8e:3d:6d:7e:
25:3b:14:fa:65:08:78:85:f4:82:5e:27:97:f3:01:
f0:13:3e:38:e4:c0:06:34:0a:cf:0d:80:ae:ef:4c:
c4:2e:d1:d7:f3:18:98:98:aa:8c:b1:2b:4e:b7:9c:
d1:f7:61:10:4a:24:49:53:8d:15:f8:af:a0:0b:65:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:34:41:E7:FA:29:66:11:5F:43:B7:E4:39:E7:1B:03:C0:8C:2E:5D
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/5DRB5_opZhFfQ7fkOecbA8CMLl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8547::/32
2a11:7885::/32
Signature Algorithm: sha256WithRSAEncryption
89:34:f7:79:45:7a:4a:8e:d1:55:bb:b8:d4:87:3b:c7:f4:49:
07:49:87:51:d9:c9:f4:59:30:d7:10:d0:73:9a:40:db:4e:c6:
52:35:c8:65:ef:d3:1e:d0:9c:04:c5:37:5f:fe:f9:a4:9f:48:
d8:25:2a:cd:14:29:07:b8:dc:05:f8:53:f4:e9:e4:fb:40:2a:
55:dd:dd:ae:14:e6:5e:a8:33:b8:8f:04:58:27:e8:ab:ef:61:
f4:9b:0c:79:54:59:42:bd:af:bf:db:ad:cf:e7:39:91:ff:fa:
a5:e9:1e:16:72:11:d5:49:40:13:48:e6:f2:8d:16:a5:14:af:
6e:c0:4d:66:25:eb:ec:66:88:40:1b:65:a1:42:44:05:ae:70:
65:94:4b:59:d3:b4:6b:d1:b8:ee:b8:c4:b4:25:d3:33:ae:80:
d7:8d:9e:29:4a:5f:7e:63:c8:db:3a:b0:97:31:bc:9b:f7:68:
f2:3f:b6:3d:00:ef:0c:1f:df:d8:2a:d4:f3:e2:d7:31:d2:0d:
fb:9c:d0:94:12:89:13:19:36:00:a0:c6:26:ff:d4:74:75:4a:
79:75:81:87:d0:52:54:cc:4d:23:19:0d:0f:6f:c5:f5:ac:94:
ce:0f:de:dd:e6:51:d9:56:e1:1d:c1:21:19:9c:95:61:53:9c:
71:70:7f:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaH2VmREHU4yvr4hGpuI2M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDMwMTc1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM0NDFlN2ZhMjk2NjExNWY0M2I3ZTQzOWU3MWIwM2MwOGMyZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9p1VhoY0bVzlJrXqP5Xa7aN7Z1M
OvFDGFvT/3YRI2Eb/8iGXWS/KEiX8ZowSqT7unMt0B6yUGObybBz9pvQkWT1DNaA
EyUlqiG9OishnQSSaC6vJK05p7PnOVbG10nwAFIbTNXIQHB2Ou2g7v8Ij3/sNLaQ
BxC6Pt054pLVk5q89hANJZpk5AGHFP+tQE9+DywDaA9VO0fVaZv4bfl4xagkzskT
8d6OccF5I89v/g5o31nrnnXJAxLMNjchIo49bX4lOxT6ZQh4hfSCXieX8wHwEz44
5MAGNArPDYCu70zELtHX8xiYmKqMsStOt5zR92EQSiRJU40V+K+gC2W2BwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOQ0Qef6KWYRX0O35DnnGwPAjC5dMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvNURSQjVfb3BaaEZmUTdma09lY2JBOENNTGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg6FRwMF
ACoReIUwDQYJKoZIhvcNAQELBQADggEBAIk093lFekqO0VW7uNSHO8f0SQdJh1HZ
yfRZMNcQ0HOaQNtOxlI1yGXv0x7QnATFN1/++aSfSNglKs0UKQe43AX4U/Tp5PtA
KlXd3a4U5l6oM7iPBFgn6KvvYfSbDHlUWUK9r7/brc/nOZH/+qXpHhZyEdVJQBNI
5vKNFqUUr27ATWYl6+xmiEAbZaFCRAWucGWUS1nTtGvRuO64xLQl0zOugNeNnilK
X35jyNs6sJcxvJv3aPI/tj0A7wwf39gq1PPi1zHSDfuc0JQSiRMZNgCgxib/1HR1
Snl1gYfQUlTMTSMZDQ9vxfWslM4P3t3mUdlW4R3BIRmclWFTnHFwf4E=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:32:39 2025 by rpki-client