Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bOmBXWfIal01J7RcAbF-qwMpq78.roa
File: bOmBXWfIal01J7RcAbF-qwMpq78.roa (raw, json)
Hash identifier: kx9FCmFaw/GmLHk0Ajq7VFLMog+iZrrgdl9NXyzVLo4=
Subject key identifier: 6C:E9:81:5D:67:C8:6A:5D:35:27:B4:5C:01:B1:7E:AB:03:29:AB:BF
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0196400067A8474968D3DBBD2F55E31CD90B
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bOmBXWfIal01J7RcAbF-qwMpq78.roa
Signing time: Wed 16 Apr 2025 19:08:10 +0000
ROA not before: Wed 16 Apr 2025 19:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:f05::/32 maxlen: 32
2a0e:8540::/32 maxlen: 32
2a0f:bb00::/32 maxlen: 32
2a11:4344::/32 maxlen: 32
2a11:7884::/32 maxlen: 32
2a11:8501::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Apr 2025 12:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:40:00:67:a8:47:49:68:d3:db:bd:2f:55:e3:1c:d9:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 16 19:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ce9815d67c86a5d3527b45c01b17eab0329abbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:ea:6d:b5:f0:ba:7a:c9:4c:5c:47:07:60:
0a:81:c0:2e:8b:bf:43:cc:df:e1:8e:17:dc:b2:20:
4c:51:81:99:43:9d:be:f1:35:6d:14:80:8c:3a:ab:
5b:e8:7c:98:95:52:e8:4e:d0:fd:e4:52:b6:45:41:
1c:3e:18:1a:e4:a0:e4:4b:7a:f3:d9:2f:dd:ad:af:
b2:13:75:a5:fa:67:c5:1b:25:47:66:c6:ff:e9:f0:
44:3e:32:93:1f:cc:cf:b2:d2:cb:c4:7e:be:c7:34:
6a:75:ef:da:c8:32:cb:11:0a:ac:0f:02:4e:23:85:
10:33:e5:80:0e:9f:14:e7:54:b0:f6:e2:cb:72:a3:
44:f4:e2:4a:d6:7b:3b:5f:e0:92:ca:1f:18:34:13:
1c:11:71:7a:63:5a:93:c9:d5:cf:b9:a8:76:4d:07:
d3:54:5b:92:20:03:45:be:da:32:7f:e3:61:57:43:
3d:68:8c:e0:fe:09:35:f3:da:5b:e7:e3:e1:a1:ae:
d7:9e:9a:84:ff:d3:a9:7b:c6:3d:5b:d7:53:41:1e:
bc:67:2a:a7:26:13:68:6f:5a:6b:5e:18:fa:0f:3c:
20:11:0d:b4:db:37:b1:c9:57:82:06:d4:38:50:1d:
64:4d:d3:54:45:f7:2a:63:22:05:30:62:31:5c:fc:
18:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E9:81:5D:67:C8:6A:5D:35:27:B4:5C:01:B1:7E:AB:03:29:AB:BF
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bOmBXWfIal01J7RcAbF-qwMpq78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f05::/32
2a0e:8540::/32
2a0f:bb00::/32
2a11:4344::/32
2a11:7884::/32
2a11:8501::/32
Signature Algorithm: sha256WithRSAEncryption
7f:2f:d1:5b:56:50:1b:11:2e:49:2a:52:03:47:7a:c0:da:08:
4f:50:63:48:e2:a8:0f:46:d4:a7:55:c6:01:3e:7b:51:c8:0b:
f4:77:b0:f6:16:c7:e7:05:16:c3:ce:92:5c:6f:4c:95:07:87:
f9:3f:9a:92:2a:06:94:8a:85:a8:23:4e:eb:08:14:8d:b9:50:
b7:8b:79:77:e5:98:ea:fc:63:68:bb:a8:c7:e8:c6:cb:aa:51:
ac:63:21:54:19:40:32:71:04:d4:14:cf:7e:88:4e:32:f7:8f:
3c:50:f6:ac:87:85:83:fa:a3:11:d8:08:41:4f:02:c0:94:19:
d0:1a:b8:1d:45:fd:39:cb:7f:84:ac:07:bd:cb:01:84:87:a2:
92:63:91:a8:2d:ff:db:fa:af:13:a8:57:31:45:96:02:45:ec:
34:1a:db:76:fd:f1:b8:f8:9e:a4:f0:a6:0c:bb:61:18:8b:f5:
bf:c8:9c:41:f6:2c:e6:f9:ec:cc:7b:a5:48:5c:9c:b4:a0:9a:
56:3b:53:20:84:e7:92:2e:dd:fd:df:14:fe:5d:39:38:8e:a7:
7d:97:0d:21:eb:a0:89:14:8d:90:b5:08:f4:1c:44:83:32:49:
20:39:90:18:e5:6d:18:5a:c4:42:7d:9c:ab:84:67:c8:00:0a:
fc:b5:37:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZAAGeoR0lo09u9L1XjHNkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDE2MTkwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2U5ODE1ZDY3Yzg2YTVkMzUyN2I0NWMwMWIxN2VhYjAzMjlhYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/DqbbXwunrJTFxHB2AKgcAui79D
zN/hjhfcsiBMUYGZQ52+8TVtFICMOqtb6HyYlVLoTtD95FK2RUEcPhga5KDkS3rz
2S/dra+yE3Wl+mfFGyVHZsb/6fBEPjKTH8zPstLLxH6+xzRqde/ayDLLEQqsDwJO
I4UQM+WADp8U51Sw9uLLcqNE9OJK1ns7X+CSyh8YNBMcEXF6Y1qTydXPuah2TQfT
VFuSIANFvtoyf+NhV0M9aIzg/gk189pb5+Phoa7XnpqE/9Ope8Y9W9dTQR68Zyqn
JhNob1prXhj6DzwgEQ202zexyVeCBtQ4UB1kTdNURfcqYyIFMGIxXPwY9QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGzpgV1nyGpdNSe0XAGxfqsDKau/MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvYk9tQlhXZklhbDAxSjdSY0FiRi1xd01wcTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKg4PBQMF
ACoOhUADBQAqD7sAAwUAKhFDRAMFACoReIQDBQAqEYUBMA0GCSqGSIb3DQEBCwUA
A4IBAQB/L9FbVlAbES5JKlIDR3rA2ghPUGNI4qgPRtSnVcYBPntRyAv0d7D2Fsfn
BRbDzpJcb0yVB4f5P5qSKgaUioWoI07rCBSNuVC3i3l35Zjq/GNou6jH6MbLqlGs
YyFUGUAycQTUFM9+iE4y9488UPash4WD+qMR2AhBTwLAlBnQGrgdRf05y3+ErAe9
ywGEh6KSY5GoLf/b+q8TqFcxRZYCRew0Gtt2/fG4+J6k8KYMu2EYi/W/yJxB9izm
+ezMe6VIXJy0oJpWO1MghOeSLt393xT+XTk4jqd9lw0h66CJFI2QtQj0HESDMkkg
OZAY5W0YWsRCfZyrhGfIAAr8tTcC
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:36:36 2025 by rpki-client