Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bSpeIcu-i1IrVrrELZMBOp8tMMQ.roa
File: bSpeIcu-i1IrVrrELZMBOp8tMMQ.roa (raw, json)
Hash identifier: tAz/cEIaE0KF18n8pEIaIyji+s6wNswtGKM1X6cE98c=
Subject key identifier: 6D:2A:5E:21:CB:BE:8B:52:2B:56:BA:C4:2D:93:01:3A:9F:2D:30:C4
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01963FFF7CE318229E7D6AFEB0E28EC7AC30
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bSpeIcu-i1IrVrrELZMBOp8tMMQ.roa
Signing time: Wed 16 Apr 2025 19:07:10 +0000
ROA not before: Wed 16 Apr 2025 19:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 2a0e:67c0::/32 maxlen: 32
2a0e:67c3::/32 maxlen: 32
2a11:643::/32 maxlen: 32
2a11:4341::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Apr 2025 17:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ff:7c:e3:18:22:9e:7d:6a:fe:b0:e2:8e:c7:ac:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 16 19:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d2a5e21cbbe8b522b56bac42d93013a9f2d30c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:17:85:79:7b:d4:29:75:f8:96:30:18:bf:60:
3a:3d:3a:d7:23:f8:2b:2f:67:0e:1a:29:2f:96:10:
71:66:f5:ca:04:66:bf:a1:ef:a1:7a:56:66:47:14:
53:49:34:50:e0:6d:db:db:52:f5:56:fe:b2:8a:ba:
e8:a2:cd:68:55:42:35:bc:64:4f:fa:18:06:6a:89:
ac:19:86:e9:8e:9f:57:db:56:c6:3b:a8:d7:a9:b9:
1c:77:63:47:57:d8:98:df:da:00:3f:e4:8b:45:86:
75:6a:34:96:95:65:35:67:8c:c9:ad:39:47:96:dc:
5a:e5:ea:b9:78:ee:cd:31:57:5e:66:a2:75:ac:ec:
ed:61:67:fe:92:54:00:07:51:d4:b7:15:b4:52:bb:
65:8d:5c:27:bb:23:b8:13:80:61:2a:30:1e:00:a0:
89:a1:c7:e5:ba:98:d0:23:2b:1d:f8:6d:e2:07:08:
35:65:c4:a8:97:d2:77:62:0f:b7:ad:92:c7:55:96:
81:ce:6e:87:32:a6:2a:35:95:67:ee:b9:f8:3c:6d:
9a:ec:e2:bd:94:7f:e2:6d:ee:dd:12:b8:99:7c:5a:
d3:a3:76:0f:44:29:ca:00:1a:56:fd:0a:3b:a7:8c:
26:65:66:e5:4d:2e:6e:32:02:2b:89:1b:10:a3:5e:
29:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2A:5E:21:CB:BE:8B:52:2B:56:BA:C4:2D:93:01:3A:9F:2D:30:C4
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/bSpeIcu-i1IrVrrELZMBOp8tMMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:67c0::/32
2a0e:67c3::/32
2a11:643::/32
2a11:4341::/32
Signature Algorithm: sha256WithRSAEncryption
6d:25:ef:3b:83:11:c2:89:05:5e:3d:76:9f:8d:36:e2:e2:3c:
cf:e7:dc:60:ea:f9:b7:9a:77:9c:e8:74:2c:a6:39:39:f7:02:
7b:e4:6f:0e:66:77:15:d8:ce:15:a8:4c:7e:77:72:99:af:75:
69:b6:c3:58:45:45:80:e1:4b:c9:a0:32:06:39:5e:71:a2:1d:
cc:03:a1:5a:c3:80:eb:0a:b5:42:35:15:9c:80:1b:16:bb:01:
c6:b6:2e:a8:0f:a1:08:a0:9b:97:c2:e1:1a:e1:56:92:f0:d8:
e4:29:2a:37:7f:65:d3:21:c6:50:cb:eb:9b:1b:df:97:88:b9:
39:15:2e:83:28:4a:8d:0a:6c:d9:4a:8a:e3:d9:88:e5:2a:f1:
15:db:47:f8:b5:22:69:1f:02:db:ad:b7:78:4f:cd:f0:b4:ad:
76:93:a0:8f:48:2d:cb:4c:f7:d4:11:27:cd:cb:15:25:0b:ae:
cf:71:01:a9:26:e1:7c:4a:33:88:4d:b4:3c:7f:77:f2:44:9c:
64:8a:ec:92:61:a5:d1:a0:00:4c:23:3c:d0:1d:a2:42:5f:eb:
68:48:bc:0d:80:53:f9:65:71:14:89:10:15:9f:04:b2:50:e6:
44:62:55:72:e5:4f:b3:cb:21:51:57:30:d2:72:62:93:a3:3a:
98:26:03:44
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZY//3zjGCKefWr+sOKOx6wwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDE2MTkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJhNWUyMWNiYmU4YjUyMmI1NmJhYzQyZDkzMDEzYTlmMmQzMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqheFeXvUKXX4ljAYv2A6PTrXI/gr
L2cOGikvlhBxZvXKBGa/oe+helZmRxRTSTRQ4G3b21L1Vv6yirroos1oVUI1vGRP
+hgGaomsGYbpjp9X21bGO6jXqbkcd2NHV9iY39oAP+SLRYZ1ajSWlWU1Z4zJrTlH
ltxa5eq5eO7NMVdeZqJ1rOztYWf+klQAB1HUtxW0UrtljVwnuyO4E4BhKjAeAKCJ
ocflupjQIysd+G3iBwg1ZcSol9J3Yg+3rZLHVZaBzm6HMqYqNZVn7rn4PG2a7OK9
lH/ibe7dEriZfFrTo3YPRCnKABpW/Qo7p4wmZWblTS5uMgIriRsQo14pXwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG0qXiHLvotSK1a6xC2TATqfLTDEMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvYlNwZUljdS1pMUlyVnJyRUxaTUJPcDh0TU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg5nwAMF
ACoOZ8MDBQAqEQZDAwUAKhFDQTANBgkqhkiG9w0BAQsFAAOCAQEAbSXvO4MRwokF
Xj12n4024uI8z+fcYOr5t5p3nOh0LKY5OfcCe+RvDmZ3FdjOFahMfndyma91abbD
WEVFgOFLyaAyBjlecaIdzAOhWsOA6wq1QjUVnIAbFrsBxrYuqA+hCKCbl8LhGuFW
kvDY5CkqN39l0yHGUMvrmxvfl4i5ORUugyhKjQps2UqK49mI5SrxFdtH+LUiaR8C
2623eE/N8LStdpOgj0gty0z31BEnzcsVJQuuz3EBqSbhfEoziE20PH938kScZIrs
kmGl0aAATCM80B2iQl/raEi8DYBT+WVxFIkQFZ8EslDmRGJVcuVPs8shUVcw0nJi
k6M6mCYDRA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:16:19 2025 by rpki-client