Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/dSQ3igvhn5bJXg58R3rwmxZpb_Q.roa
File: dSQ3igvhn5bJXg58R3rwmxZpb_Q.roa (raw, json)
Hash identifier: 8bBKh2UjIWtO5a0BHmN9k3gtNDVVlzYh847JK1BrTOc=
Subject key identifier: 75:24:37:8A:0B:E1:9F:96:C9:5E:0E:7C:47:7A:F0:9B:16:69:6F:F4
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0196E9F417F79761264971113CC55DF1421D
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/dSQ3igvhn5bJXg58R3rwmxZpb_Q.roa
Signing time: Mon 19 May 2025 19:10:10 +0000
ROA not before: Mon 19 May 2025 19:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0e:f06::/32 maxlen: 32
2a0e:67c7::/32 maxlen: 32
2a0e:8544::/32 maxlen: 32
2a11:3185::/32 maxlen: 32
2a11:7881::/32 maxlen: 32
2a11:b685::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 May 2025 16:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:f4:17:f7:97:61:26:49:71:11:3c:c5:5d:f1:42:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: May 19 19:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7524378a0be19f96c95e0e7c477af09b16696ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:b1:55:76:f7:cc:40:72:4e:c2:ec:cc:45:
6e:d2:ea:a3:65:3a:97:6a:85:7e:d3:4f:c1:86:8d:
ca:64:f8:19:74:d8:da:43:dd:4c:b0:73:10:5f:d9:
c4:dd:0f:2f:31:ef:08:fa:85:b1:d1:86:23:00:52:
0c:f8:86:9d:f1:c9:6c:5d:cf:1c:f0:be:35:ed:53:
1a:6c:b4:96:cb:a7:f7:ee:5e:cb:6b:cf:ca:4f:c8:
ff:74:02:61:4e:7c:bf:7a:46:e4:55:90:9a:64:13:
c7:e3:41:06:07:fc:0c:13:b8:79:13:73:3d:2a:6b:
10:0d:52:f7:0f:ba:6e:48:59:5c:b9:29:6b:f8:ce:
9f:2f:80:f6:57:12:d0:37:68:52:a5:7e:f4:4e:ee:
45:c2:e5:f0:13:93:b4:8b:98:00:b6:98:a3:05:06:
37:a8:af:fa:47:7a:62:a0:a3:d0:57:b1:14:fb:c6:
76:78:25:c6:cb:0c:ac:f9:12:b5:c9:8d:e9:4f:a6:
53:44:04:e0:ec:05:85:d0:e6:e2:6c:62:dd:d4:0f:
fa:dc:0f:78:1f:69:9b:00:14:d2:95:b7:58:f2:66:
15:b0:57:15:eb:cf:45:4c:03:77:c9:00:75:4c:ab:
be:85:6a:46:82:35:2e:b6:26:17:55:66:cd:01:1f:
b9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:24:37:8A:0B:E1:9F:96:C9:5E:0E:7C:47:7A:F0:9B:16:69:6F:F4
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/dSQ3igvhn5bJXg58R3rwmxZpb_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f06::/32
2a0e:67c7::/32
2a0e:8544::/32
2a11:3185::/32
2a11:7881::/32
2a11:b685::/32
Signature Algorithm: sha256WithRSAEncryption
a4:75:e4:d0:58:c5:07:c3:cf:a1:ff:23:a1:43:d9:19:53:29:
be:92:6a:c2:f5:02:e1:c2:45:68:6f:9f:7a:19:d0:09:36:10:
11:96:f0:90:36:32:8d:6c:d9:84:80:69:a6:c4:53:d6:bb:6c:
e9:4e:0e:77:09:54:ae:b7:23:00:69:c7:dd:f6:82:96:39:75:
7e:1b:53:c6:96:da:77:25:1a:00:fc:ec:d9:b4:8d:fe:af:87:
78:70:4a:11:91:31:e6:b5:03:bd:94:5e:35:d2:6b:0d:2b:80:
c6:51:5b:2a:2c:28:9d:cc:73:9b:cf:d8:89:46:64:58:d1:ea:
bc:70:9b:65:3b:19:96:3f:7f:af:b0:fc:cf:5c:34:cc:d9:72:
a4:0c:4a:c0:11:ce:05:88:31:76:3e:93:b1:ff:ee:d4:d7:2c:
12:25:3d:09:71:4b:e0:60:81:6e:dc:9c:54:87:7b:cc:d8:c0:
b4:9c:b6:db:3c:0f:59:f7:d4:71:45:d3:8e:6c:8e:6c:50:3c:
a3:e8:d8:a2:b4:8d:45:28:95:c7:c9:88:2e:af:29:52:99:8d:
bb:e2:c2:d1:1d:dd:5a:61:3a:aa:68:d2:e7:67:4c:12:30:f9:
77:69:41:3d:11:7d:6c:1f:82:db:52:31:e6:61:be:4f:2b:c5:
31:e7:cb:ab
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZbp9Bf3l2EmSXERPMVd8UIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNTE5MTkxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI0Mzc4YTBiZTE5Zjk2Yzk1ZTBlN2M0NzdhZjA5YjE2Njk2ZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlqxVXb3zEByTsLszEVu0uqjZTqX
aoV+00/Bho3KZPgZdNjaQ91MsHMQX9nE3Q8vMe8I+oWx0YYjAFIM+Iad8clsXc8c
8L417VMabLSWy6f37l7La8/KT8j/dAJhTny/ekbkVZCaZBPH40EGB/wME7h5E3M9
KmsQDVL3D7puSFlcuSlr+M6fL4D2VxLQN2hSpX70Tu5FwuXwE5O0i5gAtpijBQY3
qK/6R3pioKPQV7EU+8Z2eCXGywys+RK1yY3pT6ZTRATg7AWF0ObibGLd1A/63A94
H2mbABTSlbdY8mYVsFcV689FTAN3yQB1TKu+hWpGgjUutiYXVWbNAR+5/wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHUkN4oL4Z+WyV4OfEd68JsWaW/0MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvZFNRM2lndmhuNWJKWGc1OFIzcndteFpwYl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKg4PBgMF
ACoOZ8cDBQAqDoVEAwUAKhExhQMFACoReIEDBQAqEbaFMA0GCSqGSIb3DQEBCwUA
A4IBAQCkdeTQWMUHw8+h/yOhQ9kZUym+kmrC9QLhwkVob596GdAJNhARlvCQNjKN
bNmEgGmmxFPWu2zpTg53CVSutyMAacfd9oKWOXV+G1PGltp3JRoA/OzZtI3+r4d4
cEoRkTHmtQO9lF410msNK4DGUVsqLCidzHObz9iJRmRY0eq8cJtlOxmWP3+vsPzP
XDTM2XKkDErAEc4FiDF2PpOx/+7U1ywSJT0JcUvgYIFu3JxUh3vM2MC0nLbbPA9Z
99RxRdOObI5sUDyj6NiitI1FKJXHyYgurylSmY274sLRHd1aYTqqaNLnZ0wSMPl3
aUE9EX1sH4LbUjHmYb5PK8Ux58ur
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:50:05 2025 by rpki-client