Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/nyXEgE4m-kUbJK4sDsCgYx9pPTw.roa
File: nyXEgE4m-kUbJK4sDsCgYx9pPTw.roa (raw, json)
Hash identifier: BZ6HQc+nzwhl/0bJCWWvjyttTTKS/OnYW+3L4p/EtXI=
Subject key identifier: 9F:25:C4:80:4E:26:FA:45:1B:24:AE:2C:0E:C0:A0:63:1F:69:3D:3C
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01963FFF7D84AD723FF891DAD21985A9ACE7
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/nyXEgE4m-kUbJK4sDsCgYx9pPTw.roa
Signing time: Wed 16 Apr 2025 19:07:10 +0000
ROA not before: Wed 16 Apr 2025 19:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:f02::/32 maxlen: 32
2a0e:8543::/32 maxlen: 32
2a0f:bb07::/32 maxlen: 32
2a11:3187::/32 maxlen: 32
2a11:6341::/32 maxlen: 32
2a11:7886::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Apr 2025 12:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ff:7d:84:ad:72:3f:f8:91:da:d2:19:85:a9:ac:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 16 19:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f25c4804e26fa451b24ae2c0ec0a0631f693d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d4:96:61:d1:b6:1a:04:f5:b7:3b:71:44:bd:
06:a0:f9:40:f0:a5:43:10:61:dd:bd:58:82:9d:47:
81:26:00:d0:71:2e:a1:6b:81:62:fc:5f:d7:a7:96:
4f:7c:11:93:c8:e4:52:dd:75:77:21:96:da:24:75:
bc:7c:b8:4a:73:0e:45:88:15:24:f7:a4:d9:98:31:
a2:a9:f8:ab:9f:39:01:db:c2:a1:f5:ff:c1:13:88:
7f:9b:9e:85:6e:b0:36:b7:3e:30:a4:f3:31:ea:07:
aa:ed:88:3d:f3:59:78:c1:c6:65:72:bf:0b:a3:0d:
4a:b7:ae:42:e7:2a:32:f8:a4:2e:54:80:43:76:8f:
3f:fc:2e:28:c9:03:ec:f1:e5:b2:ae:5e:40:89:ae:
3e:4c:8b:ce:14:20:73:ff:fb:f1:4f:2d:af:dc:07:
f6:5f:15:50:c7:45:01:7c:c0:96:02:33:21:7e:6b:
6d:61:f7:7b:8c:ce:b5:34:82:f7:16:4c:8c:20:84:
98:92:be:62:8e:61:3a:d5:ca:9d:ba:53:2e:77:a9:
17:68:ad:71:d0:6c:57:71:9f:aa:0b:46:82:40:93:
a1:a5:ab:d8:a0:f9:0e:9b:9f:1b:53:94:32:fc:cc:
b4:56:d6:a3:41:5c:f9:7e:70:46:bb:56:b6:57:e4:
08:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:25:C4:80:4E:26:FA:45:1B:24:AE:2C:0E:C0:A0:63:1F:69:3D:3C
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/nyXEgE4m-kUbJK4sDsCgYx9pPTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f02::/32
2a0e:8543::/32
2a0f:bb07::/32
2a11:3187::/32
2a11:6341::/32
2a11:7886::/32
Signature Algorithm: sha256WithRSAEncryption
29:14:39:fa:25:c4:11:4e:80:22:33:b8:e6:64:13:b5:7a:1a:
d6:fc:18:6f:07:54:16:a5:c0:06:87:23:a7:a0:b2:68:57:13:
be:7c:bb:fd:0c:24:3b:5d:5c:f6:04:6b:51:80:57:34:32:3a:
ca:97:88:08:45:c6:81:e6:9a:cf:92:cc:5e:9c:48:4c:94:46:
40:7a:18:c6:f9:04:de:c7:3f:dd:a7:40:d4:26:d5:88:8a:a2:
1e:5c:a0:64:b1:3a:37:f8:dc:be:58:36:40:a7:cf:f2:ae:69:
7f:1e:7a:fb:0c:83:96:4e:ad:9c:8b:1e:8c:3c:4c:34:1c:37:
f5:1b:11:49:d1:e1:04:2f:40:72:40:3f:45:1b:25:05:95:36:
e1:f0:b7:01:6d:31:9a:47:38:2d:7a:bd:48:0a:17:d9:9d:54:
d6:9c:b9:52:7d:40:67:39:00:34:fb:af:27:55:ff:10:46:a2:
17:e0:69:e3:92:a4:b8:94:28:3d:85:d9:7c:fc:c2:14:13:15:
c1:df:d2:fd:cb:43:ce:a8:56:16:85:a3:30:02:ee:6e:d4:90:
86:91:fd:1a:3b:6e:c9:ca:3c:1a:64:15:c0:5c:a4:65:17:fa:
ca:e1:86:bb:42:f6:e8:e7:4b:94:de:a6:74:a6:57:c4:6d:82:
d7:7e:a7:68
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZY//32ErXI/+JHa0hmFqaznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDE2MTkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI1YzQ4MDRlMjZmYTQ1MWIyNGFlMmMwZWMwYTA2MzFmNjkzZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldSWYdG2GgT1tztxRL0GoPlA8KVD
EGHdvViCnUeBJgDQcS6ha4Fi/F/Xp5ZPfBGTyORS3XV3IZbaJHW8fLhKcw5FiBUk
96TZmDGiqfirnzkB28Kh9f/BE4h/m56FbrA2tz4wpPMx6geq7Yg981l4wcZlcr8L
ow1Kt65C5yoy+KQuVIBDdo8//C4oyQPs8eWyrl5Aia4+TIvOFCBz//vxTy2v3Af2
XxVQx0UBfMCWAjMhfmttYfd7jM61NIL3FkyMIISYkr5ijmE61cqdulMud6kXaK1x
0GxXcZ+qC0aCQJOhpavYoPkOm58bU5Qy/My0VtajQVz5fnBGu1a2V+QIfQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ8lxIBOJvpFGySuLA7AoGMfaT08MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvbnlYRWdFNG0ta1ViSks0c0RzQ2dZeDlwUFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKg4PAgMF
ACoOhUMDBQAqD7sHAwUAKhExhwMFACoRY0EDBQAqEXiGMA0GCSqGSIb3DQEBCwUA
A4IBAQApFDn6JcQRToAiM7jmZBO1ehrW/BhvB1QWpcAGhyOnoLJoVxO+fLv9DCQ7
XVz2BGtRgFc0MjrKl4gIRcaB5prPksxenEhMlEZAehjG+QTexz/dp0DUJtWIiqIe
XKBksTo3+Ny+WDZAp8/yrml/Hnr7DIOWTq2cix6MPEw0HDf1GxFJ0eEEL0ByQD9F
GyUFlTbh8LcBbTGaRzgter1IChfZnVTWnLlSfUBnOQA0+68nVf8QRqIX4GnjkqS4
lCg9hdl8/MIUExXB39L9y0POqFYWhaMwAu5u1JCGkf0aO27JyjwaZBXAXKRlF/rK
4Ya7Qvbo50uU3qZ0plfEbYLXfqdo
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:42:23 2025 by rpki-client