Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vFKu293jx_EbbfJHc4-Xb7Qh1Fo.roa
File: vFKu293jx_EbbfJHc4-Xb7Qh1Fo.roa (raw, json)
Hash identifier: pT2Mc0AZGTWZD1LeirSptPMud8IouQPKZMnF1BKXomo=
Subject key identifier: BC:52:AE:DB:DD:E3:C7:F1:1B:6D:F2:47:73:8F:97:6F:B4:21:D4:5A
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195CEE2E16318B6BD5B95B8F2CB980ED26D
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vFKu293jx_EbbfJHc4-Xb7Qh1Fo.roa
Signing time: Tue 25 Mar 2025 19:58:50 +0000
ROA not before: Tue 25 Mar 2025 19:58:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:13c3::/32 maxlen: 32
2a0f:bb02::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:e2:e1:63:18:b6:bd:5b:95:b8:f2:cb:98:0e:d2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 25 19:58:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc52aedbdde3c7f11b6df247738f976fb421d45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a6:51:88:25:10:04:2d:df:00:e6:c4:24:3f:
0a:77:e8:94:7e:e6:c2:25:6f:64:d2:df:74:c6:c2:
f3:8f:2b:3d:f9:af:ba:29:23:57:5b:ae:33:a7:73:
18:4b:f2:20:03:06:46:77:d8:ef:cf:d9:ef:8e:04:
ee:e8:6c:56:f1:14:9a:34:39:93:be:8e:14:67:13:
76:cb:d7:c3:32:82:fc:4d:ff:95:aa:dd:dd:99:26:
e7:0e:4f:5c:09:30:76:17:53:b8:bd:d0:6e:b8:9d:
53:33:91:5b:18:cb:f0:04:be:96:b5:b3:9f:0f:7a:
d2:b5:a2:97:2b:91:19:99:f9:66:53:51:33:8e:63:
75:97:60:aa:c4:e0:ba:e8:71:16:03:ef:1e:fd:42:
65:6d:88:b1:1b:f1:04:0e:1c:fd:26:d5:b3:a4:04:
4a:15:a9:0b:73:22:ad:08:c3:e0:e8:d2:ce:ce:2c:
62:41:c7:61:39:f5:77:21:4d:68:f4:2f:1d:af:94:
aa:2d:0b:b4:ba:87:14:6f:53:9c:71:1f:6b:b5:1c:
1c:68:89:ac:23:41:e3:3b:5f:03:9b:f9:b2:01:8b:
0a:a8:ab:2b:93:75:58:ac:34:ca:89:52:f2:70:e2:
3f:bd:38:e0:60:39:34:9e:9f:d5:e2:9b:75:a5:55:
33:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:52:AE:DB:DD:E3:C7:F1:1B:6D:F2:47:73:8F:97:6F:B4:21:D4:5A
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/vFKu293jx_EbbfJHc4-Xb7Qh1Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c3::/32
2a0f:bb02::/32
Signature Algorithm: sha256WithRSAEncryption
80:51:a1:c9:5f:0e:2f:a9:2e:30:64:07:f8:ef:ef:ea:fb:c3:
e4:da:4b:9d:04:43:96:55:4e:16:fd:9b:c8:58:9d:66:a8:5c:
af:18:3d:67:49:1b:03:f7:0f:6e:23:90:81:da:83:a2:73:93:
dc:0c:ad:20:d6:62:c2:38:fc:2d:89:53:cb:e2:1a:18:64:b0:
52:18:73:86:6c:ea:40:01:72:c8:07:3d:86:a2:01:6d:df:af:
72:1d:23:ac:d7:a1:45:43:6c:60:a0:d1:3d:52:0e:ba:b6:bc:
08:b6:67:d0:2f:ac:a3:ea:4e:00:fc:b0:aa:e8:1e:f7:90:74:
6e:fd:f3:a6:e8:2c:0f:f6:a8:ff:3b:ff:aa:fe:21:aa:c9:20:
96:8e:7e:ab:83:bb:d5:54:7d:40:fc:07:82:14:b1:74:61:bb:
cc:70:04:57:ac:83:a8:cb:e1:16:e9:7d:be:f7:1f:41:47:c6:
1e:30:52:20:48:9f:28:2e:3a:01:ed:12:13:d2:78:f1:3b:31:
d4:33:75:f8:f9:b1:36:b8:ae:0e:5a:84:a6:5e:3a:5f:a0:93:
9b:b8:09:71:78:f0:81:e8:80:7a:8f:3e:3c:30:59:9b:8f:7e:
ce:fb:2b:43:ff:84:c3:41:71:fd:8b:51:b6:71:db:bb:f9:18:
75:d7:89:5c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZXO4uFjGLa9W5W48suYDtJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMzI1MTk1ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUyYWVkYmRkZTNjN2YxMWI2ZGYyNDc3MzhmOTc2ZmI0MjFkNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKZRiCUQBC3fAObEJD8Kd+iUfubC
JW9k0t90xsLzjys9+a+6KSNXW64zp3MYS/IgAwZGd9jvz9nvjgTu6GxW8RSaNDmT
vo4UZxN2y9fDMoL8Tf+Vqt3dmSbnDk9cCTB2F1O4vdBuuJ1TM5FbGMvwBL6WtbOf
D3rStaKXK5EZmflmU1EzjmN1l2CqxOC66HEWA+8e/UJlbYixG/EEDhz9JtWzpARK
FakLcyKtCMPg6NLOzixiQcdhOfV3IU1o9C8dr5SqLQu0uocUb1OccR9rtRwcaIms
I0HjO18Dm/myAYsKqKsrk3VYrDTKiVLycOI/vTjgYDk0np/V4pt1pVUzVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLxSrtvd48fxG23yR3OPl2+0IdRaMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvdkZLdTI5M2p4X0ViYmZKSGM0LVhiN1FoMUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg4TwwMF
ACoPuwIwDQYJKoZIhvcNAQELBQADggEBAIBRoclfDi+pLjBkB/jv7+r7w+TaS50E
Q5ZVThb9m8hYnWaoXK8YPWdJGwP3D24jkIHag6Jzk9wMrSDWYsI4/C2JU8viGhhk
sFIYc4Zs6kABcsgHPYaiAW3fr3IdI6zXoUVDbGCg0T1SDrq2vAi2Z9AvrKPqTgD8
sKroHveQdG7986boLA/2qP87/6r+IarJIJaOfquDu9VUfUD8B4IUsXRhu8xwBFes
g6jL4Rbpfb73H0FHxh4wUiBInyguOgHtEhPSePE7MdQzdfj5sTa4rg5ahKZeOl+g
k5u4CXF48IHogHqPPjwwWZuPfs77K0P/hMNBcf2LUbZx27v5GHXXiVw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:45:07 2025 by rpki-client