Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BXC2kHIPoct0S_QH8MQF9_LYd90.roa
File: BXC2kHIPoct0S_QH8MQF9_LYd90.roa (raw, json)
Hash identifier: uMRZyInv75hiL8DtMpsbiSxFig+ejOLyKK1JBjc2VRQ=
Subject key identifier: 05:70:B6:90:72:0F:A1:CB:74:4B:F4:07:F0:C4:05:F7:F2:D8:77:DD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01951922260CB88FC05E3D96AF700BF22E17
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BXC2kHIPoct0S_QH8MQF9_LYd90.roa
Signing time: Tue 18 Feb 2025 12:57:03 +0000
ROA not before: Tue 18 Feb 2025 12:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57753
IP address blocks: 2a01:620::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:09:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:22:26:0c:b8:8f:c0:5e:3d:96:af:70:0b:f2:2e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Feb 18 12:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0570b690720fa1cb744bf407f0c405f7f2d877dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:90:eb:87:ee:b5:d9:70:25:9f:79:fa:2b:61:
c0:43:43:15:43:d2:ea:c0:14:e9:0d:cc:2c:c2:08:
b3:e2:4f:a1:ce:73:0c:2f:36:9d:7d:63:a7:b9:1e:
da:11:f9:0c:87:40:05:55:b6:9d:8d:7b:73:4d:d4:
bf:58:f7:47:c3:18:52:6d:ab:7a:2a:d6:07:84:69:
21:b6:24:1e:83:21:c0:fd:39:64:ee:39:af:ca:c7:
dc:6e:66:cb:4d:9c:8e:16:a0:0d:d4:b1:e3:4c:08:
78:d9:f9:af:41:a0:45:b5:7c:b9:8c:ce:78:96:08:
e5:38:dd:66:ed:65:cf:d0:ff:e0:71:54:e8:e0:f0:
79:47:67:8a:39:e6:62:dc:82:8f:6d:a0:21:5c:8e:
ad:aa:42:3d:94:33:ff:eb:c4:60:43:65:af:6c:07:
47:1b:52:cc:88:23:e2:6a:24:38:08:59:88:6a:35:
ac:cf:aa:07:99:3a:1d:e2:04:f5:e5:f8:c7:ff:5c:
ca:f5:8d:b5:ba:ae:b3:16:cd:43:48:c7:4f:31:08:
03:36:6c:7e:98:42:bc:19:87:80:75:bc:1a:ff:7d:
76:28:43:47:03:04:d5:b6:76:cb:62:b0:f8:2f:86:
6f:e6:d4:87:05:5b:6d:48:44:95:cb:ec:57:98:19:
39:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:70:B6:90:72:0F:A1:CB:74:4B:F4:07:F0:C4:05:F7:F2:D8:77:DD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BXC2kHIPoct0S_QH8MQF9_LYd90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:620::/32
Signature Algorithm: sha256WithRSAEncryption
14:c8:16:b4:d0:77:a8:a0:33:02:25:93:e7:aa:79:b7:26:3f:
92:98:34:51:d8:47:92:5f:58:90:d4:2b:23:31:f9:2a:39:f0:
df:e3:86:9f:d4:07:8e:e2:22:fe:aa:7b:ef:a3:19:57:0a:d0:
21:b1:c6:e9:b3:eb:ee:e2:b6:1f:47:5f:b4:a3:43:20:17:de:
76:62:b4:33:2c:95:f1:33:c8:9e:4a:37:9a:39:d9:76:0a:2f:
14:76:42:d6:f4:84:dc:bb:0a:02:80:8a:ac:34:bb:3c:37:60:
39:2c:5f:b9:d4:14:d9:43:2a:94:40:cd:3e:8d:e0:5f:4d:04:
2c:ec:79:fa:2a:51:c0:be:3b:5d:82:f6:73:4e:75:28:62:e5:
87:bc:d5:ee:1b:19:36:5a:14:56:28:d7:6c:1a:62:86:36:98:
90:bf:26:71:d3:9a:a1:25:54:16:01:90:82:df:c1:80:b5:5e:
a9:c1:50:ea:36:19:ae:82:df:dc:2b:58:27:5e:a7:77:b7:bf:
fa:6a:42:1d:da:b4:db:9b:d9:47:6d:6f:72:65:e4:7a:f5:e8:
d3:df:42:fc:f5:29:dc:ca:be:68:91:5e:6e:d3:00:4d:4d:eb:
68:ce:ed:03:77:c8:69:b4:6c:8d:66:8d:b7:31:e8:fe:a6:73:
22:68:5a:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUZIiYMuI/AXj2Wr3AL8i4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMjE4MTI1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTcwYjY5MDcyMGZhMWNiNzQ0YmY0MDdmMGM0MDVmN2YyZDg3N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5Drh+612XAln3n6K2HAQ0MVQ9Lq
wBTpDcwswgiz4k+hznMMLzadfWOnuR7aEfkMh0AFVbadjXtzTdS/WPdHwxhSbat6
KtYHhGkhtiQegyHA/Tlk7jmvysfcbmbLTZyOFqAN1LHjTAh42fmvQaBFtXy5jM54
lgjlON1m7WXP0P/gcVTo4PB5R2eKOeZi3IKPbaAhXI6tqkI9lDP/68RgQ2WvbAdH
G1LMiCPiaiQ4CFmIajWsz6oHmTod4gT15fjH/1zK9Y21uq6zFs1DSMdPMQgDNmx+
mEK8GYeAdbwa/312KENHAwTVtnbLYrD4L4Zv5tSHBVttSESVy+xXmBk5zQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAVwtpByD6HLdEv0B/DEBffy2HfdMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQlhDMmtISVBvY3QwU19RSDhNUUY5X0xZZDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEGIDAN
BgkqhkiG9w0BAQsFAAOCAQEAFMgWtNB3qKAzAiWT56p5tyY/kpg0UdhHkl9YkNQr
IzH5Kjnw3+OGn9QHjuIi/qp776MZVwrQIbHG6bPr7uK2H0dftKNDIBfedmK0MyyV
8TPInko3mjnZdgovFHZC1vSE3LsKAoCKrDS7PDdgOSxfudQU2UMqlEDNPo3gX00E
LOx5+ipRwL47XYL2c051KGLlh7zV7hsZNloUVijXbBpihjaYkL8mcdOaoSVUFgGQ
gt/BgLVeqcFQ6jYZroLf3CtYJ16nd7e/+mpCHdq025vZR21vcmXkevXo099C/PUp
3Mq+aJFebtMATU3raM7tA3fIabRsjWaNtzHo/qZzImhaiA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:29:18 2025 by rpki-client