Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130663a363238303a3a2f33302d3330203d3e203437323732.roa
File: 326130663a363238303a3a2f33302d3330203d3e203437323732.roa (raw, json)
Hash identifier: 2jbVZOUDoNMoXBZoS1RrBdq0FK/LoBWlC7VgwQM8n+Y=
Subject key identifier: 51:89:11:6E:D3:B5:F0:26:AF:D5:00:2A:28:21:AE:92:96:3D:F8:F7
Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial: 406650F504F9DE592B03E2D16955D556E95A7A7E
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130663a363238303a3a2f33302d3330203d3e203437323732.roa
Signing time: Sun 22 Jun 2025 04:35:45 +0000
ROA not before: Sun 22 Jun 2025 04:30:45 +0000
ROA not after: Sun 21 Jun 2026 04:35:45 +0000
asID: 47272
IP address blocks: 2a0f:6280::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 28 Jun 2025 08:44:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:66:50:f5:04:f9:de:59:2b:03:e2:d1:69:55:d5:56:e9:5a:7a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Validity
Not Before: Jun 22 04:30:45 2025 GMT
Not After : Jun 21 04:35:45 2026 GMT
Subject: CN=5189116ED3B5F026AFD5002A2821AE92963DF8F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cb:d3:f9:16:e4:b0:0a:b7:bd:f5:4a:6c:f9:
41:af:08:8d:6d:1b:49:f8:c2:76:8d:fe:67:4e:25:
71:37:6d:1a:01:ae:6b:f8:e8:b9:0f:cd:71:d9:32:
9b:a0:c6:61:dc:c2:e6:8e:ba:05:8e:64:d5:c6:1d:
ce:b1:9d:93:41:a5:16:46:0b:be:a8:b5:10:4d:0a:
00:5e:12:f6:7e:67:83:72:f7:1f:30:ef:db:37:18:
f6:bc:62:42:bc:72:ef:0d:a8:bf:2f:bb:43:3e:b6:
b3:d9:c4:0b:8a:61:14:35:82:ef:47:c1:6b:37:68:
d9:c5:11:2f:bb:e1:f0:dd:b1:3b:fb:6f:34:37:45:
97:07:65:66:e2:f1:bc:fe:70:c6:3e:54:1d:1d:87:
7b:51:0d:4c:e1:03:8b:ac:87:bb:59:bb:18:2d:7d:
94:6f:2e:51:09:6e:ed:64:ed:44:5f:0a:9b:b3:fd:
47:71:39:87:0d:b1:1b:dd:6e:5f:36:f8:13:c5:25:
e0:42:4f:45:0d:de:55:b7:6f:43:d9:8e:60:93:fd:
71:48:55:7a:0b:44:8f:96:93:9e:71:81:ef:49:2a:
e0:65:70:5f:59:c3:64:ba:70:a7:92:6e:e7:82:93:
89:20:8c:66:6e:7d:00:cc:c1:80:37:be:df:ef:5a:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:89:11:6E:D3:B5:F0:26:AF:D5:00:2A:28:21:AE:92:96:3D:F8:F7
X509v3 Authority Key Identifier:
keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130663a363238303a3a2f33302d3330203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6280::/30
Signature Algorithm: sha256WithRSAEncryption
3f:c8:b8:63:54:40:82:ca:26:87:50:fb:e0:39:0b:95:34:a3:
48:72:33:7a:0e:ba:29:44:be:8d:98:86:13:14:39:fb:96:be:
35:81:cb:b1:c2:69:46:f0:ab:e6:7c:c2:de:4d:f2:c3:fe:26:
10:9f:53:0e:59:b2:2b:c6:3e:42:c8:65:f2:c8:d7:dc:46:f6:
51:2c:3b:d1:10:ad:c1:11:c4:cf:0e:48:0a:8f:54:52:ce:75:
03:f0:fc:9f:76:73:cc:f3:69:fd:8e:db:2d:dd:39:82:ce:62:
13:61:6a:c7:c3:42:66:01:bd:a6:fe:13:ce:63:9a:c7:ed:05:
3f:11:87:1a:41:50:4f:68:5d:5e:db:4a:80:c8:07:5e:87:d6:
45:19:e8:26:b8:04:24:ef:2d:fb:23:df:0d:d5:29:02:af:ef:
a7:b8:05:11:8c:3a:a3:fa:09:53:f5:4b:b5:2e:39:a8:21:9a:
ad:ce:17:0a:65:4b:44:2c:54:ba:35:b3:f0:bb:bc:85:9c:07:
75:63:93:51:da:1c:a2:ce:11:8d:e3:cf:77:a4:88:e4:f4:57:
c3:0b:34:05:8d:0e:45:ca:e2:3d:42:6e:cd:0d:07:51:6d:16:
f6:d0:e9:33:d7:f7:21:fd:8c:db:2c:91:d4:21:51:87:6e:74:
7a:5f:d4:c0
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUQGZQ9QT53lkrA+LRaVXVVulaen4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA2MjIwNDMwNDVaFw0yNjA2MjEwNDM1NDVaMDMxMTAvBgNV
BAMTKDUxODkxMTZFRDNCNUYwMjZBRkQ1MDAyQTI4MjFBRTkyOTYzREY4RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8y9P5FuSwCre99Ups+UGvCI1t
G0n4wnaN/mdOJXE3bRoBrmv46LkPzXHZMpugxmHcwuaOugWOZNXGHc6xnZNBpRZG
C76otRBNCgBeEvZ+Z4Ny9x8w79s3GPa8YkK8cu8NqL8vu0M+trPZxAuKYRQ1gu9H
wWs3aNnFES+74fDdsTv7bzQ3RZcHZWbi8bz+cMY+VB0dh3tRDUzhA4ush7tZuxgt
fZRvLlEJbu1k7URfCpuz/UdxOYcNsRvdbl82+BPFJeBCT0UN3lW3b0PZjmCT/XFI
VXoLRI+Wk55xge9JKuBlcF9Zw2S6cKeSbueCk4kgjGZufQDMwYA3vt/vWlz7AgMB
AAGjggJsMIICaDAdBgNVHQ4EFgQUUYkRbtO18Cav1QAqKCGukpY9+PcwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt
MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwNjYzYTM2MzIzODMw
M2EzYTJmMzMzMDJkMzMzMDIwM2QzZTIwMzQzNzMyMzczMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAioP
YoAwDQYJKoZIhvcNAQELBQADggEBAD/IuGNUQILKJodQ++A5C5U0o0hyM3oOuilE
vo2YhhMUOfuWvjWBy7HCaUbwq+Z8wt5N8sP+JhCfUw5ZsivGPkLIZfLI19xG9lEs
O9EQrcERxM8OSAqPVFLOdQPw/J92c8zzaf2O2y3dOYLOYhNhasfDQmYBvab+E85j
msftBT8RhxpBUE9oXV7bSoDIB16H1kUZ6Ca4BCTvLfsj3w3VKQKv76e4BRGMOqP6
CVP1S7UuOaghmq3OFwplS0QsVLo1s/C7vIWcB3Vjk1HaHKLOEY3jz3ekiOT0V8ML
NAWNDkXK4j1Cbs0NB1FtFvbQ6TPX9yH9jNsskdQhUYdudHpf1MA=
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:36:55 2025 by rpki-client