Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/hnhMqlv4XuVuh2IQFyITTot4fGg.roa
File: hnhMqlv4XuVuh2IQFyITTot4fGg.roa (raw, json)
Hash identifier: ajvYPjKyhU9k32qec1FqJLIwVh+F8rHWzz7NLuNf/TI=
Subject key identifier: 86:78:4C:AA:5B:F8:5E:E5:6E:87:62:10:17:22:13:4E:8B:78:7C:68
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019687D699FC6BA8B0521E3775E211958D62
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/hnhMqlv4XuVuh2IQFyITTot4fGg.roa
Signing time: Wed 30 Apr 2025 17:55:10 +0000
ROA not before: Wed 30 Apr 2025 17:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0a:c0c4::/32 maxlen: 32
2a0e:c4c3::/32 maxlen: 32
2a11:6bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 May 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:d6:99:fc:6b:a8:b0:52:1e:37:75:e2:11:95:8d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 30 17:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86784caa5bf85ee56e8762101722134e8b787c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:f7:c9:62:b3:91:f3:fa:6d:60:11:56:a9:
dd:bc:ed:ab:fe:f1:b8:8c:60:72:1c:bd:d7:28:dc:
91:f8:33:c9:f6:60:43:bf:4a:8d:7a:96:a4:6a:3b:
25:15:f8:9e:f0:2b:6c:80:b3:d6:f2:65:86:73:16:
72:b4:10:cc:f8:60:4b:e3:1e:4d:07:55:db:22:7a:
95:8d:fd:0b:2d:f8:9d:d5:ba:ff:8f:2c:67:33:0c:
b4:5c:ae:08:1e:f1:27:35:89:11:26:b2:e9:64:bb:
87:e7:d7:b5:84:a1:00:b0:13:53:e9:a8:36:9d:b4:
31:5a:e9:3c:3e:45:ea:cc:37:d8:f9:19:7c:bc:e8:
63:6c:bf:31:d8:67:d6:c6:17:ba:84:3b:70:fa:02:
e0:d6:28:eb:9e:d2:0d:3b:4a:6a:e7:e5:73:7c:66:
a1:2d:80:8c:4f:bb:8a:5d:24:98:61:13:ea:24:42:
af:fc:19:b4:0f:3f:0a:fb:39:83:6d:d5:83:e3:d0:
0c:d0:62:2c:43:5b:cb:05:78:6e:3e:76:f6:54:bb:
de:24:26:db:b0:9c:42:7a:96:29:4a:72:95:63:24:
3c:b5:49:8f:e3:ef:1c:79:ff:ae:4a:59:c5:08:35:
55:09:85:b3:d6:27:a0:c5:b3:40:eb:c8:75:a8:44:
0a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:78:4C:AA:5B:F8:5E:E5:6E:87:62:10:17:22:13:4E:8B:78:7C:68
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/hnhMqlv4XuVuh2IQFyITTot4fGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c0c4::/32
2a0e:c4c3::/32
2a11:6bc0::/32
Signature Algorithm: sha256WithRSAEncryption
00:2b:aa:49:59:13:25:3b:ed:70:a3:48:4a:6f:13:43:0c:a3:
ae:92:22:d1:c2:1f:43:f2:51:88:fb:ca:9b:b6:12:f5:94:30:
b9:a2:72:d6:6c:46:02:44:a0:fc:08:2b:fd:9b:c2:49:3e:89:
56:8c:ab:12:f6:cf:53:c9:4a:19:cc:22:fe:47:f5:20:e8:05:
26:13:0c:7d:3e:32:09:ce:1e:3b:59:14:26:93:d6:aa:15:48:
fd:d1:2d:cf:88:d8:47:78:c5:87:4b:9b:ad:3d:1c:4a:c0:5d:
2e:3e:14:3f:37:64:c0:70:00:e8:f5:0b:63:dd:70:fa:8e:dc:
4a:67:34:dd:d5:d4:ce:c8:31:4f:b8:2a:f7:13:d4:25:b9:8d:
fa:12:7e:00:43:6d:1d:05:3f:e6:11:af:06:7d:4b:9d:4f:e0:
7d:67:54:07:82:dc:a2:6c:2d:4c:1f:d9:78:8a:d6:67:b3:8a:
97:8e:1a:00:4f:86:ef:7a:42:8f:bc:05:2c:ff:24:f3:ff:64:
40:d1:57:65:f8:b5:c7:c4:ea:f4:0d:79:47:33:44:51:54:fc:
47:6a:c3:50:d7:3c:de:2e:94:25:8a:03:20:2d:d4:7d:df:51:
db:de:8a:eb:22:b7:1b:aa:fd:65:73:c6:ce:d5:df:66:fd:d1:
84:a7:62:9c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaH1pn8a6iwUh43deIRlY1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNDMwMTc1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njc4NGNhYTViZjg1ZWU1NmU4NzYyMTAxNzIyMTM0ZThiNzg3YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSL3yWKzkfP6bWARVqndvO2r/vG4
jGByHL3XKNyR+DPJ9mBDv0qNepakajslFfie8CtsgLPW8mWGcxZytBDM+GBL4x5N
B1XbInqVjf0LLfid1br/jyxnMwy0XK4IHvEnNYkRJrLpZLuH59e1hKEAsBNT6ag2
nbQxWuk8PkXqzDfY+Rl8vOhjbL8x2GfWxhe6hDtw+gLg1ijrntINO0pq5+VzfGah
LYCMT7uKXSSYYRPqJEKv/Bm0Dz8K+zmDbdWD49AM0GIsQ1vLBXhuPnb2VLveJCbb
sJxCepYpSnKVYyQ8tUmP4+8cef+uSlnFCDVVCYWz1iegxbNA68h1qEQKFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZ4TKpb+F7lbodiEBciE06LeHxoMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvaG5oTXFsdjRYdVZ1aDJJUUZ5SVRUb3Q0ZkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgrAxAMF
ACoOxMMDBQAqEWvAMA0GCSqGSIb3DQEBCwUAA4IBAQAAK6pJWRMlO+1wo0hKbxND
DKOukiLRwh9D8lGI+8qbthL1lDC5onLWbEYCRKD8CCv9m8JJPolWjKsS9s9TyUoZ
zCL+R/Ug6AUmEwx9PjIJzh47WRQmk9aqFUj90S3PiNhHeMWHS5utPRxKwF0uPhQ/
N2TAcADo9Qtj3XD6jtxKZzTd1dTOyDFPuCr3E9QluY36En4AQ20dBT/mEa8GfUud
T+B9Z1QHgtyibC1MH9l4itZns4qXjhoAT4bvekKPvAUs/yTz/2RA0Vdl+LXHxOr0
DXlHM0RRVPxHasNQ1zzeLpQligMgLdR931Hb3orrIrcbqv1lc8bO1d9m/dGEp2Kc
-----END CERTIFICATE-----
Generated at Fri May 9 09:37:08 2025 by rpki-client