Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/O717_3WL1ywuJ5U7Gks8_FPNaW0.roa
File: O717_3WL1ywuJ5U7Gks8_FPNaW0.roa (raw, json)
Hash identifier: 0dHSB4WOyjbfnp96/SIFBaQgsSLMwg+jvOl2qiquYcw=
Subject key identifier: 3B:BD:7B:FF:75:8B:D7:2C:2E:27:95:3B:1A:4B:3C:FC:53:CD:69:6D
Certificate issuer: /CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7
Certificate serial: 01946437CC2645B116D208C3D0B6AE1D8519
Authority key identifier: C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/O717_3WL1ywuJ5U7Gks8_FPNaW0.roa
Signing time: Tue 14 Jan 2025 09:49:25 +0000
ROA not before: Tue 14 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58154
IP address blocks: 2a0e:6340::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:37:cc:26:45:b1:16:d2:08:c3:d0:b6:ae:1d:85:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7
Validity
Not Before: Jan 14 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bbd7bff758bd72c2e27953b1a4b3cfc53cd696d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:c5:a7:f5:14:81:6b:1d:de:70:10:e8:ca:
f4:1d:1d:4d:82:d6:a9:2e:5f:e1:c1:8a:22:f8:26:
52:18:a5:d9:f3:70:78:9d:a6:4e:0c:b8:38:b9:3a:
63:3d:8f:a4:d5:a8:99:0a:7e:9a:56:22:b8:db:4e:
8b:ac:71:8e:db:7d:0f:8a:5c:0f:cc:d2:9f:66:ed:
8a:47:d6:38:4b:e1:4a:e0:0b:06:ab:cc:08:23:7a:
d7:0f:5d:5e:db:7b:85:5b:4f:e1:15:d9:11:9d:61:
8b:68:c6:95:ad:2a:5e:9c:44:91:99:1f:6d:f4:4e:
f1:94:8d:c2:70:44:ed:1b:bf:9c:ea:ca:e8:b1:0f:
2c:b1:65:3c:d9:4c:f8:55:59:85:9f:be:2b:a4:cc:
9c:df:f6:7e:f3:79:18:36:08:11:65:88:b5:be:7e:
17:d6:1f:4c:3f:fe:aa:61:f7:90:ef:3c:ea:33:cc:
65:bc:75:52:69:b2:42:0e:e3:52:d7:61:eb:cc:c6:
ee:89:91:2e:60:55:eb:14:e0:92:4a:c4:fd:45:d5:
db:ae:a5:1e:6e:87:e5:53:e2:98:5d:69:99:ac:77:
75:3b:fe:aa:83:88:72:02:f8:66:33:5f:1d:71:10:
e0:e7:4a:b2:92:40:d2:a2:4c:ed:dc:db:3e:97:89:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BD:7B:FF:75:8B:D7:2C:2E:27:95:3B:1A:4B:3C:FC:53:CD:69:6D
X509v3 Authority Key Identifier:
keyid:C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/O717_3WL1ywuJ5U7Gks8_FPNaW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/xs-pT2E045YOpfMYhGowzz6SLdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:6340::/29
Signature Algorithm: sha256WithRSAEncryption
b0:06:2a:7c:1e:aa:70:8f:ec:a5:aa:23:3c:6b:b7:f5:8b:8b:
8e:3d:85:7e:a0:45:ba:a9:23:b0:47:95:a5:51:6a:fb:80:38:
be:c1:53:e0:ed:09:23:2c:85:a3:ad:4a:04:6b:5b:f9:09:d8:
4b:81:c1:87:96:e1:ae:1c:90:cc:63:9e:7d:7c:c5:42:6b:19:
5f:75:a9:1c:29:c6:d6:1a:5c:31:34:70:14:e2:0c:a3:04:e2:
ef:10:07:bb:0b:44:3b:81:5a:fd:49:cc:60:8f:23:73:92:de:
24:df:cf:3e:72:94:f5:91:d7:92:d9:ba:9f:c7:1d:61:70:20:
b6:27:fb:6c:1b:94:4a:af:cc:f9:51:71:fc:50:1a:5b:d5:a1:
40:55:47:3d:01:23:ab:50:42:9b:81:21:c3:54:34:eb:07:57:
ee:9f:84:9e:0e:12:2d:ac:47:98:29:d4:80:97:f8:5f:ea:06:
60:fe:26:33:9c:c7:2a:03:30:a7:01:d6:52:d5:9f:71:db:01:
63:87:92:7a:5c:1c:c6:07:58:e8:8e:25:67:bf:ea:21:b5:50:
01:b9:80:d6:7b:86:73:52:a6:5d:c9:09:fd:3b:c2:b3:77:64:
d0:68:f8:6f:87:61:a6:41:ad:39:9f:70:49:96:63:5e:ea:29:
fb:15:67:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRkN8wmRbEW0gjD0LauHYUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2ZhOTRmNjEzNGUzOTYwZWE1ZjMxODg0NmEzMGNmM2U5
MjJkZDcwHhcNMjUwMTE0MDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJkN2JmZjc1OGJkNzJjMmUyNzk1M2IxYTRiM2NmYzUzY2Q2OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPLFp/UUgWsd3nAQ6Mr0HR1Ngtap
Ll/hwYoi+CZSGKXZ83B4naZODLg4uTpjPY+k1aiZCn6aViK4206LrHGO230PilwP
zNKfZu2KR9Y4S+FK4AsGq8wII3rXD11e23uFW0/hFdkRnWGLaMaVrSpenESRmR9t
9E7xlI3CcETtG7+c6srosQ8ssWU82Uz4VVmFn74rpMyc3/Z+83kYNggRZYi1vn4X
1h9MP/6qYfeQ7zzqM8xlvHVSabJCDuNS12HrzMbuiZEuYFXrFOCSSsT9RdXbrqUe
boflU+KYXWmZrHd1O/6qg4hyAvhmM18dcRDg50qykkDSokzt3Ns+l4kKxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDu9e/91i9csLieVOxpLPPxTzWltMB8GA1UdIwQY
MBaAFMbPqU9hNOOWDqXzGIRqMM8+ki3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUt
ZjlhNDM3MDlkMDBiLzEvTzcxN18zV0wxeXd1SjVVN0drczhfRlBOYVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUtZjlhNDM3MDlkMDBi
LzEveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5jQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsAYqfB6qcI/spaojPGu39YuLjj2FfqBFuqkjsEeV
pVFq+4A4vsFT4O0JIyyFo61KBGtb+QnYS4HBh5bhrhyQzGOefXzFQmsZX3WpHCnG
1hpcMTRwFOIMowTi7xAHuwtEO4Fa/UnMYI8jc5LeJN/PPnKU9ZHXktm6n8cdYXAg
tif7bBuUSq/M+VFx/FAaW9WhQFVHPQEjq1BCm4Ehw1Q06wdX7p+Eng4SLaxHmCnU
gJf4X+oGYP4mM5zHKgMwpwHWUtWfcdsBY4eSelwcxgdY6I4lZ7/qIbVQAbmA1nuG
c1KmXckJ/TvCs3dk0Gj4b4dhpkGtOZ9wSZZjXuop+xVnkg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:59:48 2025 by rpki-client