Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa
File: 2S047RbxTlonsUFioWKRBInyRXk.roa (raw, json)
Hash identifier: 6Vc91vvalsI7/HjvoKRZpj5sz44CxP++fW4C5hjyNo8=
Subject key identifier: D9:2D:38:ED:16:F1:4E:5A:27:B1:41:62:A1:62:91:04:89:F2:45:79
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019707CF98CD507E7F2569EA9A51C8C3552C
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa
Signing time: Sun 25 May 2025 14:18:54 +0000
ROA not before: Sun 25 May 2025 14:18:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a0e:7780::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:3b40::/29 maxlen: 32
2a12:6640::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:f40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Jun 2025 08:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:cf:98:cd:50:7e:7f:25:69:ea:9a:51:c8:c3:55:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 25 14:18:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d92d38ed16f14e5a27b14162a162910489f24579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bf:f1:47:ae:52:9b:42:54:34:62:9c:cd:6c:
e4:a5:d3:c2:ef:83:09:ea:08:ec:e2:17:f6:67:32:
a7:f0:46:9d:1b:23:86:1f:8b:fd:ab:c0:15:c0:ea:
bb:41:30:1a:ef:e0:13:0a:f5:12:41:ef:c2:77:63:
98:df:18:9d:29:25:05:ab:67:9e:45:18:b6:bb:13:
de:76:ff:e5:ca:a8:b5:a9:dd:e5:43:5a:aa:a0:d5:
66:a6:3a:6b:14:a2:3b:3e:fc:9b:cb:a3:07:56:22:
56:52:96:89:30:32:73:fc:94:a7:e5:ef:20:dd:7d:
f2:d9:f0:10:7b:02:5c:76:f2:aa:53:17:83:01:bc:
27:0f:0b:e8:88:e3:b3:7c:71:7a:e4:39:11:89:91:
c2:38:b9:7a:1a:6a:e9:25:96:9c:7b:a7:8d:b9:53:
a1:ab:55:a8:6a:2a:a3:08:f0:7e:6e:7b:ce:46:cb:
00:36:8a:6a:99:ca:1a:1a:b5:52:72:68:04:c6:a5:
1a:1d:26:b1:62:6e:e6:5b:40:de:a8:5e:e3:40:81:
5c:fd:8a:19:da:b0:6a:81:d7:34:3d:fe:ad:ab:b4:
ef:f4:34:e4:ff:af:5d:fd:a0:54:ba:3b:52:b2:2b:
e1:59:63:16:bc:b7:1b:14:ad:fd:df:65:88:e1:bd:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2D:38:ED:16:F1:4E:5A:27:B1:41:62:A1:62:91:04:89:F2:45:79
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2S047RbxTlonsUFioWKRBInyRXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7780::/29
2a0f:d480::/29
2a11:3b40::/29
2a12:6640::/29
2a12:6b80::/29
2a12:f0c0::/29
2a13:ba00::/29
2a14:c0::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
8a:1f:ed:69:33:1c:77:2b:fe:cd:fe:41:7d:83:c2:ef:5d:ac:
37:28:47:5c:35:57:62:91:8e:d1:f8:b1:fc:35:a3:eb:85:2e:
63:86:34:32:45:5a:01:67:42:76:2d:23:48:f8:72:af:3a:76:
76:50:96:9a:d8:88:21:76:9f:fe:26:9c:b4:dc:9c:03:59:c2:
4f:35:f1:f8:fa:b2:24:ca:c2:38:d2:c3:c1:cd:06:6b:32:29:
8f:4d:db:bf:8a:b1:1b:f4:3b:d1:19:18:66:b8:3e:32:c1:15:
e0:7d:85:bb:f9:5c:ad:18:ae:bc:18:ce:64:ac:c0:49:c7:74:
44:82:0a:51:f8:5d:b0:9f:25:b3:a1:c2:51:dc:8a:52:ca:36:
25:60:b2:84:ae:7e:fe:8b:de:5d:3d:8d:3c:f2:50:7f:2e:e6:
a8:3f:53:06:18:5b:ae:a8:d1:e3:01:90:c2:50:6a:1f:82:73:
fd:03:7c:d7:92:89:ff:3d:82:b6:14:4b:7b:3c:b7:c6:ba:81:
7c:50:e5:27:aa:6c:c9:e7:fa:e4:96:30:15:c3:68:ca:68:b5:
6f:cc:8d:b6:af:f3:f4:bc:93:cd:2b:00:0c:9b:71:e6:3b:ee:
3f:20:62:74:6e:92:39:52:b3:b6:c9:fb:26:fd:4c:01:82:1a:
e6:14:a8:78
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZcHz5jNUH5/JWnqmlHIw1UsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNTI1MTQxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTJkMzhlZDE2ZjE0ZTVhMjdiMTQxNjJhMTYyOTEwNDg5ZjI0NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL/xR65Sm0JUNGKczWzkpdPC74MJ
6gjs4hf2ZzKn8EadGyOGH4v9q8AVwOq7QTAa7+ATCvUSQe/Cd2OY3xidKSUFq2ee
RRi2uxPedv/lyqi1qd3lQ1qqoNVmpjprFKI7Pvyby6MHViJWUpaJMDJz/JSn5e8g
3X3y2fAQewJcdvKqUxeDAbwnDwvoiOOzfHF65DkRiZHCOLl6GmrpJZace6eNuVOh
q1WoaiqjCPB+bnvORssANopqmcoaGrVScmgExqUaHSaxYm7mW0DeqF7jQIFc/YoZ
2rBqgdc0Pf6tq7Tv9DTk/69d/aBUujtSsivhWWMWvLcbFK3932WI4b1diwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNktOO0W8U5aJ7FBYqFikQSJ8kV5MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMlMwNDdSYnhUbG9uc1VGaW9XS1JCSW55UlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKg53gAMF
AyoP1IADBQMqETtAAwUDKhJmQAMFAyoSa4ADBQMqEvDAAwUDKhO6AAMFAyoUAMAD
BQMqFA9AMA0GCSqGSIb3DQEBCwUAA4IBAQCKH+1pMxx3K/7N/kF9g8LvXaw3KEdc
NVdikY7R+LH8NaPrhS5jhjQyRVoBZ0J2LSNI+HKvOnZ2UJaa2Ighdp/+Jpy03JwD
WcJPNfH4+rIkysI40sPBzQZrMimPTdu/irEb9DvRGRhmuD4ywRXgfYW7+VytGK68
GM5krMBJx3REggpR+F2wnyWzocJR3IpSyjYlYLKErn7+i95dPY088lB/LuaoP1MG
GFuuqNHjAZDCUGofgnP9A3zXkon/PYK2FEt7PLfGuoF8UOUnqmzJ5/rkljAVw2jK
aLVvzI22r/P0vJPNKwAMm3HmO+4/IGJ0bpI5UrO2yfsm/UwBghrmFKh4
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:46:29 2025 by rpki-client