Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3_VvPPwnYPd5rWhLh6Iyp_eAH6k.roa
File: 3_VvPPwnYPd5rWhLh6Iyp_eAH6k.roa (raw, json)
Hash identifier: +z7JFeuDkK6wZ/dnw+5HQIxiOnfac9oBxfRwnPKHz6g=
Subject key identifier: DF:F5:6F:3C:FC:27:60:F7:79:AD:68:4B:87:A2:32:A7:F7:80:1F:A9
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0195B965B5B4AEB6D207747DC67DBD754123
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3_VvPPwnYPd5rWhLh6Iyp_eAH6k.roa
Signing time: Fri 21 Mar 2025 15:50:05 +0000
ROA not before: Fri 21 Mar 2025 15:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:e000::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 25 Mar 2025 14:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:65:b5:b4:ae:b6:d2:07:74:7d:c6:7d:bd:75:41:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Mar 21 15:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dff56f3cfc2760f779ad684b87a232a7f7801fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4b:22:49:bf:30:36:2a:75:7f:04:4d:fd:2c:
75:59:9b:27:71:ba:cd:75:85:de:e9:1a:16:75:81:
b3:33:d2:a2:25:ea:ef:70:f1:25:c5:1e:79:51:d1:
3e:a4:99:90:2d:a3:2a:50:de:b4:0e:84:5f:44:9c:
c9:96:39:bc:b8:44:d9:bf:13:ce:81:16:29:6e:bc:
81:9e:39:2b:25:9e:00:30:eb:e5:35:09:89:ae:fb:
02:a4:d9:78:88:bf:9a:43:28:8a:f0:cb:a6:61:be:
3e:1c:e2:b7:6b:0a:5f:b1:a3:d9:06:e0:d3:7a:80:
e8:5e:b2:96:1c:dd:88:e0:a7:54:f0:84:f1:d9:95:
04:9c:55:1d:c5:ac:4b:6f:99:ea:c1:02:9d:ff:c6:
16:76:a3:69:2e:5d:cf:99:1e:aa:07:0a:b1:48:7d:
43:8b:7c:2d:65:fc:fe:bf:65:4c:f7:33:d4:d4:cc:
f5:25:4f:aa:44:a3:a4:20:22:7d:46:17:94:80:fe:
38:47:c8:a1:31:02:48:4f:a1:2a:e7:0a:1a:9a:5f:
fb:d2:f8:13:9c:59:3c:c5:cb:69:1f:60:6b:32:cd:
a0:55:6c:9e:3a:df:89:d6:cf:bb:c4:4e:45:ca:ae:
ef:33:06:6c:87:a5:3b:6b:aa:a6:10:9d:4c:50:f1:
af:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F5:6F:3C:FC:27:60:F7:79:AD:68:4B:87:A2:32:A7:F7:80:1F:A9
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/3_VvPPwnYPd5rWhLh6Iyp_eAH6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
Signature Algorithm: sha256WithRSAEncryption
5b:1e:b2:90:cf:d4:ed:60:db:2c:4d:94:26:3b:cc:d8:9e:96:
4f:eb:e6:b3:b3:02:eb:e3:df:93:c0:2f:8e:27:2a:82:4a:6a:
ee:f1:7f:85:5d:a4:98:96:bb:1b:29:a3:8f:17:7a:cf:9a:54:
92:de:7c:46:5f:4e:ac:95:b7:3f:71:64:03:fd:be:5d:41:e5:
71:5d:72:e5:21:28:b6:25:0a:7b:44:e0:d1:3a:9d:46:32:62:
20:d5:81:85:12:e4:2a:28:51:19:8e:57:8c:6d:13:62:dd:5b:
38:68:4f:9c:49:a4:1f:bd:a6:72:61:41:78:af:bd:3e:19:04:
d4:e9:62:1d:58:54:19:69:04:5f:84:65:70:6b:8f:43:7b:1f:
fd:b4:17:cf:81:01:ce:bb:33:ec:87:02:b0:8d:c4:e4:d5:a2:
9b:78:8c:1d:2e:0d:0f:aa:0e:7d:a1:d3:69:46:6f:c3:5a:7f:
1d:c9:b1:ed:3c:37:67:26:59:7e:5c:13:de:f4:d1:53:fd:1b:
ea:68:35:8b:4b:f6:c0:2c:00:77:bf:19:e4:03:c3:51:a0:e4:
45:53:f5:16:39:32:91:be:ed:7a:ee:cd:e2:b2:61:65:10:b1:
24:6b:a9:99:24:2a:c8:15:c9:1d:18:dc:19:4d:dd:4c:3e:63:
40:0a:e3:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZW5ZbW0rrbSB3R9xn29dUEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwMzIxMTU1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY1NmYzY2ZjMjc2MGY3NzlhZDY4NGI4N2EyMzJhN2Y3ODAxZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ksiSb8wNip1fwRN/Sx1WZsncbrN
dYXe6RoWdYGzM9KiJervcPElxR55UdE+pJmQLaMqUN60DoRfRJzJljm8uETZvxPO
gRYpbryBnjkrJZ4AMOvlNQmJrvsCpNl4iL+aQyiK8MumYb4+HOK3awpfsaPZBuDT
eoDoXrKWHN2I4KdU8ITx2ZUEnFUdxaxLb5nqwQKd/8YWdqNpLl3PmR6qBwqxSH1D
i3wtZfz+v2VM9zPU1Mz1JU+qRKOkICJ9RheUgP44R8ihMQJIT6Eq5woaml/70vgT
nFk8xctpH2BrMs2gVWyeOt+J1s+7xE5Fyq7vMwZsh6U7a6qmEJ1MUPGv8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN/1bzz8J2D3ea1oS4eiMqf3gB+pMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvM19WdlBQd25ZUGQ1cldoTGg2SXlwX2VBSDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/gADAN
BgkqhkiG9w0BAQsFAAOCAQEAWx6ykM/U7WDbLE2UJjvM2J6WT+vms7MC6+Pfk8Av
jicqgkpq7vF/hV2kmJa7Gymjjxd6z5pUkt58Rl9OrJW3P3FkA/2+XUHlcV1y5SEo
tiUKe0Tg0TqdRjJiINWBhRLkKihRGY5XjG0TYt1bOGhPnEmkH72mcmFBeK+9PhkE
1OliHVhUGWkEX4RlcGuPQ3sf/bQXz4EBzrsz7IcCsI3E5NWim3iMHS4ND6oOfaHT
aUZvw1p/Hcmx7Tw3ZyZZflwT3vTRU/0b6mg1i0v2wCwAd78Z5APDUaDkRVP1Fjky
kb7teu7N4rJhZRCxJGupmSQqyBXJHRjcGU3dTD5jQArjww==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:17:12 2025 by rpki-client