Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zx0M9yYMdC3PH8hW2g2HqJftLEQ.roa
File: zx0M9yYMdC3PH8hW2g2HqJftLEQ.roa (raw, json)
Hash identifier: wKQZIOU+VtAAnvceDx/S87RNGjkpA7pq3DuUbLypmbo=
Subject key identifier: CF:1D:0C:F7:26:0C:74:2D:CF:1F:C8:56:DA:0D:87:A8:97:ED:2C:44
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019707CB04FB54F34ACB7F853A935F5694B6
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zx0M9yYMdC3PH8hW2g2HqJftLEQ.roa
Signing time: Sun 25 May 2025 14:13:54 +0000
ROA not before: Sun 25 May 2025 14:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a0e:7780::/29 maxlen: 29
2a11:3b40::/29 maxlen: 32
2a12:6640::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:f40::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 25 May 2025 14:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:cb:04:fb:54:f3:4a:cb:7f:85:3a:93:5f:56:94:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 25 14:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf1d0cf7260c742dcf1fc856da0d87a897ed2c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:8a:2c:41:d7:85:02:88:ca:ab:68:02:13:
de:69:7c:3d:e6:69:45:63:79:cd:46:84:28:1f:44:
7f:9f:e7:82:98:d3:07:38:a4:f7:05:a2:dd:4e:98:
19:83:59:7d:67:90:09:cd:49:0c:5e:8a:36:7e:2e:
56:dd:80:fc:20:79:15:de:0b:f9:82:59:82:e2:ad:
43:af:9d:32:ab:09:91:8e:98:4e:00:46:eb:08:b6:
b9:09:0c:3c:38:97:a2:d5:c1:9d:03:f8:d9:c8:41:
1f:08:b0:e9:5a:8e:cf:25:85:17:64:ee:70:73:12:
6e:56:64:49:ad:aa:c4:94:8f:4e:6b:e4:c0:a4:36:
b4:9e:9f:44:cf:73:e1:da:66:a4:01:27:09:3c:6e:
6f:4a:83:88:ca:e1:55:3a:fd:5a:e4:f8:3c:51:35:
50:9a:2c:bd:13:bd:2d:24:20:c3:02:4b:cb:0c:b1:
6d:63:7d:7b:a8:7c:aa:c9:14:9c:1b:55:71:d1:2b:
13:5f:a4:aa:2a:20:05:97:05:70:d6:a3:d5:49:53:
f2:56:30:71:aa:4c:9f:f4:8b:fc:82:54:ff:74:c2:
78:75:05:ae:45:31:b5:37:8b:26:a0:28:46:79:cd:
5c:59:60:f9:03:03:03:b0:dd:bf:5d:ea:0c:07:1f:
37:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1D:0C:F7:26:0C:74:2D:CF:1F:C8:56:DA:0D:87:A8:97:ED:2C:44
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zx0M9yYMdC3PH8hW2g2HqJftLEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7780::/29
2a11:3b40::/29
2a12:6640::/29
2a12:6b80::/29
2a13:ba00::/29
2a14:c0::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
33:a2:9f:9a:f4:4e:22:0b:16:64:9d:a9:68:a7:eb:83:55:d6:
05:f8:79:0e:09:a6:0c:eb:55:43:26:72:1e:fe:f0:56:e4:aa:
3e:1e:8e:a0:19:df:51:9d:bd:1e:2f:2e:37:cb:04:2a:86:4f:
1c:53:7b:0d:f4:e1:7d:63:9d:2c:d9:e3:cc:04:f6:a4:14:fe:
2f:54:9b:07:9a:a7:56:2c:98:2d:3a:5c:15:ab:cc:d5:d9:95:
f5:b1:2f:d7:e5:a4:33:b6:dc:0a:02:8e:a5:f8:18:19:d3:ee:
87:4b:c9:1c:af:c2:f4:83:67:fc:3d:e0:f2:b8:d4:05:7a:a0:
be:49:e9:3f:8f:c5:16:5c:36:b9:e7:1b:c4:b8:ba:a5:51:56:
ca:6d:4b:fa:de:d5:de:30:ad:54:2c:5a:6a:94:bd:11:3d:44:
76:1d:a8:75:9c:0f:3f:39:e7:07:9d:7d:d7:7a:0e:f6:b9:60:
da:85:c8:53:4a:7e:76:54:a0:41:9a:7d:d8:89:a9:ff:fd:59:
5d:52:eb:e3:a9:82:e8:35:f2:cb:36:f3:f4:e8:08:05:32:0e:
4c:ab:a7:d3:7d:00:2c:2c:53:93:1c:2b:1a:59:44:e7:da:84:
c7:21:93:cf:f2:29:47:ef:a6:d2:77:76:ab:00:af:f9:8b:0d:
4e:e7:1d:88
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZcHywT7VPNKy3+FOpNfVpS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwNTI1MTQxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFkMGNmNzI2MGM3NDJkY2YxZmM4NTZkYTBkODdhODk3ZWQyYzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzyKLEHXhQKIyqtoAhPeaXw95mlF
Y3nNRoQoH0R/n+eCmNMHOKT3BaLdTpgZg1l9Z5AJzUkMXoo2fi5W3YD8IHkV3gv5
glmC4q1Dr50yqwmRjphOAEbrCLa5CQw8OJei1cGdA/jZyEEfCLDpWo7PJYUXZO5w
cxJuVmRJrarElI9Oa+TApDa0np9Ez3Ph2makAScJPG5vSoOIyuFVOv1a5Pg8UTVQ
miy9E70tJCDDAkvLDLFtY317qHyqyRScG1Vx0SsTX6SqKiAFlwVw1qPVSVPyVjBx
qkyf9Iv8glT/dMJ4dQWuRTG1N4smoChGec1cWWD5AwMDsN2/XeoMBx83vwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFM8dDPcmDHQtzx/IVtoNh6iX7SxEMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvengwTTl5WU1kQzNQSDhoVzJnMkhxSmZ0TEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg53gAMF
AyoRO0ADBQMqEmZAAwUDKhJrgAMFAyoTugADBQMqFADAAwUDKhQPQDANBgkqhkiG
9w0BAQsFAAOCAQEAM6KfmvROIgsWZJ2paKfrg1XWBfh5DgmmDOtVQyZyHv7wVuSq
Ph6OoBnfUZ29Hi8uN8sEKoZPHFN7DfThfWOdLNnjzAT2pBT+L1SbB5qnViyYLTpc
FavM1dmV9bEv1+WkM7bcCgKOpfgYGdPuh0vJHK/C9INn/D3g8rjUBXqgvknpP4/F
Flw2uecbxLi6pVFWym1L+t7V3jCtVCxaapS9ET1Edh2odZwPPznnB51913oO9rlg
2oXIU0p+dlSgQZp92Imp//1ZXVLr46mC6DXyyzbz9OgIBTIOTKun030ALCxTkxwr
GllE59qExyGTz/IpR++m0nd2qwCv+YsNTucdiA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:23:23 2025 by rpki-client