Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/9y-1E10aCX9zAXNrMy805QUlNSk.roa
File: 9y-1E10aCX9zAXNrMy805QUlNSk.roa (raw, json)
Hash identifier: JFr0RQe/HtkZhTtG43QfcKh8NvyzcXj1uoXdmtclAuU=
Subject key identifier: F7:2F:B5:13:5D:1A:09:7F:73:01:73:6B:33:2F:34:E5:05:25:35:29
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01955D851E11658AB0126C2A8A3B795903E1
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/9y-1E10aCX9zAXNrMy805QUlNSk.roa
Signing time: Mon 03 Mar 2025 19:39:19 +0000
ROA not before: Mon 03 Mar 2025 19:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a0e:4bc4::/32 maxlen: 32
2a0f:6fc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:85:1e:11:65:8a:b0:12:6c:2a:8a:3b:79:59:03:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 3 19:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f72fb5135d1a097f7301736b332f34e505253529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e9:fd:d4:92:b6:00:9f:16:6b:d8:b3:e4:e4:
ac:7c:39:4c:a9:40:c9:58:a1:7e:7b:46:09:23:b5:
6b:95:90:e2:7a:4e:25:6f:d2:58:dd:d3:6b:c0:c6:
90:71:e1:a0:d8:fc:3d:ec:9b:d8:cc:03:db:c0:fb:
69:b3:71:79:79:d4:2e:aa:0e:34:2b:bc:5e:4a:23:
45:96:e8:c3:01:8c:fb:36:51:1d:a9:d8:42:bd:98:
64:72:d3:6f:02:fb:66:a8:3f:d9:06:84:bd:68:fe:
0d:2d:f8:4b:fc:f4:7f:74:c6:b9:b6:a3:87:98:a5:
77:00:6a:a8:8b:bc:04:8f:5f:da:a9:75:65:de:f2:
7f:eb:66:70:d5:fa:58:42:3b:30:7d:29:52:66:47:
17:a5:6c:65:6b:9c:cb:4a:f1:03:2e:62:e9:f8:f8:
f9:ea:5f:d7:6b:12:78:07:34:92:d4:65:62:d0:aa:
4c:67:7c:42:19:74:3c:17:5a:2c:c5:67:d4:22:4f:
1c:3a:d1:64:43:ec:59:d0:84:e5:12:76:79:42:88:
61:8c:87:78:82:52:ae:d8:cb:a9:54:06:d6:b7:df:
bd:48:4d:4d:b6:17:02:35:ac:b5:b7:b0:2b:34:7d:
ae:57:ca:34:c3:48:d0:2e:b7:14:3d:e9:7e:2a:cb:
f6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2F:B5:13:5D:1A:09:7F:73:01:73:6B:33:2F:34:E5:05:25:35:29
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/9y-1E10aCX9zAXNrMy805QUlNSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc4::/32
2a0f:6fc6::/32
Signature Algorithm: sha256WithRSAEncryption
71:e4:e3:c2:04:16:74:e8:cd:0d:58:74:6d:0c:3a:4b:13:c1:
96:ff:b8:c8:33:a0:06:2c:3f:a6:10:94:6b:48:13:5b:ce:87:
46:46:5f:cf:5f:de:34:04:60:bd:09:74:41:43:9b:48:37:64:
00:fa:46:0e:c7:2e:82:3c:99:d3:11:0c:7e:6a:f8:ed:69:5f:
cc:f9:99:55:44:00:74:bf:52:16:59:0b:43:4e:48:66:b4:6c:
d3:14:98:97:09:ac:fa:aa:a1:f8:1f:d2:f6:ae:bf:b7:6c:1b:
7d:f8:9e:d3:0c:1d:0a:c0:ce:16:c0:b5:12:4c:ac:de:a9:6f:
7a:0d:4a:bd:12:4e:1e:86:19:e7:1b:4d:15:e5:66:7c:18:cb:
cb:4f:90:44:b3:56:e3:f3:e6:da:8a:4c:bb:9c:8a:a1:33:ab:
3f:9f:cb:22:92:d1:09:4e:0b:7f:ab:2e:e9:f5:df:be:11:29:
a4:bf:8f:97:70:be:7f:e4:5f:f8:c5:06:57:8d:ce:a1:c2:c1:
04:b1:bb:a3:d4:39:51:6c:ff:45:da:fc:31:37:cc:1a:bb:f3:
8a:a2:49:4c:5f:61:2e:ed:47:50:1c:12:16:72:ad:ff:cc:38:
a0:c5:0f:73:20:ef:5f:70:30:29:4c:f6:6f:2b:10:75:3c:46:
c5:ec:eb:7e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVdhR4RZYqwEmwqijt5WQPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMzAzMTkzOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJmYjUxMzVkMWEwOTdmNzMwMTczNmIzMzJmMzRlNTA1MjUzNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5en91JK2AJ8Wa9iz5OSsfDlMqUDJ
WKF+e0YJI7VrlZDiek4lb9JY3dNrwMaQceGg2Pw97JvYzAPbwPtps3F5edQuqg40
K7xeSiNFlujDAYz7NlEdqdhCvZhkctNvAvtmqD/ZBoS9aP4NLfhL/PR/dMa5tqOH
mKV3AGqoi7wEj1/aqXVl3vJ/62Zw1fpYQjswfSlSZkcXpWxla5zLSvEDLmLp+Pj5
6l/XaxJ4BzSS1GVi0KpMZ3xCGXQ8F1osxWfUIk8cOtFkQ+xZ0ITlEnZ5QohhjId4
glKu2MupVAbWt9+9SE1NthcCNay1t7ArNH2uV8o0w0jQLrcUPel+Ksv2SQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPcvtRNdGgl/cwFzazMvNOUFJTUpMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvOXktMUUxMGFDWDl6QVhOck15ODA1UVVsTlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5LxAMF
ACoPb8YwDQYJKoZIhvcNAQELBQADggEBAHHk48IEFnTozQ1YdG0MOksTwZb/uMgz
oAYsP6YQlGtIE1vOh0ZGX89f3jQEYL0JdEFDm0g3ZAD6Rg7HLoI8mdMRDH5q+O1p
X8z5mVVEAHS/UhZZC0NOSGa0bNMUmJcJrPqqofgf0vauv7dsG334ntMMHQrAzhbA
tRJMrN6pb3oNSr0STh6GGecbTRXlZnwYy8tPkESzVuPz5tqKTLuciqEzqz+fyyKS
0QlOC3+rLun1374RKaS/j5dwvn/kX/jFBleNzqHCwQSxu6PUOVFs/0Xa/DE3zBq7
84qiSUxfYS7tR1AcEhZyrf/MOKDFD3Mg719wMClM9m8rEHU8RsXs634=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:41:13 2025 by rpki-client