Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/F3bvVUIAYCnQAMwEtk2ToURIn8M.roa
File: F3bvVUIAYCnQAMwEtk2ToURIn8M.roa (raw, json)
Hash identifier: YBgI6DVfe4lxEejM+d/nTot9aLPulH/Q6Zu5K0t7HUE=
Subject key identifier: 17:76:EF:55:42:00:60:29:D0:00:CC:04:B6:4D:93:A1:44:48:9F:C3
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01955D83493A560F392816F9C19105101B41
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/F3bvVUIAYCnQAMwEtk2ToURIn8M.roa
Signing time: Mon 03 Mar 2025 19:37:19 +0000
ROA not before: Mon 03 Mar 2025 19:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a0e:4bc2::/32 maxlen: 32
2a0e:4bc3::/32 maxlen: 32
2a0e:5644::/32 maxlen: 32
2a0e:ffc3::/32 maxlen: 32
2a0f:4344::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:83:49:3a:56:0f:39:28:16:f9:c1:91:05:10:1b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 3 19:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1776ef5542006029d000cc04b64d93a144489fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fa:5a:d7:f1:a3:25:88:3d:f5:5c:83:44:43:
40:d6:bb:17:9f:1f:2a:44:d6:dd:70:36:88:e4:54:
0e:b4:19:51:d8:f9:c3:b0:ed:19:6f:85:b5:4f:2f:
18:86:87:59:22:d9:b3:f3:3b:d1:78:ca:e9:f6:b9:
65:c5:30:e0:28:10:1b:6d:45:9f:e6:1c:9a:87:de:
bd:47:1b:aa:8a:a7:69:c3:48:60:32:d2:a9:b6:f5:
a9:c0:ed:f6:a9:2d:36:4f:d3:d2:8d:ce:07:97:7b:
91:a4:b9:75:be:89:03:5c:52:d0:f1:32:b9:af:47:
a3:01:c5:e9:57:ac:c9:d6:f0:ca:50:67:75:a3:e3:
f4:db:91:6f:ba:9d:76:8a:9e:f1:d4:ae:e5:44:f2:
17:f2:ae:f6:20:ed:28:17:aa:49:85:62:a3:82:15:
33:56:49:41:18:75:8d:f0:42:ee:6c:35:64:f3:65:
0e:40:bb:50:52:52:4a:1a:4d:aa:2c:4b:9d:9f:6b:
0d:63:96:12:cf:ed:a1:15:c1:b6:55:b6:c0:1d:e5:
4f:f8:ef:59:fd:6d:ea:9e:1a:f6:67:53:8b:51:56:
0a:cd:70:94:cb:bf:50:fe:56:c7:b9:92:3a:e0:df:
f9:d8:d9:19:95:88:b7:e8:0b:cc:53:5a:ab:6e:d7:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:76:EF:55:42:00:60:29:D0:00:CC:04:B6:4D:93:A1:44:48:9F:C3
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/F3bvVUIAYCnQAMwEtk2ToURIn8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc2::/31
2a0e:5644::/32
2a0e:ffc3::/32
2a0f:4344::/32
Signature Algorithm: sha256WithRSAEncryption
33:96:c0:ac:c0:76:eb:6a:94:ab:88:1d:37:c3:b0:23:6b:7a:
62:ed:16:cf:89:44:0e:65:7f:b6:5c:49:72:87:86:a0:1f:be:
2e:33:8b:69:a3:36:1c:eb:d0:cd:36:f2:55:5e:7e:c2:79:2e:
f1:26:10:1e:a7:88:4c:a3:10:4e:74:08:75:96:2c:0c:6f:7f:
a0:d0:14:c2:3c:e1:5e:3e:ee:5e:24:1c:f1:04:2a:9a:cf:59:
09:82:ed:0d:de:02:e3:bf:f6:96:2c:91:f6:d3:91:d7:69:cd:
96:4e:0b:6e:c8:e9:b0:3e:1c:5b:b2:9c:ea:22:df:69:ef:ad:
50:b9:df:b0:4f:ed:46:f6:52:be:97:f9:6c:e5:a9:8a:09:23:
3c:88:09:d5:4f:0e:0d:7d:eb:34:77:33:47:62:49:1d:0b:a7:
78:dd:64:00:a1:5e:3a:d3:80:2d:54:1b:4d:4d:14:f8:8f:61:
5d:fb:4a:cb:d8:34:1b:e6:15:e0:65:2d:24:6c:14:a4:df:24:
97:06:90:c8:38:f0:ba:17:69:94:ba:78:d3:ee:7d:ba:d6:6e:
cc:2f:9c:a3:17:73:27:3c:8a:cd:19:8f:58:a9:8a:3c:c6:90:
48:bc:6e:13:8f:51:c7:10:e3:4f:e6:d7:db:b3:10:fc:f1:9c:
14:30:ec:0e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZVdg0k6Vg85KBb5wZEFEBtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMzAzMTkzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc2ZWY1NTQyMDA2MDI5ZDAwMGNjMDRiNjRkOTNhMTQ0NDg5ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ppa1/GjJYg99VyDRENA1rsXnx8q
RNbdcDaI5FQOtBlR2PnDsO0Zb4W1Ty8YhodZItmz8zvReMrp9rllxTDgKBAbbUWf
5hyah969Rxuqiqdpw0hgMtKptvWpwO32qS02T9PSjc4Hl3uRpLl1vokDXFLQ8TK5
r0ejAcXpV6zJ1vDKUGd1o+P025Fvup12ip7x1K7lRPIX8q72IO0oF6pJhWKjghUz
VklBGHWN8ELubDVk82UOQLtQUlJKGk2qLEudn2sNY5YSz+2hFcG2VbbAHeVP+O9Z
/W3qnhr2Z1OLUVYKzXCUy79Q/lbHuZI64N/52NkZlYi36AvMU1qrbtf8PwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBd271VCAGAp0ADMBLZNk6FESJ/DMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRjNidlZVSUFZQ25RQU13RXRrMlRvVVJJbjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUBKg5LwgMF
ACoOVkQDBQAqDv/DAwUAKg9DRDANBgkqhkiG9w0BAQsFAAOCAQEAM5bArMB262qU
q4gdN8OwI2t6Yu0Wz4lEDmV/tlxJcoeGoB++LjOLaaM2HOvQzTbyVV5+wnku8SYQ
HqeITKMQTnQIdZYsDG9/oNAUwjzhXj7uXiQc8QQqms9ZCYLtDd4C47/2liyR9tOR
12nNlk4LbsjpsD4cW7Kc6iLfae+tULnfsE/tRvZSvpf5bOWpigkjPIgJ1U8ODX3r
NHczR2JJHQuneN1kAKFeOtOALVQbTU0U+I9hXftKy9g0G+YV4GUtJGwUpN8klwaQ
yDjwuhdplLp40+59utZuzC+coxdzJzyKzRmPWKmKPMaQSLxuE49RxxDjT+bX27MQ
/PGcFDDsDg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:26:38 2025 by rpki-client