Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ldeVc1Y7tk5WJzxwn6-4pJdRlqk.roa
File: ldeVc1Y7tk5WJzxwn6-4pJdRlqk.roa (raw, json)
Hash identifier: Q50GKlC40AH+xCrhG+ba4SyPaVJGBmVFo8hbUUh388w=
Subject key identifier: 95:D7:95:73:56:3B:B6:4E:56:27:3C:70:9F:AF:B8:A4:97:51:96:A9
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01957F72BCEBC6E0B1CA9239F9A3356FE44A
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ldeVc1Y7tk5WJzxwn6-4pJdRlqk.roa
Signing time: Mon 10 Mar 2025 09:46:20 +0000
ROA not before: Mon 10 Mar 2025 09:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:5902::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:72:bc:eb:c6:e0:b1:ca:92:39:f9:a3:35:6f:e4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 10 09:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95d79573563bb64e56273c709fafb8a4975196a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cf:4d:94:f9:44:f3:87:c4:51:18:86:88:12:
21:6f:d6:98:3d:dc:a3:b4:b2:46:b9:1b:bf:1f:a2:
8c:11:43:20:b2:21:55:25:17:b6:22:a0:4b:19:85:
9e:47:83:a3:7b:70:f6:8a:6f:44:2b:e4:7a:70:9f:
bb:43:62:a9:a0:3c:b3:36:56:4d:ca:30:b5:c6:96:
08:92:50:17:47:03:c9:cc:84:60:f3:bb:06:bc:d0:
21:5b:f8:7c:16:6b:d6:d4:bd:ce:f1:31:41:96:09:
44:cd:a5:85:8d:aa:f9:c5:b0:3d:d2:d5:d6:4f:27:
7a:b1:1c:d0:3d:97:73:f3:51:a5:2a:5a:b7:fb:c1:
3c:21:69:90:84:7b:39:bf:87:5f:cf:07:fa:e0:6b:
de:51:54:2d:f9:ea:42:c0:aa:89:30:0b:00:5f:f8:
b1:7c:0b:36:30:69:3b:e6:20:28:64:66:39:8e:22:
9b:6c:d4:00:e9:a5:6d:85:c9:8b:b8:b8:27:df:63:
19:e9:a7:d4:2b:00:ed:65:89:8d:57:e9:11:d2:84:
77:3c:e6:84:d7:ce:ad:e3:0a:98:3d:ff:2c:cd:b0:
11:41:ee:35:b0:9e:9c:f0:5a:aa:da:13:68:6c:98:
bc:1b:40:f2:8a:48:1f:98:8d:f4:d6:67:d5:37:ae:
22:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D7:95:73:56:3B:B6:4E:56:27:3C:70:9F:AF:B8:A4:97:51:96:A9
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ldeVc1Y7tk5WJzxwn6-4pJdRlqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5902::/32
Signature Algorithm: sha256WithRSAEncryption
a7:f8:6d:a0:eb:81:cd:6d:f3:9a:32:02:f8:39:8a:95:b9:65:
fe:0c:40:1b:59:4b:0a:96:47:71:62:ba:84:8c:6f:24:8d:63:
a0:d7:45:7a:17:34:84:40:77:78:42:fe:e9:bd:eb:5a:d5:ac:
f6:60:d3:11:76:76:c2:03:7c:64:28:c8:d3:bc:80:8f:d3:26:
31:30:8f:f3:aa:b6:23:75:dc:2b:e2:ac:63:36:a9:ec:86:a1:
63:f2:d1:1b:94:8b:48:2f:c3:3a:96:8f:c4:7e:96:5c:49:ec:
b0:43:b4:bc:73:58:25:4f:ed:61:24:d0:f1:4f:fb:c3:2d:3c:
6c:ec:d7:73:cf:5f:cf:4a:9f:e2:00:64:22:cd:55:7f:00:22:
43:63:07:b0:e0:90:fd:ad:01:a2:71:c2:8c:17:f3:4f:43:39:
d7:f9:47:21:50:26:d4:fe:b6:bd:a0:11:66:9e:7f:02:1e:f3:
3b:87:05:1e:ad:3d:3c:6a:92:a5:4a:c3:f2:c8:f0:72:57:d3:
7a:0f:81:79:34:f4:74:f2:06:63:ac:f7:3f:b9:e6:e9:ba:11:
66:5b:3e:93:cd:ac:8a:7d:a7:e9:94:b3:fd:b6:5c:26:23:95:
1d:e7:60:ec:ef:ad:46:f8:f2:a3:a5:96:77:00:7a:2c:c4:7a:
40:22:82:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZV/crzrxuCxypI5+aM1b+RKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMzEwMDk0NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQ3OTU3MzU2M2JiNjRlNTYyNzNjNzA5ZmFmYjhhNDk3NTE5NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA389NlPlE84fEURiGiBIhb9aYPdyj
tLJGuRu/H6KMEUMgsiFVJRe2IqBLGYWeR4Oje3D2im9EK+R6cJ+7Q2KpoDyzNlZN
yjC1xpYIklAXRwPJzIRg87sGvNAhW/h8FmvW1L3O8TFBlglEzaWFjar5xbA90tXW
Tyd6sRzQPZdz81GlKlq3+8E8IWmQhHs5v4dfzwf64GveUVQt+epCwKqJMAsAX/ix
fAs2MGk75iAoZGY5jiKbbNQA6aVthcmLuLgn32MZ6afUKwDtZYmNV+kR0oR3POaE
186t4wqYPf8szbARQe41sJ6c8Fqq2hNobJi8G0DyikgfmI301mfVN64i3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJXXlXNWO7ZOVic8cJ+vuKSXUZapMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvbGRlVmMxWTd0azVXSnp4d242LTRwSmRSbHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5ZAjAN
BgkqhkiG9w0BAQsFAAOCAQEAp/htoOuBzW3zmjIC+DmKlbll/gxAG1lLCpZHcWK6
hIxvJI1joNdFehc0hEB3eEL+6b3rWtWs9mDTEXZ2wgN8ZCjI07yAj9MmMTCP86q2
I3XcK+KsYzap7IahY/LRG5SLSC/DOpaPxH6WXEnssEO0vHNYJU/tYSTQ8U/7wy08
bOzXc89fz0qf4gBkIs1VfwAiQ2MHsOCQ/a0BonHCjBfzT0M51/lHIVAm1P62vaAR
Zp5/Ah7zO4cFHq09PGqSpUrD8sjwclfTeg+BeTT0dPIGY6z3P7nm6boRZls+k82s
in2n6ZSz/bZcJiOVHedg7O+tRvjyo6WWdwB6LMR6QCKCCg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:43:43 2025 by rpki-client