Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/U7WFXLEFUEcfeI41Wrd3d-x8ny0.roa
File: U7WFXLEFUEcfeI41Wrd3d-x8ny0.roa (raw, json)
Hash identifier: JuO7R3DOPI7kq5kwyHVX01745KhzPXTbFppJSdVwyN4=
Subject key identifier: 53:B5:85:5C:B1:05:50:47:1F:78:8E:35:5A:B7:77:77:EC:7C:9F:2D
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0195AEADA36C6F6533BCDD358C5812355A77
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/U7WFXLEFUEcfeI41Wrd3d-x8ny0.roa
Signing time: Wed 19 Mar 2025 13:52:49 +0000
ROA not before: Wed 19 Mar 2025 13:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2001:3080::/29 maxlen: 29
2001:3380::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a0e:a780::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Mar 2025 20:58:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:ad:a3:6c:6f:65:33:bc:dd:35:8c:58:12:35:5a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 19 13:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53b5855cb10550471f788e355ab77777ec7c9f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fd:34:53:71:bc:f3:6d:cd:25:f6:22:cb:b2:
e5:0b:8e:e2:92:2e:fd:99:25:97:91:14:f0:03:df:
5f:13:a9:a8:5d:9f:56:c1:a2:3a:8b:eb:35:e2:40:
f3:72:e2:4b:8f:8d:c0:a1:ea:af:3b:32:19:e4:b6:
fa:3d:9d:a8:46:39:6f:8f:5e:3c:86:a8:f9:c9:f7:
c2:e8:8d:56:0f:60:63:96:f7:72:ec:69:72:6c:74:
81:f9:e1:e4:92:53:37:e5:ef:17:91:aa:03:2c:89:
01:4c:33:44:ff:44:95:e4:49:b0:65:fa:8c:b9:fe:
ac:95:0f:26:2c:43:5c:97:d8:f9:2b:83:65:98:35:
75:a4:f0:93:2b:3f:09:06:c2:b7:a8:ab:6a:02:7d:
f3:66:ce:e4:d3:de:3d:cc:91:e4:c0:a8:99:53:af:
d7:98:95:98:4c:0a:26:ce:9f:fe:a8:6d:f2:61:3b:
cb:db:d5:57:56:61:de:fd:c9:8e:f6:72:e2:5c:46:
3b:8c:c2:73:b4:cf:a2:7d:6f:a3:58:9a:5c:59:d2:
b3:f7:9d:cf:e4:9b:60:92:01:0c:c7:06:f4:a7:4f:
6e:5c:b0:e0:c8:86:9f:31:35:e4:94:5e:5f:b0:1f:
01:c8:22:e5:5a:8b:ce:15:bb:16:ed:0b:61:7e:67:
20:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B5:85:5C:B1:05:50:47:1F:78:8E:35:5A:B7:77:77:EC:7C:9F:2D
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/U7WFXLEFUEcfeI41Wrd3d-x8ny0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2001:3380::/29
2a0b:3e00::/29
2a0e:a780::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:4d:f8:0a:f7:e5:c6:4e:2e:58:fe:3e:a2:35:b4:87:65:8a:
ba:62:2d:b5:f2:04:51:19:58:ad:37:6a:4f:21:96:c7:83:fd:
11:73:f3:1c:dc:40:c9:53:70:b1:35:1d:56:dd:37:11:e2:b1:
c3:da:dd:f1:07:c5:9b:89:29:c2:7d:c2:29:3a:5c:23:0b:34:
24:f8:c5:23:92:7f:d3:1b:72:c6:b5:b6:98:0e:dc:bc:57:cd:
f1:d6:20:51:64:5b:25:e5:a0:c8:4a:0d:19:77:08:73:07:a1:
07:39:04:65:c7:d9:bc:aa:e4:5c:ca:13:7c:87:5d:66:b8:c5:
45:2b:7d:7d:d2:eb:43:8b:b8:46:41:ca:a7:86:c4:73:86:c8:
75:5c:76:d7:17:ae:94:19:9e:fc:f4:26:11:a8:9d:0c:38:6c:
ea:ae:94:dc:18:d9:38:2b:6f:ea:85:96:87:c7:89:c0:01:43:
c5:81:a1:e2:b4:e9:8e:31:09:db:4f:64:1c:7e:7c:43:58:6c:
bb:f3:d3:33:87:de:1e:ba:fd:1f:cc:e6:8d:6c:6c:de:29:dc:
67:3c:10:86:46:a0:59:67:a9:c8:fa:e5:47:02:1f:eb:ee:c1:
57:55:52:d8:e5:cf:ae:cc:75:28:ea:db:87:f6:8b:0c:f8:44:
91:77:20:5b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZWuraNsb2UzvN01jFgSNVp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMzE5MTM1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I1ODU1Y2IxMDU1MDQ3MWY3ODhlMzU1YWI3Nzc3N2VjN2M5ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP00U3G8823NJfYiy7LlC47iki79
mSWXkRTwA99fE6moXZ9WwaI6i+s14kDzcuJLj43AoeqvOzIZ5Lb6PZ2oRjlvj148
hqj5yffC6I1WD2Bjlvdy7GlybHSB+eHkklM35e8XkaoDLIkBTDNE/0SV5EmwZfqM
uf6slQ8mLENcl9j5K4NlmDV1pPCTKz8JBsK3qKtqAn3zZs7k0949zJHkwKiZU6/X
mJWYTAomzp/+qG3yYTvL29VXVmHe/cmO9nLiXEY7jMJztM+ifW+jWJpcWdKz953P
5JtgkgEMxwb0p09uXLDgyIafMTXklF5fsB8ByCLlWovOFbsW7QthfmcgAQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFFO1hVyxBVBHH3iONVq3d3fsfJ8tMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvVTdXRlhMRUZVRWNmZUk0MVdyZDNkLXg4bnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDIAEwgAMF
AyABM4ADBQMqCz4AAwUDKg6ngAMFAyoTuEADBQMqE93AAwUDKhQ1wDANBgkqhkiG
9w0BAQsFAAOCAQEAGk34Cvflxk4uWP4+ojW0h2WKumIttfIEURlYrTdqTyGWx4P9
EXPzHNxAyVNwsTUdVt03EeKxw9rd8QfFm4kpwn3CKTpcIws0JPjFI5J/0xtyxrW2
mA7cvFfN8dYgUWRbJeWgyEoNGXcIcwehBzkEZcfZvKrkXMoTfIddZrjFRSt9fdLr
Q4u4RkHKp4bEc4bIdVx21xeulBme/PQmEaidDDhs6q6U3BjZOCtv6oWWh8eJwAFD
xYGh4rTpjjEJ209kHH58Q1hsu/PTM4feHrr9H8zmjWxs3incZzwQhkagWWepyPrl
RwIf6+7BV1VS2OXPrsx1KOrbh/aLDPhEkXcgWw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:43:35 2025 by rpki-client