Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qx95JjeV08HXqdTP0RARAvudZE.roa
File: 1-qx95JjeV08HXqdTP0RARAvudZE.roa (raw, json)
Hash identifier: xrROzXrCTzf6HKFoQfucfi5AmUETRwSQw1RviDKL/P0=
Subject key identifier: FA:AC:7D:E4:98:DE:57:4F:07:5E:A7:53:3F:44:40:44:0B:EE:75:91
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019600F18478C055DFC74BBC185D46DAC8E6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qx95JjeV08HXqdTP0RARAvudZE.roa
Signing time: Fri 04 Apr 2025 13:15:50 +0000
ROA not before: Fri 04 Apr 2025 13:15:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a09:b700::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:2ec0::/29 maxlen: 29
2a13:3040::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:a100::/29 maxlen: 29
2a13:c500::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 13 Apr 2025 08:19:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:f1:84:78:c0:55:df:c7:4b:bc:18:5d:46:da:c8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 4 13:15:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faac7de498de574f075ea7533f4440440bee7591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:1c:d0:e8:ba:8d:3b:87:e7:ee:e9:f4:6e:
af:64:0e:50:a3:28:f3:c2:c7:36:66:f5:2b:c6:73:
f3:6f:fc:8a:80:be:1e:c2:4a:6e:aa:12:6e:06:99:
ed:50:4f:48:61:07:51:a4:5a:77:e3:bb:6c:ec:88:
94:fd:ca:49:86:d5:5b:7b:2b:fe:ab:2a:13:01:50:
7f:b3:17:c2:d2:a0:b4:79:91:1f:be:40:07:6b:d5:
c3:84:ad:8f:d4:f2:c6:2c:93:26:a8:9b:36:1a:36:
d9:16:27:80:c5:27:ac:01:49:fe:56:38:92:71:26:
4e:98:c1:a1:00:1d:9c:8e:21:fd:3c:e7:66:9b:60:
53:d2:d6:80:26:8e:9a:82:7b:c7:2e:0f:e5:c6:c3:
33:59:9b:d1:e9:b5:f5:0c:0e:80:79:82:f4:8e:5f:
58:63:d1:c0:70:81:8e:8c:28:27:0d:9c:7a:4d:f3:
34:ea:bb:3f:41:1b:53:f5:63:ba:fd:7f:60:50:b8:
af:a8:cd:dd:3b:58:bd:ba:31:dd:85:d2:78:34:23:
87:08:b8:19:31:60:37:91:e7:1f:61:f9:42:e7:55:
04:cd:5d:34:5f:9c:89:07:12:29:f3:a1:d1:ed:65:
10:16:43:d6:47:d1:44:c0:10:fe:eb:7d:8c:47:b5:
30:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AC:7D:E4:98:DE:57:4F:07:5E:A7:53:3F:44:40:44:0B:EE:75:91
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qx95JjeV08HXqdTP0RARAvudZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b700::/29
2a0f:1540::/29
2a0f:dec0::/29
2a0f:e540::/29
2a11:4e80::/29
2a13:1940::/29
2a13:2ec0::/29
2a13:3040::/29
2a13:8f00::/29
2a13:a100::/29
2a13:c500::/29
Signature Algorithm: sha256WithRSAEncryption
95:65:4c:ed:2d:42:cb:f1:52:bb:5f:b7:23:29:a0:2b:ad:66:
10:16:82:5f:05:9f:3a:76:28:ad:c7:ef:14:35:0e:2c:d2:df:
21:92:bc:be:80:d0:cf:c5:32:72:c6:e2:41:46:54:4a:9c:7b:
1e:aa:3d:dd:55:17:73:2a:b1:32:fe:37:d4:93:10:71:b2:c6:
32:28:81:d1:5b:dd:ac:43:8e:de:4d:f9:4c:93:df:3a:fe:5c:
f1:fc:16:df:6c:0a:ca:6f:e1:ab:3d:73:6c:85:31:c2:ee:a9:
86:8e:bb:b3:7e:b7:c7:55:51:6a:eb:ad:17:f0:ac:1f:dc:1c:
4f:c6:da:dd:7b:ad:cf:21:6a:a6:ea:be:f7:84:bc:23:24:e8:
f8:0b:96:2d:8f:c4:5a:83:d6:95:47:84:7e:a5:53:63:39:ec:
6d:5c:d4:6c:2f:14:74:43:d2:1b:ff:61:2f:75:9d:4b:cc:87:
34:8e:a5:5a:f0:65:ec:06:7a:7a:c1:46:4c:9e:a7:6e:31:f0:
13:53:7e:18:02:af:90:e7:b3:94:26:ed:59:1d:79:91:20:93:
00:11:f3:0e:cf:03:29:fe:cb:2a:e0:b7:13:07:db:49:3d:0d:
6a:16:fe:08:15:55:f7:46:88:b6:41:ec:10:16:e1:7b:03:66:
7a:2d:fe:7f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZYA8YR4wFXfx0u8GF1G2sjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDA0MTMxNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFjN2RlNDk4ZGU1NzRmMDc1ZWE3NTMzZjQ0NDA0NDBiZWU3NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoYc0Oi6jTuH5+7p9G6vZA5Qoyjz
wsc2ZvUrxnPzb/yKgL4ewkpuqhJuBpntUE9IYQdRpFp347ts7IiU/cpJhtVbeyv+
qyoTAVB/sxfC0qC0eZEfvkAHa9XDhK2P1PLGLJMmqJs2GjbZFieAxSesAUn+VjiS
cSZOmMGhAB2cjiH9POdmm2BT0taAJo6agnvHLg/lxsMzWZvR6bX1DA6AeYL0jl9Y
Y9HAcIGOjCgnDZx6TfM06rs/QRtT9WO6/X9gULivqM3dO1i9ujHdhdJ4NCOHCLgZ
MWA3kecfYflC51UEzV00X5yJBxIp86HR7WUQFkPWR9FEwBD+632MR7UwKwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPqsfeSY3ldPB16nUz9EQEQL7nWRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS1xeDk1SmplVjA4SFhxZFRQMFJBUkF2dWRaRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRi
Ni8xL2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBmBggrBgEFBQcBBwEB/wRXMFUwUwQCAAIwTQMFAyoJtwAD
BQMqDxVAAwUDKg/ewAMFAyoP5UADBQMqEU6AAwUDKhMZQAMFAyoTLsADBQMqEzBA
AwUDKhOPAAMFAyoToQADBQMqE8UAMA0GCSqGSIb3DQEBCwUAA4IBAQCVZUztLULL
8VK7X7cjKaArrWYQFoJfBZ86diitx+8UNQ4s0t8hkry+gNDPxTJyxuJBRlRKnHse
qj3dVRdzKrEy/jfUkxBxssYyKIHRW92sQ47eTflMk986/lzx/BbfbArKb+GrPXNs
hTHC7qmGjruzfrfHVVFq660X8Kwf3BxPxtrde63PIWqm6r73hLwjJOj4C5Ytj8Ra
g9aVR4R+pVNjOextXNRsLxR0Q9Ib/2EvdZ1LzIc0jqVa8GXsBnp6wUZMnqduMfAT
U34YAq+Q57OUJu1ZHXmRIJMAEfMOzwMp/ssq4LcTB9tJPQ1qFv4IFVX3Roi2QewQ
FuF7A2Z6Lf5/
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:54 2025 by rpki-client