Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YbnfzU14jCIVbGvElkUEHVf8dk.roa
File: 4YbnfzU14jCIVbGvElkUEHVf8dk.roa (raw, json)
Hash identifier: rePAvNiKU4Vk5g4dQNhKTXqurLPcrGwSbDsloRRUtqw=
Subject key identifier: E1:86:E7:7F:35:35:E2:30:88:55:B1:AF:12:59:14:10:75:5F:F1:D9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195FA68D8BD17975E07C12F70544801BE75
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YbnfzU14jCIVbGvElkUEHVf8dk.roa
Signing time: Thu 03 Apr 2025 06:48:49 +0000
ROA not before: Thu 03 Apr 2025 06:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a09:b700::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a13:1940::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:c500::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Apr 2025 13:04:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:68:d8:bd:17:97:5e:07:c1:2f:70:54:48:01:be:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 3 06:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e186e77f3535e2308855b1af12591410755ff1d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f8:d4:f2:45:fb:96:37:2c:e6:30:d1:0a:05:
cb:60:56:d9:42:06:de:ac:b5:56:c2:cd:5f:36:73:
f4:d0:1a:89:e9:3f:fe:60:6f:30:83:93:b3:9e:b9:
de:1f:3a:12:7f:48:b8:38:cc:5f:2a:c6:8c:9d:14:
4e:99:2d:8d:d2:70:e3:a2:6c:21:f4:a4:3f:b2:8e:
60:64:c2:ac:ae:0f:a4:d8:c3:1b:64:7f:e3:ee:56:
50:8b:4d:f5:b3:b7:96:18:02:a1:ed:2d:02:f8:d4:
e3:ad:9f:3b:fa:cd:00:a4:3d:e0:da:a9:f9:39:9a:
37:e3:8c:f4:06:87:6b:cf:be:a7:f4:ba:f4:5b:f5:
e8:38:66:4d:e9:09:7f:ec:ee:eb:28:47:6e:85:b5:
c8:af:57:81:aa:fa:54:52:d3:a3:96:78:e3:65:83:
ca:4e:d9:48:ec:e9:6c:54:f9:80:fa:85:16:09:8f:
ab:fa:bf:81:af:8f:93:c6:a3:04:95:89:a0:b7:75:
48:2e:3b:9c:90:ab:7b:f9:fb:4d:48:e1:02:a6:b7:
bf:f1:79:eb:95:1b:76:b5:73:2c:a1:55:c0:f8:6f:
a3:7c:09:92:d7:7c:71:1c:d3:71:93:12:88:0f:b9:
37:8b:71:1b:8d:c4:54:31:ba:da:b6:92:db:c1:29:
4b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:86:E7:7F:35:35:E2:30:88:55:B1:AF:12:59:14:10:75:5F:F1:D9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YbnfzU14jCIVbGvElkUEHVf8dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b700::/29
2a0f:dec0::/29
2a0f:e540::/29
2a10:7100::/29
2a11:4e80::/29
2a13:1940::/29
2a13:8f00::/29
2a13:c500::/29
Signature Algorithm: sha256WithRSAEncryption
c5:44:7b:30:7e:84:54:de:26:71:9f:bb:c0:13:b3:0f:ac:d9:
96:25:7a:35:fd:56:ba:f4:59:f9:79:ff:25:c0:dc:36:f3:ab:
51:b5:9e:70:6a:53:07:e7:dd:2f:6d:69:4f:ef:a4:0d:ac:88:
bf:8c:cc:78:d5:d1:92:db:0a:61:8c:ec:2b:8d:61:60:a0:9b:
de:59:ee:6a:19:73:b5:0c:9c:1b:46:24:f9:55:79:79:70:91:
72:fa:b6:f4:5b:9a:a3:9f:0d:15:0f:21:bb:8f:32:ba:bd:3b:
b1:cf:79:41:a6:dd:99:74:2d:a9:59:c8:35:8a:19:cd:36:4c:
56:3f:da:7d:75:ea:58:4b:e6:af:0f:04:4d:91:53:ad:72:2e:
45:44:4f:80:dc:61:26:be:78:48:46:79:f2:b8:23:d6:74:8e:
6b:45:ba:b1:a0:10:47:65:bf:5c:b9:f2:4c:8b:c2:be:47:45:
0d:79:2b:91:14:7c:ff:39:bc:47:f2:45:f4:cf:db:fd:4e:b2:
c0:89:08:58:da:9c:35:de:e8:15:29:6c:24:b9:22:6a:6a:b9:
b7:05:30:ca:47:8a:25:65:30:a7:46:f4:f1:37:62:77:20:c3:
72:54:84:2a:7c:3f:47:2f:14:35:cd:60:73:a5:67:0c:9d:08:
85:dd:a9:22
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZX6aNi9F5deB8EvcFRIAb51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDAzMDY0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg2ZTc3ZjM1MzVlMjMwODg1NWIxYWYxMjU5MTQxMDc1NWZmMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvjU8kX7ljcs5jDRCgXLYFbZQgbe
rLVWws1fNnP00BqJ6T/+YG8wg5OznrneHzoSf0i4OMxfKsaMnRROmS2N0nDjomwh
9KQ/so5gZMKsrg+k2MMbZH/j7lZQi031s7eWGAKh7S0C+NTjrZ87+s0ApD3g2qn5
OZo344z0Bodrz76n9Lr0W/XoOGZN6Ql/7O7rKEduhbXIr1eBqvpUUtOjlnjjZYPK
TtlI7OlsVPmA+oUWCY+r+r+Br4+TxqMElYmgt3VILjuckKt7+ftNSOECpre/8Xnr
lRt2tXMsoVXA+G+jfAmS13xxHNNxkxKID7k3i3EbjcRUMbratpLbwSlLEQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOGG5381NeIwiFWxrxJZFBB1X/HZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNFlibmZ6VTE0akNJVmJHdkVsa1VFSFZmOGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgm3AAMF
AyoP3sADBQMqD+VAAwUDKhBxAAMFAyoRToADBQMqExlAAwUDKhOPAAMFAyoTxQAw
DQYJKoZIhvcNAQELBQADggEBAMVEezB+hFTeJnGfu8ATsw+s2ZYlejX9Vrr0Wfl5
/yXA3Dbzq1G1nnBqUwfn3S9taU/vpA2siL+MzHjV0ZLbCmGM7CuNYWCgm95Z7moZ
c7UMnBtGJPlVeXlwkXL6tvRbmqOfDRUPIbuPMrq9O7HPeUGm3Zl0LalZyDWKGc02
TFY/2n116lhL5q8PBE2RU61yLkVET4DcYSa+eEhGefK4I9Z0jmtFurGgEEdlv1y5
8kyLwr5HRQ15K5EUfP85vEfyRfTP2/1OssCJCFjanDXe6BUpbCS5ImpqubcFMMpH
iiVlMKdG9PE3Yncgw3JUhCp8P0cvFDXNYHOlZwydCIXdqSI=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:45:44 2025 by rpki-client