Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5a8kU95DUGpzGDwRk8G50AEPSoQ.roa
File: 5a8kU95DUGpzGDwRk8G50AEPSoQ.roa (raw, json)
Hash identifier: nQ7mwQpBaCi4w/epN/L2tXr5IISbetFPTW+0kLShivs=
Subject key identifier: E5:AF:24:53:DE:43:50:6A:73:18:3C:11:93:C1:B9:D0:01:0F:4A:84
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01951F1B12AF504A9D3D87127CFF479D828F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5a8kU95DUGpzGDwRk8G50AEPSoQ.roa
Signing time: Wed 19 Feb 2025 16:47:02 +0000
ROA not before: Wed 19 Feb 2025 16:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:e00::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 09:06:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:1b:12:af:50:4a:9d:3d:87:12:7c:ff:47:9d:82:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 19 16:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5af2453de43506a73183c1193c1b9d0010f4a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ad:24:32:3d:9a:8b:0d:43:9e:10:2a:79:3e:
9c:f0:ca:43:a1:bd:5e:09:94:73:d1:81:1b:b9:22:
2d:f6:cd:f8:26:46:73:8d:e7:5a:dd:20:31:c5:89:
7b:14:f0:31:1e:bb:42:f7:f9:16:65:76:3a:eb:66:
06:b6:cc:f2:f6:71:cc:56:9c:19:b7:ff:52:de:e8:
a9:c9:2e:12:22:59:19:9e:8d:99:5b:ba:d8:5a:55:
d5:8a:8f:26:ae:45:66:1e:1f:45:b3:37:48:65:54:
a8:cf:b1:55:3f:51:ea:ec:9d:c3:0c:49:ae:4f:38:
1d:de:dd:58:78:8f:9c:7e:ea:93:57:99:a0:b5:fd:
9a:92:fd:0b:0a:a0:fe:9c:d2:8c:63:45:75:48:27:
09:66:76:66:80:e4:b8:92:1a:b9:9f:54:2b:d9:9a:
39:9d:fb:56:5a:4b:20:66:cb:03:83:99:f9:c3:7d:
56:54:78:19:26:1a:2f:44:11:5c:07:80:33:de:f8:
8b:83:a3:5b:45:a0:9f:6c:53:90:37:35:b7:bd:4d:
47:fe:69:2e:98:da:1c:3e:a6:84:0f:35:b0:68:b8:
df:ff:6f:75:80:6a:5b:19:b1:81:85:f0:c5:21:c0:
0a:9a:c7:24:e4:aa:5c:47:c0:87:c1:fd:14:91:e4:
de:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AF:24:53:DE:43:50:6A:73:18:3C:11:93:C1:B9:D0:01:0F:4A:84
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5a8kU95DUGpzGDwRk8G50AEPSoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e00::/29
2a0f:1fc0::/29
2a0f:29c0::/29
2a0f:2f80::/29
2a0f:c400::/29
2a0f:e600::/29
2a11:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
c6:17:c9:1b:30:e6:65:82:6c:2e:7b:eb:00:a7:2f:5f:7c:a9:
8b:4a:29:33:0d:e7:56:71:c4:0a:7d:34:3f:de:0b:0d:a0:ff:
f1:b5:9a:c0:21:cb:5e:84:bd:8f:19:65:21:f0:0c:23:c5:94:
f8:e4:ef:57:bc:d3:1d:5a:d8:10:11:c5:c0:0e:5b:d1:73:24:
7d:28:99:a7:38:73:a6:24:bd:80:1e:f1:b5:cb:05:12:ed:cf:
5e:bf:97:83:9d:c9:4c:eb:7e:05:c7:c1:61:fb:e4:19:63:1a:
a5:79:06:b9:f9:2b:7a:dc:d7:ba:12:af:33:16:af:03:d2:e2:
c7:8e:02:8f:31:36:16:90:da:a9:6f:4b:2f:bc:0d:42:0d:66:
9a:59:df:17:7c:05:1b:3d:13:5b:41:ec:a8:93:48:1b:00:fe:
ce:c3:3f:3b:47:ab:3f:1d:77:a3:09:52:24:6f:ca:e4:a9:ec:
2e:07:4d:55:27:29:ec:a8:f8:0e:11:03:19:06:12:95:b0:9f:
94:d4:03:3f:5b:a0:f9:79:e4:37:e6:38:0c:64:d0:c7:a2:6c:
87:01:da:fb:2e:ff:e1:fd:95:6e:76:18:f9:47:ea:cc:11:26:
91:8c:c6:27:78:be:9a:2c:36:ad:db:0b:43:f2:2d:f7:82:52:
cc:71:4e:98
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZUfGxKvUEqdPYcSfP9HnYKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjE5MTY0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFmMjQ1M2RlNDM1MDZhNzMxODNjMTE5M2MxYjlkMDAxMGY0YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK0kMj2aiw1DnhAqeT6c8MpDob1e
CZRz0YEbuSIt9s34JkZzjeda3SAxxYl7FPAxHrtC9/kWZXY662YGtszy9nHMVpwZ
t/9S3uipyS4SIlkZno2ZW7rYWlXVio8mrkVmHh9FszdIZVSoz7FVP1Hq7J3DDEmu
Tzgd3t1YeI+cfuqTV5mgtf2akv0LCqD+nNKMY0V1SCcJZnZmgOS4khq5n1Qr2Zo5
nftWWksgZssDg5n5w31WVHgZJhovRBFcB4Az3viLg6NbRaCfbFOQNzW3vU1H/mku
mNocPqaEDzWwaLjf/291gGpbGbGBhfDFIcAKmsck5KpcR8CHwf0UkeTeCwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFOWvJFPeQ1Bqcxg8EZPBudABD0qEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNWE4a1U5NURVR3B6R0R3Ums4RzUwQUVQU29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg8OAAMF
AyoPH8ADBQMqDynAAwUDKg8vgAMFAyoPxAADBQMqD+YAAwUDKhE/gDANBgkqhkiG
9w0BAQsFAAOCAQEAxhfJGzDmZYJsLnvrAKcvX3ypi0opMw3nVnHECn00P94LDaD/
8bWawCHLXoS9jxllIfAMI8WU+OTvV7zTHVrYEBHFwA5b0XMkfSiZpzhzpiS9gB7x
tcsFEu3PXr+Xg53JTOt+BcfBYfvkGWMapXkGufkretzXuhKvMxavA9Lix44CjzE2
FpDaqW9LL7wNQg1mmlnfF3wFGz0TW0HsqJNIGwD+zsM/O0erPx13owlSJG/K5Kns
LgdNVScp7Kj4DhEDGQYSlbCflNQDP1ug+XnkN+Y4DGTQx6JshwHa+y7/4f2VbnYY
+UfqzBEmkYzGJ3i+miw2rdsLQ/It94JSzHFOmA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:59:17 2025 by rpki-client