Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A5XI1Lx_OHmmRJpv7LSSuXWhPx4.roa
File: A5XI1Lx_OHmmRJpv7LSSuXWhPx4.roa (raw, json)
Hash identifier: MKkVvRKRAc4VKQVaXxhwLti1zZIk3HSrX7naYEcpfY0=
Subject key identifier: 03:95:C8:D4:BC:7F:38:79:A6:44:9A:6F:EC:B4:92:B9:75:A1:3F:1E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01954678490CA8AC462F5DDCA2ED31F66077
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A5XI1Lx_OHmmRJpv7LSSuXWhPx4.roa
Signing time: Thu 27 Feb 2025 08:14:02 +0000
ROA not before: Thu 27 Feb 2025 08:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214734
IP address blocks: 2a0f:1440::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 03 Mar 2025 17:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:78:49:0c:a8:ac:46:2f:5d:dc:a2:ed:31:f6:60:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 27 08:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0395c8d4bc7f3879a6449a6fecb492b975a13f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b3:35:cd:10:9f:d5:ee:59:d3:41:bf:43:ce:
73:6b:87:dd:81:41:4d:b1:b5:71:19:d2:a0:3f:0e:
a7:ef:5f:2e:c9:0e:20:6f:2a:5e:aa:2a:d1:3f:e0:
4e:e4:52:e0:28:ba:78:bf:6c:a7:61:2d:8f:dd:f2:
7e:11:d9:52:ac:2a:bc:a5:00:db:77:42:7d:2a:e3:
c2:d9:a1:5a:27:78:e6:a7:00:9a:37:b9:34:2b:f4:
d9:83:75:68:57:8e:68:9e:13:89:98:db:c5:e9:47:
50:9a:db:88:ed:09:9d:98:ba:d7:b1:00:0d:ce:af:
fd:2b:68:1e:23:bf:62:68:30:cf:10:58:fa:ae:10:
5b:c6:19:40:0c:6e:ff:d9:bb:37:e1:82:e3:e6:5f:
0f:61:ef:f6:22:a0:7e:36:aa:5c:f7:c3:00:90:d1:
77:f8:b3:f3:25:b7:65:02:0b:98:b5:0a:a3:58:a6:
7e:66:84:29:05:ac:83:b3:78:a4:90:63:4c:b7:8d:
1b:e8:4d:dc:f5:f8:60:4a:f3:4d:cb:de:cf:e9:d0:
c7:52:68:2c:c2:ac:19:85:dc:23:0b:77:c6:77:c2:
be:3b:5c:bc:b2:ab:e8:19:65:3e:77:4c:e0:81:c4:
43:db:b8:67:29:fa:3d:6e:44:8b:42:43:c1:84:5b:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:95:C8:D4:BC:7F:38:79:A6:44:9A:6F:EC:B4:92:B9:75:A1:3F:1E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/A5XI1Lx_OHmmRJpv7LSSuXWhPx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1440::/29
Signature Algorithm: sha256WithRSAEncryption
1f:c7:f0:f5:68:cb:74:81:36:b6:ee:4c:31:2c:92:77:b1:99:
87:db:19:2f:09:c3:21:b3:75:eb:f2:51:47:67:08:5a:bc:05:
f7:e4:86:84:23:2e:f8:1c:72:8c:b1:7b:15:2d:0d:9b:67:8e:
57:59:b5:a7:14:4c:80:3b:6f:55:8c:a3:47:88:a6:29:a3:b7:
b8:b0:3e:f0:17:2b:fc:e9:b0:d2:f6:e9:d8:8a:8e:24:c7:37:
b2:03:f4:af:ab:5f:54:9c:1c:9a:de:e3:a1:91:27:27:70:e1:
49:d8:06:9b:19:ef:09:62:5a:46:52:a3:3b:e6:be:04:1a:eb:
dc:31:50:71:f4:b8:a2:77:0a:78:f9:41:a6:d2:b9:24:8f:88:
fb:9f:a1:9f:d0:a3:8c:c4:a4:1e:cd:5e:e6:e9:c2:63:df:25:
0b:11:38:5f:f3:9e:52:ee:72:3a:81:50:35:d2:d4:43:25:35:
28:d3:b0:e3:92:29:fd:55:20:5c:9e:7c:09:b5:81:fb:67:af:
17:8e:11:35:33:d7:5c:0d:2b:06:9b:52:35:42:3c:ba:1f:8a:
bc:ea:d5:5c:4b:7b:de:89:77:29:ad:d7:f2:ab:d7:64:02:f7:
8e:5b:e0:ba:96:ae:ba:84:93:42:ec:ab:e5:97:f4:d9:58:a6:
ff:95:89:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVGeEkMqKxGL13cou0x9mB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjI3MDgxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk1YzhkNGJjN2YzODc5YTY0NDlhNmZlY2I0OTJiOTc1YTEzZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rM1zRCf1e5Z00G/Q85za4fdgUFN
sbVxGdKgPw6n718uyQ4gbypeqirRP+BO5FLgKLp4v2ynYS2P3fJ+EdlSrCq8pQDb
d0J9KuPC2aFaJ3jmpwCaN7k0K/TZg3VoV45onhOJmNvF6UdQmtuI7QmdmLrXsQAN
zq/9K2geI79iaDDPEFj6rhBbxhlADG7/2bs34YLj5l8PYe/2IqB+Nqpc98MAkNF3
+LPzJbdlAguYtQqjWKZ+ZoQpBayDs3ikkGNMt40b6E3c9fhgSvNNy97P6dDHUmgs
wqwZhdwjC3fGd8K+O1y8sqvoGWU+d0zggcRD27hnKfo9bkSLQkPBhFvQNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAOVyNS8fzh5pkSab+y0krl1oT8eMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQTVYSTFMeF9PSG1tUkpwdjdMU1N1WFdoUHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8UQDAN
BgkqhkiG9w0BAQsFAAOCAQEAH8fw9WjLdIE2tu5MMSySd7GZh9sZLwnDIbN16/JR
R2cIWrwF9+SGhCMu+BxyjLF7FS0Nm2eOV1m1pxRMgDtvVYyjR4imKaO3uLA+8Bcr
/Omw0vbp2IqOJMc3sgP0r6tfVJwcmt7joZEnJ3DhSdgGmxnvCWJaRlKjO+a+BBrr
3DFQcfS4oncKePlBptK5JI+I+5+hn9CjjMSkHs1e5unCY98lCxE4X/OeUu5yOoFQ
NdLUQyU1KNOw45Ip/VUgXJ58CbWB+2evF44RNTPXXA0rBptSNUI8uh+KvOrVXEt7
3ol3Ka3X8qvXZAL3jlvgupauuoSTQuyr5Zf02Vim/5WJWw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:45 2025 by rpki-client