Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C9IKf1pJJzOEBE2pTU0TVyy48I0.roa
File: C9IKf1pJJzOEBE2pTU0TVyy48I0.roa (raw, json)
Hash identifier: pSPA5eD6jv6EEsOdVDgijiXxv2rhXij3uFDNJT1tOcI=
Subject key identifier: 0B:D2:0A:7F:5A:49:27:33:84:04:4D:A9:4D:4D:13:57:2C:B8:F0:8D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01956C771B6AA62409047E189692E1CBE37E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C9IKf1pJJzOEBE2pTU0TVyy48I0.roa
Signing time: Thu 06 Mar 2025 17:18:19 +0000
ROA not before: Thu 06 Mar 2025 17:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:1fc0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Mar 2025 08:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:77:1b:6a:a6:24:09:04:7e:18:96:92:e1:cb:e3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 17:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bd20a7f5a49273384044da94d4d13572cb8f08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a4:df:49:95:56:8a:48:b6:62:44:99:93:93:
a0:f1:a2:23:bc:cc:d5:d1:25:81:07:2c:5a:1d:91:
2f:f1:7f:41:dd:b0:24:fe:52:90:3a:3e:cd:83:3d:
11:76:81:2f:74:2d:d4:3c:84:5c:ff:fa:49:14:fb:
3c:a6:2b:48:ef:c3:d0:f1:ec:23:6e:e7:a3:49:b9:
1b:35:9b:2a:1e:c3:bc:3f:30:30:23:16:4e:0d:90:
39:a6:d2:e5:ec:f8:0d:cc:34:82:95:86:b0:d0:2f:
ef:0f:98:4b:e0:86:97:91:f7:4b:da:30:10:cd:66:
41:7b:f9:1d:b2:ed:87:8c:f0:19:32:b9:fd:47:7a:
d3:19:a8:28:32:db:e4:17:7a:70:f4:17:d8:14:b2:
e0:11:4d:70:d2:e2:f7:52:6f:20:bd:e6:43:f6:ee:
42:9e:46:a7:b6:f2:91:7e:7a:d2:40:40:91:b1:6b:
5e:df:fa:a5:b5:cd:8f:c3:95:aa:9a:cf:f6:73:12:
82:26:ea:7c:1c:05:7c:ef:8a:0b:a2:4f:e9:99:65:
72:67:a9:7d:60:cc:a8:5a:04:39:27:02:94:e4:fb:
e3:0f:2c:7f:73:ca:e1:c3:ac:86:9c:6f:a3:e5:1e:
4e:70:3a:d2:d0:42:fb:da:3a:94:90:5f:44:2a:37:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D2:0A:7F:5A:49:27:33:84:04:4D:A9:4D:4D:13:57:2C:B8:F0:8D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/C9IKf1pJJzOEBE2pTU0TVyy48I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1fc0::/29
2a0f:2f80::/29
2a0f:c400::/29
2a0f:e600::/29
2a10:7100::/29
2a11:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
88:70:ba:aa:b7:55:50:cd:5c:ff:d9:7f:2e:ca:d2:18:2c:93:
8a:1c:3b:24:dc:06:f8:cb:87:fc:dd:eb:b1:f3:44:f6:51:ff:
77:94:ee:1b:56:36:95:2d:4f:22:89:fd:83:28:1a:22:b5:60:
b3:06:eb:3d:aa:37:51:79:43:64:74:03:a6:54:a2:9c:f9:71:
65:69:2e:a9:f6:e9:7c:2c:13:64:6f:b8:7f:f5:fb:4e:e7:9e:
f6:81:1f:7c:b1:29:5e:f8:ab:8e:58:fe:db:72:8d:28:ba:f7:
98:c4:f7:39:d2:49:b4:1d:37:77:30:8c:99:77:98:cf:22:cb:
d6:87:b4:59:f0:8c:19:80:d5:27:e9:f1:c3:e6:ef:d9:cf:9f:
6b:49:b6:cb:23:43:f1:33:b3:d1:71:1d:d1:2d:14:87:02:60:
76:4b:4e:02:91:0c:be:9c:5a:87:05:6e:a6:ba:f3:2e:72:61:
5d:d7:8c:c4:33:e9:ec:2d:d8:a1:70:64:78:94:19:3a:c6:5a:
75:ad:28:09:14:e4:9a:67:93:00:49:65:25:8c:e8:74:7e:36:
70:34:9c:ca:b0:bf:b6:f5:1b:d8:65:4f:66:00:0d:d8:73:ec:
33:fd:8e:ea:46:c2:a1:53:11:f2:b5:8d:17:d4:e2:11:da:9d:
74:5a:83:5f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZVsdxtqpiQJBH4YlpLhy+N+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzA2MTcxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQyMGE3ZjVhNDkyNzMzODQwNDRkYTk0ZDRkMTM1NzJjYjhmMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKTfSZVWiki2YkSZk5Og8aIjvMzV
0SWBByxaHZEv8X9B3bAk/lKQOj7Ngz0RdoEvdC3UPIRc//pJFPs8pitI78PQ8ewj
buejSbkbNZsqHsO8PzAwIxZODZA5ptLl7PgNzDSClYaw0C/vD5hL4IaXkfdL2jAQ
zWZBe/kdsu2HjPAZMrn9R3rTGagoMtvkF3pw9BfYFLLgEU1w0uL3Um8gveZD9u5C
nkantvKRfnrSQECRsWte3/qltc2Pw5Wqms/2cxKCJup8HAV874oLok/pmWVyZ6l9
YMyoWgQ5JwKU5PvjDyx/c8rhw6yGnG+j5R5OcDrS0EL72jqUkF9EKjdj7wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAvSCn9aSSczhARNqU1NE1csuPCNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQzlJS2YxcEpKek9FQkUycFRVMFRWeXk0OEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8fwAMF
AyoPL4ADBQMqD8QAAwUDKg/mAAMFAyoQcQADBQMqET+AMA0GCSqGSIb3DQEBCwUA
A4IBAQCIcLqqt1VQzVz/2X8uytIYLJOKHDsk3Ab4y4f83eux80T2Uf93lO4bVjaV
LU8iif2DKBoitWCzBus9qjdReUNkdAOmVKKc+XFlaS6p9ul8LBNkb7h/9ftO5572
gR98sSle+KuOWP7bco0ouveYxPc50km0HTd3MIyZd5jPIsvWh7RZ8IwZgNUn6fHD
5u/Zz59rSbbLI0PxM7PRcR3RLRSHAmB2S04CkQy+nFqHBW6muvMucmFd14zEM+ns
LdihcGR4lBk6xlp1rSgJFOSaZ5MASWUljOh0fjZwNJzKsL+29RvYZU9mAA3Yc+wz
/Y7qRsKhUxHytY0X1OIR2p10WoNf
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:10:43 2025 by rpki-client