Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EaR2OzIg152Cmq2iXDgFyPvn6TE.roa
File: EaR2OzIg152Cmq2iXDgFyPvn6TE.roa (raw, json)
Hash identifier: OrC9oYMSoKWeGMwQCJfX1SBfImt++/teXFc8A2dpVeI=
Subject key identifier: 11:A4:76:3B:32:20:D7:9D:82:9A:AD:A2:5C:38:05:C8:FB:E7:E9:31
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195C99B8FA996E02EEFBA1FF0F1E22A8D70
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EaR2OzIg152Cmq2iXDgFyPvn6TE.roa
Signing time: Mon 24 Mar 2025 19:22:50 +0000
ROA not before: Mon 24 Mar 2025 19:22:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 2a05:b300::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 30 Mar 2025 12:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:9b:8f:a9:96:e0:2e:ef:ba:1f:f0:f1:e2:2a:8d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 24 19:22:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11a4763b3220d79d829aada25c3805c8fbe7e931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:57:9f:6e:c1:2a:91:a2:f7:10:7a:77:05:
da:68:c1:11:a2:95:52:27:fc:ea:c4:d7:48:9e:90:
2b:33:40:c0:66:a9:95:16:97:7e:a0:7c:ef:6e:ce:
20:46:7b:c2:f8:e1:5c:68:8b:c4:3f:79:b9:53:6d:
aa:8a:b5:4b:77:b4:85:6e:e4:ae:d7:6e:02:3c:7f:
bc:11:f2:84:42:bd:cc:65:01:82:34:cd:0d:19:1e:
d4:76:aa:43:c3:67:a8:a4:3a:40:48:39:5d:79:8b:
2d:29:db:f5:bb:ae:0a:ee:96:c6:3d:d6:a7:78:6c:
10:7b:6b:e6:3c:5e:f8:93:2c:ad:86:8f:c5:e5:ce:
07:c7:f9:a0:5c:44:e4:19:95:45:4e:48:2d:fa:e6:
d1:94:d7:7a:28:92:04:a7:4b:f8:49:ae:e3:5a:92:
88:20:21:d1:5d:0c:0a:3f:8b:95:0a:b2:76:4b:40:
4a:24:0a:92:75:32:d2:48:69:77:f0:39:1b:50:98:
03:ae:bf:4b:fc:f6:df:07:39:dc:f2:be:6c:ac:57:
ac:bd:39:50:dc:33:4d:7b:ca:9d:0c:2a:95:89:fd:
a0:ec:b4:8a:0c:47:53:54:fb:90:6d:94:c1:97:25:
ac:50:60:37:eb:69:af:a5:0c:a2:2c:fb:22:42:d4:
0b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A4:76:3B:32:20:D7:9D:82:9A:AD:A2:5C:38:05:C8:FB:E7:E9:31
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EaR2OzIg152Cmq2iXDgFyPvn6TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a0e:8880::/29
2a12:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
15:7c:0e:00:a3:ad:70:04:2f:37:67:0b:0b:08:12:27:92:cd:
41:92:35:ac:be:c3:de:c0:30:20:5e:f4:28:00:3e:21:0d:2f:
30:5b:ff:f3:7a:ac:cb:88:37:1b:f8:52:b2:d0:26:20:c6:46:
63:b1:6e:55:03:8a:9a:20:b6:24:97:98:56:cc:51:85:c2:2c:
04:df:28:6c:8f:d9:58:bc:55:8e:1c:d9:2d:2f:f9:19:f4:12:
6c:dd:f3:f3:a0:10:74:77:d5:4b:8b:11:cb:6c:1e:5f:6c:6f:
83:77:02:20:e1:1c:46:37:ac:5c:e9:e4:8f:82:73:20:63:83:
4a:14:02:c1:36:02:8c:4a:38:fc:6b:35:69:37:22:a8:d1:7a:
fb:2f:2d:c6:9e:88:88:8a:06:67:a7:d6:6f:2b:37:d9:10:7a:
e7:57:df:47:92:91:89:e6:8f:e4:92:f1:8e:75:ee:30:84:2e:
30:5b:8f:b8:b6:ec:7f:41:56:ae:a9:fd:2f:c1:43:73:44:06:
36:50:b7:91:ac:bf:e7:48:66:80:ea:cb:77:8b:48:c7:0c:ea:
de:87:c9:0b:98:d8:44:77:d5:f3:76:54:3a:41:9e:b1:47:b1:
0c:f7:1f:ff:1f:b8:c0:2f:f5:9e:54:30:b8:34:63:a2:e8:5e:
2a:bc:82:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXJm4+pluAu77of8PHiKo1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzI0MTkyMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWE0NzYzYjMyMjBkNzlkODI5YWFkYTI1YzM4MDVjOGZiZTdlOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRFXn27BKpGi9xB6dwXaaMERopVS
J/zqxNdInpArM0DAZqmVFpd+oHzvbs4gRnvC+OFcaIvEP3m5U22qirVLd7SFbuSu
124CPH+8EfKEQr3MZQGCNM0NGR7UdqpDw2eopDpASDldeYstKdv1u64K7pbGPdan
eGwQe2vmPF74kyytho/F5c4Hx/mgXETkGZVFTkgt+ubRlNd6KJIEp0v4Sa7jWpKI
ICHRXQwKP4uVCrJ2S0BKJAqSdTLSSGl38DkbUJgDrr9L/PbfBznc8r5srFesvTlQ
3DNNe8qdDCqVif2g7LSKDEdTVPuQbZTBlyWsUGA362mvpQyiLPsiQtQL0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBGkdjsyINedgpqtolw4Bcj75+kxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRWFSMk96SWcxNTJDbXEyaVhEZ0Z5UHZuNlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgWzAAMF
AyoOiIADBQMqEroAMA0GCSqGSIb3DQEBCwUAA4IBAQAVfA4Ao61wBC83ZwsLCBIn
ks1BkjWsvsPewDAgXvQoAD4hDS8wW//zeqzLiDcb+FKy0CYgxkZjsW5VA4qaILYk
l5hWzFGFwiwE3yhsj9lYvFWOHNktL/kZ9BJs3fPzoBB0d9VLixHLbB5fbG+DdwIg
4RxGN6xc6eSPgnMgY4NKFALBNgKMSjj8azVpNyKo0Xr7Ly3GnoiIigZnp9ZvKzfZ
EHrnV99HkpGJ5o/kkvGOde4whC4wW4+4tux/QVauqf0vwUNzRAY2ULeRrL/nSGaA
6st3i0jHDOreh8kLmNhEd9XzdlQ6QZ6xR7EM9x//H7jAL/WeVDC4NGOi6F4qvIJ8
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:37:12 2025 by rpki-client