Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcxQoxqaKLpTmQMf4J7mCIoc5tA.roa
File: HcxQoxqaKLpTmQMf4J7mCIoc5tA.roa (raw, json)
Hash identifier: YlOktSIrBlEF9BJgyPBr38qwZ+CbJ0c9T8aYOqDtMFw=
Subject key identifier: 1D:CC:50:A3:1A:9A:28:BA:53:99:03:1F:E0:9E:E6:08:8A:1C:E6:D0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01955CFCB5A41AEA25B96A6010E3715B8788
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcxQoxqaKLpTmQMf4J7mCIoc5tA.roa
Signing time: Mon 03 Mar 2025 17:10:20 +0000
ROA not before: Mon 03 Mar 2025 17:10:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214773
IP address blocks: 2a05:b900::/29 maxlen: 29
2a0f:1f80::/29 maxlen: 29
2a12:4ac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 17:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:fc:b5:a4:1a:ea:25:b9:6a:60:10:e3:71:5b:87:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 3 17:10:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dcc50a31a9a28ba5399031fe09ee6088a1ce6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:d3:d3:9a:ba:2b:1a:5f:32:98:32:78:83:
d0:f1:33:7e:4d:4c:26:9c:97:30:ed:df:a7:7b:b9:
34:c9:74:b5:ff:6d:f4:81:c4:34:ae:86:7b:b3:a1:
72:73:1f:24:6e:ce:de:21:7e:bc:b4:f9:95:4c:b6:
66:14:79:37:f2:c9:01:11:bb:fa:06:9b:45:30:9b:
fb:bd:3b:cb:d1:db:5c:2e:e5:54:cd:fb:d0:2d:eb:
9b:71:cc:97:74:1e:f3:ce:df:9d:d0:ff:d0:7f:41:
86:7a:2c:db:e3:32:40:c9:13:13:af:be:50:e8:53:
77:d0:40:e7:89:2e:bb:65:2f:d1:1f:8d:df:8e:21:
d3:52:b3:26:ff:3e:74:4e:4c:ab:77:e2:fc:f9:7d:
78:0b:06:2f:28:64:ce:39:0f:f7:45:38:b3:83:86:
dd:2d:d7:1d:38:a7:c5:04:f4:1a:43:f5:50:a2:e1:
cc:65:d4:e6:60:80:7c:0f:74:d8:73:57:37:0a:18:
71:77:53:f6:c2:79:5a:d1:cb:1e:3b:54:23:d1:3b:
d2:f5:3c:57:a6:c7:8f:6b:7a:03:3a:80:9c:2d:60:
fa:b9:be:db:5b:02:a7:05:50:9a:9b:83:3e:5f:7b:
1a:9b:62:ad:dd:78:17:3b:a5:14:e3:59:4e:f6:66:
9a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CC:50:A3:1A:9A:28:BA:53:99:03:1F:E0:9E:E6:08:8A:1C:E6:D0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcxQoxqaKLpTmQMf4J7mCIoc5tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b900::/29
2a0f:1f80::/29
2a12:4ac0::/29
Signature Algorithm: sha256WithRSAEncryption
40:ad:5e:70:19:95:09:2f:2b:30:1f:16:5b:54:ab:0f:d6:71:
f6:5c:05:57:93:bf:fa:57:1e:3d:38:7e:01:56:c3:d5:d3:a4:
bf:f8:55:7c:f8:9f:b2:d4:29:c5:19:f4:02:09:36:fe:70:a9:
59:b9:ed:ef:f1:7d:58:77:fb:73:80:6b:1a:14:78:be:1e:e8:
6f:fb:45:a6:32:11:91:00:7e:a8:f7:48:1f:82:32:a7:99:af:
55:7c:e3:50:d7:fd:eb:a0:4f:0a:03:7a:47:4e:16:9d:cd:9d:
ec:0c:19:2f:b9:41:f6:82:ef:c1:84:56:1e:92:5f:14:0d:3c:
0d:d3:b1:a7:75:9c:36:58:7b:17:51:47:ac:57:01:d1:6a:b1:
a5:2e:fd:e4:be:80:0e:7d:cd:bf:8f:69:11:dc:73:63:e4:0f:
17:e7:39:45:6a:c9:27:9d:c2:47:75:0f:dd:d5:89:a6:8a:cb:
e5:e3:2d:60:77:50:69:f0:4d:ff:59:1c:82:3e:74:10:72:73:
1b:92:33:6e:96:a5:cb:04:ce:6a:64:03:75:cd:3f:86:24:e9:
99:98:17:c7:cc:eb:6e:bd:b7:48:b5:38:d3:ba:c2:e2:30:50:
0b:51:00:8a:4d:1f:9b:ee:5c:1d:e7:83:ae:65:96:d7:60:5f:
1f:c2:b3:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVc/LWkGuoluWpgEONxW4eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzAzMTcxMDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNjNTBhMzFhOWEyOGJhNTM5OTAzMWZlMDllZTYwODhhMWNlNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvnT05q6KxpfMpgyeIPQ8TN+TUwm
nJcw7d+ne7k0yXS1/230gcQ0roZ7s6Fycx8kbs7eIX68tPmVTLZmFHk38skBEbv6
BptFMJv7vTvL0dtcLuVUzfvQLeubccyXdB7zzt+d0P/Qf0GGeizb4zJAyRMTr75Q
6FN30EDniS67ZS/RH43fjiHTUrMm/z50Tkyrd+L8+X14CwYvKGTOOQ/3RTizg4bd
LdcdOKfFBPQaQ/VQouHMZdTmYIB8D3TYc1c3Chhxd1P2wnla0cseO1Qj0TvS9TxX
psePa3oDOoCcLWD6ub7bWwKnBVCam4M+X3sam2Kt3XgXO6UU41lO9maaFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3MUKMamii6U5kDH+Ce5giKHObQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSGN4UW94cWFLTHBUbVFNZjRKN21DSW9jNXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgW5AAMF
AyoPH4ADBQMqEkrAMA0GCSqGSIb3DQEBCwUAA4IBAQBArV5wGZUJLyswHxZbVKsP
1nH2XAVXk7/6Vx49OH4BVsPV06S/+FV8+J+y1CnFGfQCCTb+cKlZue3v8X1Yd/tz
gGsaFHi+Huhv+0WmMhGRAH6o90gfgjKnma9VfONQ1/3roE8KA3pHThadzZ3sDBkv
uUH2gu/BhFYekl8UDTwN07GndZw2WHsXUUesVwHRarGlLv3kvoAOfc2/j2kR3HNj
5A8X5zlFasknncJHdQ/d1Ymmisvl4y1gd1Bp8E3/WRyCPnQQcnMbkjNulqXLBM5q
ZAN1zT+GJOmZmBfHzOtuvbdItTjTusLiMFALUQCKTR+b7lwd54OuZZbXYF8fwrOs
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:38 2025 by rpki-client