Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IVZY3d9lBmNmI91MN-yGqDmVqik.roa
File: IVZY3d9lBmNmI91MN-yGqDmVqik.roa (raw, json)
Hash identifier: mkSpH9f0gocZzW5vFdgI1jadp+Ov5+jc0wZTwhfKVOo=
Subject key identifier: 21:56:58:DD:DF:65:06:63:66:23:DD:4C:37:EC:86:A8:39:95:AA:29
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01953734D07D55E690FD1263681A7D2D9AFA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IVZY3d9lBmNmI91MN-yGqDmVqik.roa
Signing time: Mon 24 Feb 2025 09:06:02 +0000
ROA not before: Mon 24 Feb 2025 09:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 2a0f:3540::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 17:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:34:d0:7d:55:e6:90:fd:12:63:68:1a:7d:2d:9a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 24 09:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=215658dddf6506636623dd4c37ec86a83995aa29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:95:63:2b:a9:95:3f:6f:62:12:a2:23:fa:26:
34:a1:fa:87:6e:b5:ff:24:33:0c:31:49:33:19:23:
5a:5c:5a:99:6e:19:78:aa:74:6f:1a:6d:9a:60:07:
b3:ed:f4:db:3e:05:fc:8e:bf:a6:3b:fd:6f:e9:55:
25:22:c3:a6:33:cd:3d:42:41:8b:99:b3:04:e3:be:
3d:6d:aa:09:e3:aa:9c:72:ed:e9:44:5c:60:54:de:
c1:2e:24:00:29:75:f5:84:44:98:e3:c7:d2:ff:f6:
81:1a:63:72:82:fb:e4:b3:71:b7:c2:e8:b1:2d:ac:
ef:73:df:ec:70:37:26:2d:32:2c:0f:ca:63:41:80:
7e:a6:f3:fc:4b:67:d7:f0:26:c1:c2:46:b9:34:d0:
d4:bf:5b:8c:8a:d4:a2:b6:84:22:3a:87:4d:ee:5b:
ee:e4:df:8b:6f:7f:dd:cf:3a:0b:85:2a:a0:8e:e7:
c9:58:d4:a6:6e:19:de:19:43:d3:7c:e3:d3:da:30:
00:53:58:82:00:ef:ed:cc:1e:1e:b4:ad:a2:fd:a8:
16:30:ef:c9:b5:f8:aa:b4:63:91:1a:31:d1:34:29:
e4:ff:22:f7:51:b7:e9:b5:33:9d:6c:34:61:c4:77:
b4:da:b6:cb:cf:2c:a0:51:19:c1:10:42:78:b7:d4:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:56:58:DD:DF:65:06:63:66:23:DD:4C:37:EC:86:A8:39:95:AA:29
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IVZY3d9lBmNmI91MN-yGqDmVqik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3540::/29
Signature Algorithm: sha256WithRSAEncryption
97:e6:6c:e1:eb:34:fd:71:ba:11:dd:d7:02:42:d7:b3:b5:d2:
d9:95:0b:1a:04:14:7e:79:f2:5c:29:07:c0:ce:26:8f:01:56:
8e:ae:01:0c:d6:90:9f:fe:3d:42:92:7c:d7:50:50:50:a7:04:
32:77:81:a5:b5:39:ac:70:95:19:8a:f3:85:43:f0:60:0e:a0:
29:81:5f:a3:1a:26:31:7a:98:b2:e8:b4:e5:b2:6c:be:78:ce:
80:17:29:9e:18:fa:69:df:ef:d0:74:31:c4:88:60:68:65:a1:
71:9f:3e:f1:8a:fd:8e:47:b0:a4:93:4f:70:02:d9:91:ed:9e:
74:c5:b7:2a:69:30:34:1b:e5:c4:1c:c3:74:ae:45:b7:25:db:
2f:55:bf:75:bf:23:81:5b:c7:8d:e0:41:01:8b:05:54:c1:2b:
23:24:fd:6d:34:a2:96:71:c5:ce:e3:d4:e3:19:c9:ca:a3:5c:
5c:0c:9f:fc:03:59:9b:aa:36:35:33:10:74:92:c0:85:a4:aa:
2e:0e:03:4d:7d:46:c9:6b:b8:89:5b:bd:08:b1:10:03:ce:9c:
b0:2b:6b:ba:15:4d:09:7c:8e:eb:f1:4f:62:7f:94:0a:98:a3:
ea:ee:be:d4:bc:ba:de:9f:3c:42:1a:0b:69:2c:50:e2:db:8c:
20:2c:34:bb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZU3NNB9VeaQ/RJjaBp9LZr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjI0MDkwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU2NThkZGRmNjUwNjYzNjYyM2RkNGMzN2VjODZhODM5OTVhYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5VjK6mVP29iEqIj+iY0ofqHbrX/
JDMMMUkzGSNaXFqZbhl4qnRvGm2aYAez7fTbPgX8jr+mO/1v6VUlIsOmM809QkGL
mbME4749baoJ46qccu3pRFxgVN7BLiQAKXX1hESY48fS//aBGmNygvvks3G3wuix
Lazvc9/scDcmLTIsD8pjQYB+pvP8S2fX8CbBwka5NNDUv1uMitSitoQiOodN7lvu
5N+Lb3/dzzoLhSqgjufJWNSmbhneGUPTfOPT2jAAU1iCAO/tzB4etK2i/agWMO/J
tfiqtGORGjHRNCnk/yL3UbfptTOdbDRhxHe02rbLzyygURnBEEJ4t9Q/rQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCFWWN3fZQZjZiPdTDfshqg5laopMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSVZaWTNkOWxCbU5tSTkxTU4teUdxRG1WcWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg81QDAN
BgkqhkiG9w0BAQsFAAOCAQEAl+Zs4es0/XG6Ed3XAkLXs7XS2ZULGgQUfnnyXCkH
wM4mjwFWjq4BDNaQn/49QpJ811BQUKcEMneBpbU5rHCVGYrzhUPwYA6gKYFfoxom
MXqYsui05bJsvnjOgBcpnhj6ad/v0HQxxIhgaGWhcZ8+8Yr9jkewpJNPcALZke2e
dMW3KmkwNBvlxBzDdK5FtyXbL1W/db8jgVvHjeBBAYsFVMErIyT9bTSilnHFzuPU
4xnJyqNcXAyf/ANZm6o2NTMQdJLAhaSqLg4DTX1GyWu4iVu9CLEQA86csCtruhVN
CXyO6/FPYn+UCpij6u6+1Ly63p88QhoLaSxQ4tuMICw0uw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:32:10 2025 by rpki-client