Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LdGf1WSIzo2wb6cshR0ePQUJzt4.roa
File: LdGf1WSIzo2wb6cshR0ePQUJzt4.roa (raw, json)
Hash identifier: I8/ODxnTuFF/0BhYsxYSqcXVn/IhOQOn2yITLcGKTFA=
Subject key identifier: 2D:D1:9F:D5:64:88:CE:8D:B0:6F:A7:2C:85:1D:1E:3D:05:09:CE:DE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195AF5AACA7BDD9A7A0A36D04D4DED1FC49
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LdGf1WSIzo2wb6cshR0ePQUJzt4.roa
Signing time: Wed 19 Mar 2025 17:01:49 +0000
ROA not before: Wed 19 Mar 2025 17:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0c:4880::/29 maxlen: 29
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:a00::/29 maxlen: 29
2a0f:e00::/29 maxlen: 29
2a0f:1440::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:1f80::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:9b00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:de40::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:5a:ac:a7:bd:d9:a7:a0:a3:6d:04:d4:de:d1:fc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 19 17:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dd19fd56488ce8db06fa72c851d1e3d0509cede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fc:fd:2e:cd:55:a3:2b:74:ae:fa:47:21:d2:
10:35:b2:fb:53:d6:f8:d0:0c:9c:e8:ce:93:6b:91:
a2:0d:43:70:84:2c:84:e0:f7:07:d4:f5:de:3c:aa:
4b:3c:a1:69:2f:8b:e8:9c:23:7f:51:b0:e3:9d:22:
46:f4:d2:06:cd:50:db:57:86:b1:26:d7:9e:89:36:
2a:c6:d0:7a:66:40:d6:08:80:71:e3:d4:b5:35:e3:
b3:93:e1:a3:94:1b:a4:96:53:46:31:51:d8:b3:13:
be:1c:1e:29:d0:70:62:f7:f6:75:d4:1c:00:97:83:
09:01:78:6a:b1:51:27:ea:2f:37:22:01:84:4c:41:
ef:e5:1d:b9:39:a9:c2:e6:96:86:6b:d5:30:2c:da:
b2:ec:af:13:c5:a6:ba:b9:45:7b:55:13:08:42:e5:
bf:0d:37:94:09:80:a7:9a:03:89:af:f7:19:f1:d4:
07:79:b9:11:17:24:a5:9c:63:4a:97:33:76:83:c3:
1d:ac:3f:fe:f0:0b:36:9e:77:60:c2:76:71:d6:0f:
d8:e2:78:c7:b9:79:dc:46:a6:6e:10:23:66:f0:0b:
ce:11:55:6d:84:dd:2f:25:c1:85:bf:6b:50:9c:2a:
ef:dd:c1:7e:92:1f:e4:76:e2:fd:56:8d:59:93:98:
cb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D1:9F:D5:64:88:CE:8D:B0:6F:A7:2C:85:1D:1E:3D:05:09:CE:DE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LdGf1WSIzo2wb6cshR0ePQUJzt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:2440::/29
2a0e:e980::/29
2a0f:a00::/29
2a0f:e00::/29
2a0f:1440::/29
2a0f:14c0::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:1f80::/29
2a0f:2300::/29
2a0f:2dc0::/29
2a0f:2ec0::/29
2a0f:2f80::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:3f80::/29
2a0f:9b00::/29
2a0f:a200::/29
2a0f:c400::/29
2a0f:de40::/29
2a0f:dec0::/29
2a0f:e140::/29
2a0f:e540::/29
2a0f:e5c0::/29
2a0f:e600::/29
2a0f:e640::/29
2a13:2e40::/29
2a13:d100::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
af:31:93:4a:c0:ed:6f:a9:a6:21:e9:5e:97:18:d8:15:f5:f2:
55:37:2c:65:b5:f3:57:73:19:64:c9:27:21:a1:45:9c:60:6a:
a9:7b:82:2f:1a:b4:03:90:f8:cf:2b:42:72:d1:75:bd:21:52:
4c:b9:05:4e:5b:53:0d:f8:c3:fb:71:dd:50:b9:09:85:cf:4e:
38:3d:4a:82:2e:e4:2e:da:81:a4:c0:be:b5:a9:8c:ad:9e:7d:
4f:a7:d9:ff:18:0c:6f:d5:23:e8:6b:b8:27:a7:a3:23:ae:e0:
a3:21:fb:2a:af:9b:89:26:c9:2a:16:58:7b:d0:71:1b:2d:e7:
ec:05:cb:8e:ee:a7:10:d8:a7:21:6b:04:59:59:43:08:38:57:
d5:67:5c:f5:54:2b:3f:fc:20:96:60:8c:ca:93:7e:50:74:89:
75:70:dc:70:87:09:bd:94:4e:cd:66:f5:32:5c:65:80:5e:78:
25:7b:cf:03:00:56:a6:53:a5:93:45:8c:d6:d0:ca:f5:18:89:
1b:38:27:06:be:01:46:8a:d8:eb:73:7f:d0:eb:5b:b1:b8:f1:
11:6c:0c:31:be:1c:7a:64:86:d0:48:c1:1a:bd:fb:a8:d2:c9:
86:ea:9d:07:2f:cd:f7:9b:ab:14:be:c3:e3:8f:c4:04:77:b3:
4d:09:9d:ab
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZWvWqynvdmnoKNtBNTe0fxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzE5MTcwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQxOWZkNTY0ODhjZThkYjA2ZmE3MmM4NTFkMWUzZDA1MDljZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Pz9Ls1Voyt0rvpHIdIQNbL7U9b4
0Ayc6M6Ta5GiDUNwhCyE4PcH1PXePKpLPKFpL4vonCN/UbDjnSJG9NIGzVDbV4ax
JteeiTYqxtB6ZkDWCIBx49S1NeOzk+GjlBukllNGMVHYsxO+HB4p0HBi9/Z11BwA
l4MJAXhqsVEn6i83IgGETEHv5R25OanC5paGa9UwLNqy7K8Txaa6uUV7VRMIQuW/
DTeUCYCnmgOJr/cZ8dQHebkRFySlnGNKlzN2g8MdrD/+8As2nndgwnZx1g/Y4njH
uXncRqZuECNm8AvOEVVthN0vJcGFv2tQnCrv3cF+kh/kduL9Vo1Zk5jLPQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFC3Rn9VkiM6NsG+nLIUdHj0FCc7eMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTGRHZjFXU0l6bzJ3YjZjc2hSMGVQUVVKenQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAIwgdIDBQMq
DEiAAwUDKg4kQAMFAyoO6YADBQMqDwoAAwUDKg8OAAMFAyoPFEADBQMqDxTAAwUD
Kg8XwAMFAyoPGEADBQMqDx+AAwUDKg8jAAMFAyoPLcADBQMqDy7AAwUDKg8vgAMF
AyoPNcADBQMqDzbAAwUDKg8/gAMFAyoPmwADBQMqD6IAAwUDKg/EAAMFAyoP3kAD
BQMqD97AAwUDKg/hQAMFAyoP5UADBQMqD+XAAwUDKg/mAAMFAyoP5kADBQMqEy5A
AwUDKhPRAAMFAyoT+gAwDQYJKoZIhvcNAQELBQADggEBAK8xk0rA7W+ppiHpXpcY
2BX18lU3LGW181dzGWTJJyGhRZxgaql7gi8atAOQ+M8rQnLRdb0hUky5BU5bUw34
w/tx3VC5CYXPTjg9SoIu5C7agaTAvrWpjK2efU+n2f8YDG/VI+hruCenoyOu4KMh
+yqvm4kmySoWWHvQcRst5+wFy47upxDYpyFrBFlZQwg4V9VnXPVUKz/8IJZgjMqT
flB0iXVw3HCHCb2UTs1m9TJcZYBeeCV7zwMAVqZTpZNFjNbQyvUYiRs4Jwa+AUaK
2Otzf9DrW7G48RFsDDG+HHpkhtBIwRq9+6jSyYbqnQcvzfebqxS+w+OPxAR3s00J
nas=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:32 2025 by rpki-client