Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TZz0nDKPRBOj8c5-or3RJAy8iN4.roa
File: TZz0nDKPRBOj8c5-or3RJAy8iN4.roa (raw, json)
Hash identifier: PkdUEp/6+goO+YsawSb8W9RnmAaLhKvuIU4VIb6Y6Xo=
Subject key identifier: 4D:9C:F4:9C:32:8F:44:13:A3:F1:CE:7E:A2:BD:D1:24:0C:BC:88:DE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197F3E658B2E88D217A7D3BAAFD346EF9FA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TZz0nDKPRBOj8c5-or3RJAy8iN4.roa
Signing time: Thu 10 Jul 2025 10:34:08 +0000
ROA not before: Thu 10 Jul 2025 10:34:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2a0f:bc03::/32 maxlen: 32
2a0f:bc04::/32 maxlen: 32
2a0f:bc05::/32 maxlen: 32
2a0f:bc06::/32 maxlen: 32
2a0f:bc07::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Jul 2025 09:08:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:e6:58:b2:e8:8d:21:7a:7d:3b:aa:fd:34:6e:f9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 10 10:34:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d9cf49c328f4413a3f1ce7ea2bdd1240cbc88de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:82:81:0f:30:d6:ec:07:09:3e:bf:bd:ee:02:
59:48:3a:c2:03:b6:7f:4e:9e:30:58:c2:de:fe:94:
5f:ba:66:09:65:88:a0:e6:25:1c:4c:1b:2d:5c:51:
6f:3a:3d:02:1b:ec:0a:ca:1a:7f:a8:31:66:26:db:
9f:d9:80:cd:73:82:16:67:cd:22:22:73:bc:d7:71:
23:11:69:cd:36:67:8b:e7:fb:21:f8:5e:08:6e:8c:
96:7c:42:a9:9c:bb:b4:bf:18:53:e3:ba:ab:c1:68:
93:d4:56:ed:c9:f2:c8:b2:d9:17:4c:38:0e:9a:68:
87:bb:b2:2b:cb:b5:56:79:c4:4b:16:9b:59:e2:fb:
65:aa:06:b9:34:16:44:4f:cd:54:2a:24:d3:8f:16:
7b:5e:0c:a5:b2:45:01:ed:c5:cc:d0:e0:26:12:35:
aa:1a:40:77:89:8f:8a:52:7e:6d:e0:74:42:89:9a:
c8:f1:18:71:d1:9c:fc:d9:12:da:ec:97:b6:8c:61:
1a:ea:f8:fa:28:b3:5d:27:c8:61:eb:1d:34:d1:7c:
7d:60:40:5e:c0:62:31:63:76:3e:2b:27:8f:c1:23:
d1:0a:34:1f:59:c7:11:97:d9:21:5a:b0:58:db:93:
d3:29:80:04:0b:9b:cb:3c:de:a5:9f:56:a9:4e:fe:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9C:F4:9C:32:8F:44:13:A3:F1:CE:7E:A2:BD:D1:24:0C:BC:88:DE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TZz0nDKPRBOj8c5-or3RJAy8iN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bc03::-2a0f:bc07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:1e:fd:42:9a:c7:37:a7:fa:6d:df:38:d3:c9:12:c0:59:91:
4c:d4:e7:9a:84:c7:d2:3d:7c:a3:59:63:1c:4e:a0:11:16:e3:
04:ab:87:17:ef:92:de:58:2d:65:db:8a:cc:bd:77:a4:63:1e:
2e:69:98:9e:00:40:95:8b:f4:65:25:04:bc:f8:aa:ab:0d:31:
27:65:4c:98:48:a8:b8:ce:77:ce:c8:17:b8:37:45:4c:84:ee:
de:23:a3:98:a3:fc:5a:b9:a5:8e:93:bf:fd:90:e7:77:38:2d:
49:7f:52:b9:00:21:55:b8:83:c1:45:24:c4:10:81:9d:dc:90:
b3:2b:1e:31:8d:ae:db:1e:ad:c3:12:f7:e9:89:3b:97:03:6a:
d5:a0:bf:b0:b6:42:fb:fc:bc:3c:f4:85:99:cb:cd:50:2d:73:
50:8e:d2:7f:35:1a:6f:f8:35:1b:99:ad:c9:4f:5c:9f:b8:55:
33:37:ea:10:5c:27:24:a6:38:47:9c:5a:71:6c:0d:d8:a0:dd:
fd:48:50:98:f9:68:6e:03:08:f2:82:e2:95:2c:85:c2:07:4a:
3f:69:3a:39:ee:6c:0c:e8:22:0e:ba:ae:33:68:f1:b9:1b:a8:
d6:26:ec:cb:00:14:30:6a:99:ed:f9:53:88:87:68:38:ec:4f:
51:67:53:d5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZfz5liy6I0hen07qv00bvn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzEwMTAzNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDljZjQ5YzMyOGY0NDEzYTNmMWNlN2VhMmJkZDEyNDBjYmM4OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooKBDzDW7AcJPr+97gJZSDrCA7Z/
Tp4wWMLe/pRfumYJZYig5iUcTBstXFFvOj0CG+wKyhp/qDFmJtuf2YDNc4IWZ80i
InO813EjEWnNNmeL5/sh+F4IboyWfEKpnLu0vxhT47qrwWiT1FbtyfLIstkXTDgO
mmiHu7Iry7VWecRLFptZ4vtlqga5NBZET81UKiTTjxZ7XgylskUB7cXM0OAmEjWq
GkB3iY+KUn5t4HRCiZrI8Rhx0Zz82RLa7Je2jGEa6vj6KLNdJ8hh6x000Xx9YEBe
wGIxY3Y+KyePwSPRCjQfWccRl9khWrBY25PTKYAEC5vLPN6ln1apTv5PgQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFE2c9Jwyj0QTo/HOfqK90SQMvIjeMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVFp6MG5ES1BSQk9qOGM1LW9yM1JKQXk4aU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqD7wD
AwUDKg+8ADANBgkqhkiG9w0BAQsFAAOCAQEAKh79QprHN6f6bd8408kSwFmRTNTn
moTH0j18o1ljHE6gERbjBKuHF++S3lgtZduKzL13pGMeLmmYngBAlYv0ZSUEvPiq
qw0xJ2VMmEiouM53zsgXuDdFTITu3iOjmKP8WrmljpO//ZDndzgtSX9SuQAhVbiD
wUUkxBCBndyQsyseMY2u2x6twxL36Yk7lwNq1aC/sLZC+/y8PPSFmcvNUC1zUI7S
fzUab/g1G5mtyU9cn7hVMzfqEFwnJKY4R5xacWwN2KDd/UhQmPlobgMI8oLilSyF
wgdKP2k6Oe5sDOgiDrquM2jxuRuo1ibsywAUMGqZ7flTiIdoOOxPUWdT1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:16:11 2025 by rpki-client