Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Tcz3w7d1XAEiX2DaVUzkBkkD3lA.roa
File: Tcz3w7d1XAEiX2DaVUzkBkkD3lA.roa (raw, json)
Hash identifier: ZgiDtrRDx1D0r5kxCsuHy2WArqbqXHqvUYwkGfvF0ug=
Subject key identifier: 4D:CC:F7:C3:B7:75:5C:01:22:5F:60:DA:55:4C:E4:06:49:03:DE:50
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01970CECCD9909156FA083D3F164523E79AA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Tcz3w7d1XAEiX2DaVUzkBkkD3lA.roa
Signing time: Mon 26 May 2025 14:08:54 +0000
ROA not before: Mon 26 May 2025 14:08:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a06:a5c0::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a09:b700::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0f:e00::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2d40::/29 maxlen: 29
2a0f:3240::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a0f:e9c0::/29 maxlen: 29
2a10:30c0::/29 maxlen: 29
2a10:3140::/29 maxlen: 29
2a10:31c0::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3540::/29 maxlen: 29
2a10:4a00::/29 maxlen: 29
2a10:6400::/29 maxlen: 29
2a10:6500::/29 maxlen: 29
2a10:6b00::/29 maxlen: 29
2a10:7500::/29 maxlen: 29
2a10:7900::/29 maxlen: 29
2a10:7b00::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
2a11:4800::/29 maxlen: 32
2a11:5c80::/29 maxlen: 29
2a11:7440::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:2c80::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5e00::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:3080::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:f900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 May 2025 14:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:ec:cd:99:09:15:6f:a0:83:d3:f1:64:52:3e:79:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 26 14:08:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dccf7c3b7755c01225f60da554ce4064903de50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:89:09:78:9a:99:c8:07:7d:ab:ac:a3:5d:
40:15:4a:68:15:53:2a:18:06:fd:da:09:54:68:1f:
21:5d:bf:6b:89:6f:38:f9:ba:0f:90:b0:ae:c2:ab:
c3:06:50:6b:27:59:38:2a:ee:ef:88:f2:bc:c0:50:
2e:70:cd:f4:62:28:d9:1a:9c:ef:a4:6d:65:d2:cf:
83:aa:c6:b6:76:26:1f:6f:76:5c:d7:d9:59:50:d1:
8f:d2:28:e7:f4:a4:ba:a5:48:a3:02:3e:99:c9:36:
92:40:2d:42:ca:47:60:a7:70:69:92:9b:00:ab:9d:
15:66:71:c3:03:b4:dd:9a:ab:c1:92:3e:82:b1:f2:
17:7d:e2:58:b0:59:85:9f:81:e2:8b:b2:6f:97:6d:
07:95:76:99:b3:a4:eb:ce:86:5f:20:d4:81:de:08:
e5:3a:ec:56:f6:70:ca:80:4e:b5:88:5f:c0:f2:60:
c3:a5:bf:a6:cd:61:fa:f2:a5:17:2d:a9:89:37:0e:
ae:ed:28:08:e7:f4:a0:2f:54:a1:3e:8d:8e:1f:03:
74:b5:80:4b:09:b0:1b:4b:5f:08:c7:10:38:68:06:
d9:10:b1:5a:6d:94:c4:46:f1:a5:7f:eb:ca:c6:52:
d9:97:98:c3:c3:56:7b:b8:4c:65:ed:e5:f1:63:bc:
e8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CC:F7:C3:B7:75:5C:01:22:5F:60:DA:55:4C:E4:06:49:03:DE:50
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Tcz3w7d1XAEiX2DaVUzkBkkD3lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a5c0::/29
2a06:dfc0::/29
2a09:b700::/29
2a0d:8f80::/29
2a0f:e00::/29
2a0f:19c0::/29
2a0f:2300::/29
2a0f:2840::/29
2a0f:2d40::/29
2a0f:3240::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:9e00::/29
2a0f:a200::/29
2a0f:e540::/29
2a0f:e600::/29
2a0f:e9c0::/29
2a10:30c0::/29
2a10:3140::/29
2a10:31c0::/29
2a10:3340::/29
2a10:3540::/29
2a10:4a00::/29
2a10:6400::/29
2a10:6500::/29
2a10:6b00::/29
2a10:7500::/29
2a10:7900::/29
2a10:7b00::/29
2a10:7f00::/29
2a11:4800::/29
2a11:5c80::/29
2a11:7440::/29
2a11:e580::/29
2a12:2c80::/29
2a12:4b00::/29
2a12:5e00::/29
2a12:d540::/29
2a12:d5c0::/29
2a13:200::/29
2a13:3080::/29
2a13:9680::/29
2a13:f900::/29
Signature Algorithm: sha256WithRSAEncryption
30:e2:62:83:62:a0:29:fa:a1:31:b2:3c:56:ab:ff:20:93:b0:
cf:33:c9:aa:bd:f7:93:d9:55:9f:d0:73:66:b1:15:a5:a4:07:
95:d1:7f:90:bd:bc:a9:ae:dc:ed:a8:d4:3f:44:4e:40:59:1d:
d5:45:22:b5:bf:b4:d6:56:42:4b:83:2b:7f:b4:11:70:88:4b:
b4:fb:e0:a5:14:44:b9:11:1f:79:f9:03:36:17:15:80:d1:39:
30:36:37:b2:b5:e0:c1:12:d0:7e:e0:3c:5c:d1:68:05:da:05:
57:0b:9d:08:0e:45:e8:25:8b:19:2c:34:58:15:30:66:90:61:
8d:8a:31:a9:ca:0f:21:9c:0a:60:6c:0d:29:f3:5f:2e:99:77:
ca:7d:07:9e:ba:d8:84:0d:ae:aa:ea:a1:da:3c:d4:9f:54:9f:
ff:a9:45:1d:b6:d0:63:e3:5b:ff:70:95:5a:a1:8d:95:f5:67:
95:35:2a:07:65:c0:00:7b:31:85:ca:5c:a5:e3:6e:fe:25:81:
52:d0:90:e1:0b:0c:2b:85:34:71:8b:e9:98:94:df:d5:7c:e6:
d2:85:19:17:eb:3b:3b:6f:87:6a:59:44:37:84:56:07:fd:01:
c0:9e:bf:ec:b2:e3:3f:3e:cf:41:a0:e8:08:e9:6c:7e:d7:8e:
7f:d9:6f:c5
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAZcM7M2ZCRVvoIPT8WRSPnmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI2MTQwODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNjZjdjM2I3NzU1YzAxMjI1ZjYwZGE1NTRjZTQwNjQ5MDNkZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFyJCXiamcgHfauso11AFUpoFVMq
GAb92glUaB8hXb9riW84+boPkLCuwqvDBlBrJ1k4Ku7viPK8wFAucM30YijZGpzv
pG1l0s+Dqsa2diYfb3Zc19lZUNGP0ijn9KS6pUijAj6ZyTaSQC1Cykdgp3BpkpsA
q50VZnHDA7TdmqvBkj6CsfIXfeJYsFmFn4Hii7Jvl20HlXaZs6TrzoZfINSB3gjl
OuxW9nDKgE61iF/A8mDDpb+mzWH68qUXLamJNw6u7SgI5/SgL1ShPo2OHwN0tYBL
CbAbS18IxxA4aAbZELFabZTERvGlf+vKxlLZl5jDw1Z7uExl7eXxY7zoKwIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFE3M98O3dVwBIl9g2lVM5AZJA95QMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVGN6M3c3ZDFYQUVpWDJEYVZVemtCa2tEM2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCCATUEAgACMIIB
LQMFAyoGpcADBQMqBt/AAwUDKgm3AAMFAyoNj4ADBQMqDw4AAwUDKg8ZwAMFAyoP
IwADBQMqDyhAAwUDKg8tQAMFAyoPMkADBQMqDzXAAwUDKg82wAMFAyoPngADBQMq
D6IAAwUDKg/lQAMFAyoP5gADBQMqD+nAAwUDKhAwwAMFAyoQMUADBQMqEDHAAwUD
KhAzQAMFAyoQNUADBQMqEEoAAwUDKhBkAAMFAyoQZQADBQMqEGsAAwUDKhB1AAMF
AyoQeQADBQMqEHsAAwUDKhB/AAMFAyoRSAADBQMqEVyAAwUDKhF0QAMFAyoR5YAD
BQMqEiyAAwUDKhJLAAMFAyoSXgADBQMqEtVAAwUDKhLVwAMFAyoTAgADBQMqEzCA
AwUDKhOWgAMFAyoT+QAwDQYJKoZIhvcNAQELBQADggEBADDiYoNioCn6oTGyPFar
/yCTsM8zyaq995PZVZ/Qc2axFaWkB5XRf5C9vKmu3O2o1D9ETkBZHdVFIrW/tNZW
QkuDK3+0EXCIS7T74KUURLkRH3n5AzYXFYDROTA2N7K14MES0H7gPFzRaAXaBVcL
nQgOReglixksNFgVMGaQYY2KManKDyGcCmBsDSnzXy6Zd8p9B5662IQNrqrqodo8
1J9Un/+pRR220GPjW/9wlVqhjZX1Z5U1KgdlwAB7MYXKXKXjbv4lgVLQkOELDCuF
NHGL6ZiU39V85tKFGRfrOztvh2pZRDeEVgf9AcCev+yy4z8+z0Gg6AjpbH7Xjn/Z
b8U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:45:02 2025 by rpki-client