Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XCYSZRMWKo2WZzf8I0eg0Tbv0p0.roa
File: XCYSZRMWKo2WZzf8I0eg0Tbv0p0.roa (raw, json)
Hash identifier: KLdR66YVaXslsy2S4a4TeSaPji5hY7qY2gtGApZf2p8=
Subject key identifier: 5C:26:12:65:13:16:2A:8D:96:67:37:FC:23:47:A0:D1:36:EF:D2:9D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194D10497E074825B253A516BB78E1B00C2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XCYSZRMWKo2WZzf8I0eg0Tbv0p0.roa
Signing time: Tue 04 Feb 2025 12:52:06 +0000
ROA not before: Tue 04 Feb 2025 12:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:e00::/29 maxlen: 29
2a0f:18c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Feb 2025 08:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:04:97:e0:74:82:5b:25:3a:51:6b:b7:8e:1b:00:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 4 12:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c26126513162a8d966737fc2347a0d136efd29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:5d:cb:6b:ed:2d:a9:a5:95:ea:c5:ea:78:
c7:13:46:58:29:59:7d:c2:14:da:b8:9c:46:ef:8b:
8f:49:bb:35:8e:6f:c8:c5:8c:89:4f:dc:6d:0a:00:
f5:06:d7:fe:0e:c6:52:e6:d6:59:98:2a:ef:01:68:
48:52:5a:8d:63:d5:29:49:25:da:74:57:09:ac:28:
9c:e9:15:ba:b9:50:c3:97:44:a2:7c:94:0e:15:8c:
67:5f:e1:5e:12:e9:36:00:ac:6a:9c:ef:83:0e:aa:
b9:02:ff:df:3b:32:8a:94:92:83:66:4f:c3:90:e9:
aa:f0:de:51:67:ee:7c:f1:21:d2:2a:fd:48:b2:d0:
51:c9:45:96:91:cb:b9:c0:ff:d4:45:89:97:32:9a:
51:80:37:7b:db:c3:9e:ac:fe:9c:fa:35:41:08:82:
7a:51:52:91:8d:eb:bc:01:a9:49:9b:10:2c:5d:8a:
c0:a2:6a:b9:34:29:ac:ce:0e:ec:16:ec:73:ca:37:
16:8a:10:30:eb:d0:a5:0e:57:5b:48:10:70:d2:0b:
79:fd:43:4f:bd:c8:8f:b3:02:73:d6:39:ee:d8:7b:
73:39:0e:66:d8:23:21:29:45:26:7b:e6:71:38:7f:
ef:fe:6f:ac:f9:68:36:94:2f:f4:a8:1a:f7:25:42:
65:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:26:12:65:13:16:2A:8D:96:67:37:FC:23:47:A0:D1:36:EF:D2:9D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XCYSZRMWKo2WZzf8I0eg0Tbv0p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e00::/29
2a0f:18c0::/29
2a0f:1fc0::/29
2a0f:29c0::/29
2a11:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
aa:73:22:08:20:26:67:6c:90:d1:c1:27:97:d9:d6:bc:5e:cc:
d1:2d:1e:93:6b:e4:68:84:50:0c:ed:a3:e4:86:7c:a5:04:fa:
c1:27:ac:4c:5e:5c:3e:d8:ea:ab:a9:15:c9:98:ff:4a:64:a2:
29:bf:01:3b:f6:04:54:4e:41:e7:a3:ff:2a:7b:3f:dc:3c:37:
a9:14:36:3a:d6:d5:7a:7b:aa:02:54:1f:ea:73:1f:fe:e7:12:
cb:f3:b8:55:69:3b:d1:2e:7a:d8:ba:f6:a1:c5:cb:43:ad:aa:
ab:2c:00:92:7e:70:3c:2c:46:e6:94:fd:36:fa:32:6c:c2:e2:
64:72:fb:74:7a:77:66:d4:c9:15:fb:9d:cc:45:46:2e:3c:34:
12:f6:d7:31:30:49:58:a0:5d:f9:d4:44:ee:e3:f1:4e:93:4b:
e6:77:2f:7e:9b:57:7f:d8:23:ad:5d:e2:fe:61:80:eb:4b:4a:
29:cf:49:42:83:29:d2:9e:51:40:44:ce:f3:f2:f2:b5:b5:5f:
93:5b:81:83:d3:51:c2:9d:61:d4:7d:2b:09:0e:02:c2:8c:bd:
be:9e:e0:50:55:61:42:0a:52:5d:bd:64:c6:1b:b3:19:88:b1:
87:ea:3f:ae:67:14:42:e8:08:c0:38:a7:4c:aa:08:e3:e0:52:
ae:e8:37:6d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZTRBJfgdIJbJTpRa7eOGwDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjA0MTI1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI2MTI2NTEzMTYyYThkOTY2NzM3ZmMyMzQ3YTBkMTM2ZWZkMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYBdy2vtLamllerF6njHE0ZYKVl9
whTauJxG74uPSbs1jm/IxYyJT9xtCgD1Btf+DsZS5tZZmCrvAWhIUlqNY9UpSSXa
dFcJrCic6RW6uVDDl0SifJQOFYxnX+FeEuk2AKxqnO+DDqq5Av/fOzKKlJKDZk/D
kOmq8N5RZ+588SHSKv1IstBRyUWWkcu5wP/URYmXMppRgDd728OerP6c+jVBCIJ6
UVKRjeu8AalJmxAsXYrAomq5NCmszg7sFuxzyjcWihAw69ClDldbSBBw0gt5/UNP
vciPswJz1jnu2HtzOQ5m2CMhKUUme+ZxOH/v/m+s+Wg2lC/0qBr3JUJllQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFwmEmUTFiqNlmc3/CNHoNE279KdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWENZU1pSTVdLbzJXWnpmOEkwZWcwVGJ2MHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg8OAAMF
AyoPGMADBQMqDx/AAwUDKg8pwAMFAyoRP4AwDQYJKoZIhvcNAQELBQADggEBAKpz
IgggJmdskNHBJ5fZ1rxezNEtHpNr5GiEUAzto+SGfKUE+sEnrExeXD7Y6qupFcmY
/0pkoim/ATv2BFROQeej/yp7P9w8N6kUNjrW1Xp7qgJUH+pzH/7nEsvzuFVpO9Eu
eti69qHFy0OtqqssAJJ+cDwsRuaU/Tb6MmzC4mRy+3R6d2bUyRX7ncxFRi48NBL2
1zEwSVigXfnURO7j8U6TS+Z3L36bV3/YI61d4v5hgOtLSinPSUKDKdKeUUBEzvPy
8rW1X5NbgYPTUcKdYdR9KwkOAsKMvb6e4FBVYUIKUl29ZMYbsxmIsYfqP65nFELo
CMA4p0yqCOPgUq7oN20=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:10 2025 by rpki-client