Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZbA_iyxl1PmAJwH7YDfVFJcgMPk.roa
File: ZbA_iyxl1PmAJwH7YDfVFJcgMPk.roa (raw, json)
Hash identifier: nR7v6c0rc5Nkkd9cHK6QN8E8GgDc03/sBABfEX+7CHk=
Subject key identifier: 65:B0:3F:8B:2C:65:D4:F9:80:27:01:FB:60:37:D5:14:97:20:30:F9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC253A1F1D3D5340B2E14B25A9B690
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZbA_iyxl1PmAJwH7YDfVFJcgMPk.roa
Signing time: Tue 02 Jan 2024 10:33:19 +0000
ROA not before: Tue 02 Jan 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Apr 2024 08:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:25:3a:1f:1d:3d:53:40:b2:e1:4b:25:a9:b6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65b03f8b2c65d4f9802701fb6037d514972030f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:a7:ec:ab:83:25:df:6c:5f:01:c3:c7:7d:
1f:72:d2:0f:1f:f8:29:01:5e:57:ce:15:0b:89:89:
a4:c5:f1:90:13:0d:1c:e1:b7:00:86:a0:b1:d0:a0:
21:ae:57:f2:42:98:4b:3f:88:11:be:96:d5:8f:0d:
3b:8a:63:04:31:e3:cf:fe:b5:d0:17:70:9f:b4:00:
db:3d:e8:f9:93:d4:a6:83:68:56:f4:66:98:9e:bb:
2f:ff:20:fe:65:1a:60:f3:e3:95:09:55:a8:04:a3:
00:13:15:7c:f1:0b:cc:a6:12:e0:fd:cd:c9:52:8d:
9d:6b:9e:28:83:53:6e:fd:e8:7e:1b:be:47:e0:c6:
13:f8:a9:4e:91:f6:d6:91:36:b8:04:d2:0b:25:ed:
ec:c2:8e:13:84:38:5e:8a:34:ce:24:f0:12:93:77:
c2:62:84:54:f5:db:31:c2:96:74:a0:c0:45:f8:85:
f0:6e:25:b5:62:87:36:c6:d8:5b:98:0f:bd:8c:94:
77:be:1f:97:7b:27:60:50:13:94:1f:0a:16:92:2d:
e5:1c:60:be:bd:dc:81:8c:cd:d1:75:d0:23:98:8e:
bf:db:91:55:84:ab:d7:55:fb:b9:98:a2:ef:15:6c:
87:8a:54:de:88:2c:8e:45:5e:a3:6e:2a:1e:bd:29:
1b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B0:3F:8B:2C:65:D4:F9:80:27:01:FB:60:37:D5:14:97:20:30:F9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZbA_iyxl1PmAJwH7YDfVFJcgMPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:2500::/29
2a0f:dfc0::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
0d:ca:ee:5a:59:05:62:82:01:16:f4:09:89:b3:d3:f7:db:44:
ba:2a:32:52:04:11:f6:99:48:dc:12:85:6c:70:c7:ab:d2:67:
96:d6:9f:e3:8d:96:9e:dc:14:87:5b:59:c3:38:c8:c2:09:03:
27:cb:e9:9d:39:eb:51:4a:7f:1f:2b:7a:fd:80:97:27:13:67:
be:9f:6d:e4:3d:4a:61:87:b2:a4:de:3e:ac:36:bc:db:76:e8:
16:5f:62:0f:d0:e3:8c:09:f6:1d:9a:c3:da:ec:15:4e:c3:7e:
19:12:db:43:c6:98:27:07:70:36:fa:04:9c:ee:65:94:eb:8c:
99:e3:4f:51:36:ea:e5:93:93:d1:87:0d:64:06:07:ab:b9:af:
a4:22:5c:6c:17:ed:db:1b:e9:8d:4c:ce:4c:79:b6:93:9c:e8:
2b:bb:e3:32:5f:02:07:fb:9e:86:98:08:dc:bb:44:4b:f1:96:
1f:97:36:bb:50:62:7f:e5:06:97:5a:7b:8f:1c:e9:3f:f4:60:
ee:a7:d9:e1:4e:98:f0:a9:ab:0d:ce:4f:8d:b5:09:ce:15:e3:
40:2f:4c:2f:08:11:fb:ab:01:df:0b:97:71:67:c6:fb:da:4d:
06:c3:2a:3c:76:53:f4:73:18:c8:ad:7b:ab:1c:18:a3:d5:8a:
ca:4e:59:67
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJvCU6Hx09U0Cy4UslqbaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWIwM2Y4YjJjNjVkNGY5ODAyNzAxZmI2MDM3ZDUxNDk3MjAzMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF+n7KuDJd9sXwHDx30fctIPH/gp
AV5XzhULiYmkxfGQEw0c4bcAhqCx0KAhrlfyQphLP4gRvpbVjw07imMEMePP/rXQ
F3CftADbPej5k9Smg2hW9GaYnrsv/yD+ZRpg8+OVCVWoBKMAExV88QvMphLg/c3J
Uo2da54og1Nu/eh+G75H4MYT+KlOkfbWkTa4BNILJe3swo4ThDheijTOJPASk3fC
YoRU9dsxwpZ0oMBF+IXwbiW1Yoc2xthbmA+9jJR3vh+XeydgUBOUHwoWki3lHGC+
vdyBjM3RddAjmI6/25FVhKvXVfu5mKLvFWyHilTeiCyORV6jbioevSkbGwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGWwP4ssZdT5gCcB+2A31RSXIDD5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWmJBX2l5eGwxUG1BSndIN1lEZlZGSmNnTVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg0RQAMF
AyoOWAADBQMqDyUAAwUDKg/fwAMFAyoRNQAwDQYJKoZIhvcNAQELBQADggEBAA3K
7lpZBWKCARb0CYmz0/fbRLoqMlIEEfaZSNwShWxwx6vSZ5bWn+ONlp7cFIdbWcM4
yMIJAyfL6Z0561FKfx8rev2AlycTZ76fbeQ9SmGHsqTePqw2vNt26BZfYg/Q44wJ
9h2aw9rsFU7DfhkS20PGmCcHcDb6BJzuZZTrjJnjT1E26uWTk9GHDWQGB6u5r6Qi
XGwX7dsb6Y1Mzkx5tpOc6Cu74zJfAgf7noaYCNy7REvxlh+XNrtQYn/lBpdae48c
6T/0YO6n2eFOmPCpqw3OT421Cc4V40AvTC8IEfurAd8Ll3FnxvvaTQbDKjx2U/Rz
GMite6scGKPVispOWWc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:26 2025 by rpki-client