Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/axe5jlfUBzRFTeFekxhQxroSdG0.roa
File: axe5jlfUBzRFTeFekxhQxroSdG0.roa (raw, json)
Hash identifier: CYAQeVyIqKSMGlljDKIiDPeos1Uuv+FsABUQnT9NhNY=
Subject key identifier: 6B:17:B9:8E:57:D4:07:34:45:4D:E1:5E:93:18:50:C6:BA:12:74:6D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195B7D64E51C00510E28A92633BE389B8A2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/axe5jlfUBzRFTeFekxhQxroSdG0.roa
Signing time: Fri 21 Mar 2025 08:33:49 +0000
ROA not before: Fri 21 Mar 2025 08:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0c:4880::/29 maxlen: 29
2a0e:2440::/29 maxlen: 29
2a0e:e980::/29 maxlen: 29
2a0f:a00::/29 maxlen: 29
2a0f:e00::/29 maxlen: 29
2a0f:1440::/29 maxlen: 29
2a0f:14c0::/29 maxlen: 29
2a0f:17c0::/29 maxlen: 29
2a0f:1840::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:1f80::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a0f:36c0::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:9b00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:de40::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:fa00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:43:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:d6:4e:51:c0:05:10:e2:8a:92:63:3b:e3:89:b8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 21 08:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b17b98e57d40734454de15e931850c6ba12746d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:16:71:52:56:49:5a:87:dc:6e:dd:81:5c:ae:
77:03:bc:50:7d:3f:46:4a:23:6c:65:c9:43:d6:97:
94:99:58:c1:e2:f0:a0:a9:b6:64:53:c3:4b:c4:05:
9f:79:a0:95:b4:55:58:0e:ba:9b:7b:97:18:d4:c2:
6b:61:8d:d5:46:d3:4e:72:79:4c:0c:34:af:d6:aa:
56:c8:ea:51:d4:2d:c0:3a:48:2a:82:f5:c3:01:34:
83:53:c2:7d:e5:65:9c:26:28:80:f7:e5:b7:6a:77:
04:a6:c7:47:c8:35:58:27:a4:db:1f:4f:35:06:ac:
12:32:d4:de:c2:03:da:51:08:a2:5e:73:45:14:8f:
21:a3:54:ca:8b:34:61:7d:31:f7:5a:3b:0f:df:8c:
fe:b4:b7:5c:5d:f0:59:6c:ea:d1:1a:f8:f2:1b:4c:
b7:b4:9c:37:41:6b:09:a7:0a:b3:02:24:42:41:e9:
3e:62:b5:8b:f9:59:04:48:66:c5:e3:a2:1d:3a:22:
59:a6:90:de:ba:38:f6:65:ad:70:82:5f:49:9f:81:
97:24:48:9f:f7:2e:21:d3:83:cd:c4:71:f8:82:61:
4d:09:af:e0:90:06:6d:5b:94:e3:1d:fa:3b:b5:20:
f9:b8:a4:2f:27:19:44:03:77:ad:10:3c:cd:48:ae:
ad:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:17:B9:8E:57:D4:07:34:45:4D:E1:5E:93:18:50:C6:BA:12:74:6D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/axe5jlfUBzRFTeFekxhQxroSdG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:2440::/29
2a0e:e980::/29
2a0f:a00::/29
2a0f:e00::/29
2a0f:1440::/29
2a0f:14c0::/29
2a0f:17c0::/29
2a0f:1840::/29
2a0f:1ac0::/29
2a0f:1f80::/29
2a0f:1fc0::/29
2a0f:2300::/29
2a0f:29c0::/29
2a0f:2a40::/29
2a0f:2dc0::/29
2a0f:2ec0::/29
2a0f:2f80::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:35c0::/29
2a0f:36c0::/29
2a0f:3f80::/29
2a0f:9b00::/29
2a0f:a200::/29
2a0f:c400::/29
2a0f:de40::/29
2a0f:dec0::/29
2a0f:e140::/29
2a0f:e540::/29
2a0f:e5c0::/29
2a0f:e600::/29
2a0f:e640::/29
2a13:2e40::/29
2a13:d100::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
82:0a:5a:03:b0:87:1e:85:1a:60:4d:a6:0a:bd:59:8f:fa:08:
fe:ec:de:f6:ae:ee:11:06:3e:64:ea:8f:3d:b6:f6:89:62:59:
5a:3a:25:8d:f9:ca:ed:ab:8d:13:a9:e2:ac:2f:6e:7e:7c:5a:
a4:a3:56:1a:e2:6c:92:55:e0:ad:88:b2:ee:95:16:b9:c9:02:
cf:ba:b9:48:b6:3c:e6:ec:b1:44:bb:33:8f:8f:23:0a:8d:97:
53:56:3d:43:4d:66:a8:ea:06:f1:fd:2d:97:c4:83:e9:ef:8d:
d2:4f:8c:2b:5a:9c:b3:09:cd:a4:f3:46:6e:ba:51:7e:44:99:
e9:7f:33:6e:80:08:60:02:ea:96:7d:a5:ff:ae:b5:b1:66:2b:
ef:fe:46:5b:7e:90:b3:19:2b:a2:81:e2:d5:74:85:1f:5c:63:
88:76:ff:3c:7e:fc:81:78:f3:76:0b:b3:83:41:92:e4:28:ec:
97:e0:49:83:f7:11:33:22:f2:5a:53:86:68:1e:a6:84:1a:a0:
b7:c7:e7:f0:38:57:7c:68:94:59:7f:f3:c8:31:9b:d7:d6:76:
c6:cf:f7:8e:4a:88:af:8e:6d:3b:37:9f:72:0e:3d:11:1f:84:
c2:dc:fc:7b:e5:3c:b2:c6:ab:f3:e3:d7:d5:24:1d:ed:d2:e5:
cb:12:79:83
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZW31k5RwAUQ4oqSYzvjibiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzIxMDgzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjE3Yjk4ZTU3ZDQwNzM0NDU0ZGUxNWU5MzE4NTBjNmJhMTI3NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBZxUlZJWofcbt2BXK53A7xQfT9G
SiNsZclD1peUmVjB4vCgqbZkU8NLxAWfeaCVtFVYDrqbe5cY1MJrYY3VRtNOcnlM
DDSv1qpWyOpR1C3AOkgqgvXDATSDU8J95WWcJiiA9+W3ancEpsdHyDVYJ6TbH081
BqwSMtTewgPaUQiiXnNFFI8ho1TKizRhfTH3WjsP34z+tLdcXfBZbOrRGvjyG0y3
tJw3QWsJpwqzAiRCQek+YrWL+VkESGbF46IdOiJZppDeujj2Za1wgl9Jn4GXJEif
9y4h04PNxHH4gmFNCa/gkAZtW5TjHfo7tSD5uKQvJxlEA3etEDzNSK6tbQIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFGsXuY5X1Ac0RU3hXpMYUMa6EnRtMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYXhlNWpsZlVCelJGVGVGZWt4aFF4cm9TZEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCCAQsEAgACMIIB
AwMFAyoMSIADBQMqDiRAAwUDKg7pgAMFAyoPCgADBQMqDw4AAwUDKg8UQAMFAyoP
FMADBQMqDxfAAwUDKg8YQAMFAyoPGsADBQMqDx+AAwUDKg8fwAMFAyoPIwADBQMq
DynAAwUDKg8qQAMFAyoPLcADBQMqDy7AAwUDKg8vgAMFAyoPMMADBQMqDzFAAwUD
Kg81QAMFAyoPNcADBQMqDzbAAwUDKg8/gAMFAyoPmwADBQMqD6IAAwUDKg/EAAMF
AyoP3kADBQMqD97AAwUDKg/hQAMFAyoP5UADBQMqD+XAAwUDKg/mAAMFAyoP5kAD
BQMqEy5AAwUDKhPRAAMFAyoT+gAwDQYJKoZIhvcNAQELBQADggEBAIIKWgOwhx6F
GmBNpgq9WY/6CP7s3vau7hEGPmTqjz229oliWVo6JY35yu2rjROp4qwvbn58WqSj
VhribJJV4K2Isu6VFrnJAs+6uUi2PObssUS7M4+PIwqNl1NWPUNNZqjqBvH9LZfE
g+nvjdJPjCtanLMJzaTzRm66UX5Emel/M26ACGAC6pZ9pf+utbFmK+/+Rlt+kLMZ
K6KB4tV0hR9cY4h2/zx+/IF483YLs4NBkuQo7JfgSYP3ETMi8lpThmgepoQaoLfH
5/A4V3xolFl/88gxm9fWdsbP945KiK+ObTs3n3IOPREfhMLc/HvlPLLGq/Pj19Uk
He3S5csSeYM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:10 2025 by rpki-client