Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bU7W3irSgbt2rwo3dpvCnJw_GvQ.roa
File: bU7W3irSgbt2rwo3dpvCnJw_GvQ.roa (raw, json)
Hash identifier: WCBtVwOX+bN59wnwg/QyunoHUk7Kd5BIO4wP+/wVqbU=
Subject key identifier: 6D:4E:D6:DE:2A:D2:81:BB:76:AF:0A:37:76:9B:C2:9C:9C:3F:1A:F4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019581276F36420129639D9D13B50F4A85CC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bU7W3irSgbt2rwo3dpvCnJw_GvQ.roa
Signing time: Mon 10 Mar 2025 17:43:19 +0000
ROA not before: Mon 10 Mar 2025 17:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214967
IP address blocks: 2a0f:a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Mar 2025 19:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:27:6f:36:42:01:29:63:9d:9d:13:b5:0f:4a:85:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 10 17:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d4ed6de2ad281bb76af0a37769bc29c9c3f1af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:45:b3:69:a1:f3:ff:aa:74:5c:6d:55:f0:f4:
ee:ab:4b:81:12:d6:89:db:b8:77:69:a5:7c:b4:f4:
49:02:ba:dc:f5:9a:7c:a9:24:c6:62:ef:97:71:64:
b5:19:65:29:f2:14:d7:a3:ef:d9:2a:c1:82:77:1c:
a0:40:6b:6e:92:2d:d3:2f:c9:68:d3:a2:a0:08:a1:
22:9c:5a:9b:ed:77:69:77:82:fb:5c:7a:8e:86:22:
c8:6e:65:df:59:2f:85:19:76:6a:b4:bf:eb:0d:c6:
fa:f3:69:b9:55:81:7e:cc:d0:4e:25:5b:e1:8f:40:
93:e8:49:74:a8:a7:b4:84:a9:87:e3:d0:fb:bc:c2:
ee:a9:3f:f9:1e:f0:50:1f:c7:64:6d:e9:ec:9a:da:
f1:4b:8f:f1:42:56:86:36:fa:1f:70:3d:80:0f:28:
21:e0:3c:c8:57:96:06:6b:c2:ed:94:5b:09:9d:88:
1b:3d:b4:ff:54:6e:93:76:92:0e:df:97:26:4f:48:
ce:72:af:cc:48:01:64:92:bd:9f:68:43:33:54:8b:
f9:fa:69:7e:21:69:77:9a:5c:5e:13:6f:db:a6:79:
d7:98:62:ea:21:cb:02:24:5d:7e:61:26:5e:d5:31:
1d:d1:6e:3d:52:30:79:df:aa:a1:d5:73:ca:16:1e:
89:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4E:D6:DE:2A:D2:81:BB:76:AF:0A:37:76:9B:C2:9C:9C:3F:1A:F4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bU7W3irSgbt2rwo3dpvCnJw_GvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a00::/29
Signature Algorithm: sha256WithRSAEncryption
48:de:44:65:d3:25:e9:a2:24:1a:d9:3d:f0:63:31:d5:75:76:
11:21:34:9e:61:71:ce:16:4c:19:2b:52:94:82:62:66:d3:c0:
9e:c8:30:ab:25:ef:ca:89:0a:8f:2a:7f:fe:54:6f:83:74:9b:
79:c0:e3:4b:2c:1b:80:eb:3e:ee:51:14:d1:89:f4:fd:68:df:
22:84:6c:61:26:9d:ca:60:c8:b9:1f:b5:95:ed:7e:64:02:c0:
0a:b8:e3:1e:e6:47:58:2a:c1:45:83:9f:fc:fb:32:ac:be:05:
78:68:88:2c:f4:93:21:a0:18:50:e6:cf:73:96:55:58:19:e3:
56:62:ef:92:c1:3b:be:7c:b1:23:1e:74:78:d8:2d:be:b6:27:
97:49:7e:8b:c2:da:82:4e:b5:17:14:f4:1f:c8:c6:c7:9c:dc:
61:d4:f7:29:d3:a2:58:c5:b9:39:44:31:a6:ea:75:d1:4f:c0:
0d:e4:90:42:be:e5:6c:e6:55:02:1c:1e:20:71:1f:44:fc:73:
3d:bf:01:79:03:42:57:ef:14:97:1e:0b:0f:76:d0:83:3e:a8:
16:32:4b:5f:6a:00:ff:a6:f1:22:eb:84:1b:36:48:c3:47:26:
22:13:4a:28:1b:21:68:f2:82:e5:ee:1d:00:c4:25:74:44:88:
a2:57:4e:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWBJ282QgEpY52dE7UPSoXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzEwMTc0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRlZDZkZTJhZDI4MWJiNzZhZjBhMzc3NjliYzI5YzljM2YxYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0WzaaHz/6p0XG1V8PTuq0uBEtaJ
27h3aaV8tPRJArrc9Zp8qSTGYu+XcWS1GWUp8hTXo+/ZKsGCdxygQGtuki3TL8lo
06KgCKEinFqb7Xdpd4L7XHqOhiLIbmXfWS+FGXZqtL/rDcb682m5VYF+zNBOJVvh
j0CT6El0qKe0hKmH49D7vMLuqT/5HvBQH8dkbensmtrxS4/xQlaGNvofcD2ADygh
4DzIV5YGa8LtlFsJnYgbPbT/VG6TdpIO35cmT0jOcq/MSAFkkr2faEMzVIv5+ml+
IWl3mlxeE2/bpnnXmGLqIcsCJF1+YSZe1TEd0W49UjB536qh1XPKFh6JgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG1O1t4q0oG7dq8KN3abwpycPxr0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYlU3VzNpclNnYnQycndvM2RwdkNuSndfR3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8KADAN
BgkqhkiG9w0BAQsFAAOCAQEASN5EZdMl6aIkGtk98GMx1XV2ESE0nmFxzhZMGStS
lIJiZtPAnsgwqyXvyokKjyp//lRvg3SbecDjSywbgOs+7lEU0Yn0/WjfIoRsYSad
ymDIuR+1le1+ZALACrjjHuZHWCrBRYOf/PsyrL4FeGiILPSTIaAYUObPc5ZVWBnj
VmLvksE7vnyxIx50eNgtvrYnl0l+i8Lagk61FxT0H8jGx5zcYdT3KdOiWMW5OUQx
pup10U/ADeSQQr7lbOZVAhweIHEfRPxzPb8BeQNCV+8Ulx4LD3bQgz6oFjJLX2oA
/6bxIuuEGzZIw0cmIhNKKBshaPKC5e4dAMQldESIoldOxw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:21:24 2025 by rpki-client