Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/d1REpTuG5MntayPWNDXgNYXsqk0.roa
File: d1REpTuG5MntayPWNDXgNYXsqk0.roa (raw, json)
Hash identifier: JyWdcaPJN9jlmYfa0mGRkRUGyjm7Bs2aU0p+P4rB/D0=
Subject key identifier: 77:54:44:A5:3B:86:E4:C9:ED:6B:23:D6:34:35:E0:35:85:EC:AA:4D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01955CFCB51A75D181E0A0C3E9E6832A786F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/d1REpTuG5MntayPWNDXgNYXsqk0.roa
Signing time: Mon 03 Mar 2025 17:10:19 +0000
ROA not before: Mon 03 Mar 2025 17:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214734
IP address blocks: 2a0f:1440::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a13:df00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Mar 2025 17:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:fc:b5:1a:75:d1:81:e0:a0:c3:e9:e6:83:2a:78:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 3 17:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=775444a53b86e4c9ed6b23d63435e03585ecaa4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:04:6b:a1:c5:63:17:29:f2:16:e2:12:7f:
f0:5c:4e:7c:5f:08:ee:28:15:9a:eb:37:cd:47:68:
87:5d:94:6a:da:5b:f1:c1:13:49:ca:2a:a6:f5:d7:
16:8d:33:3d:f5:0e:79:26:69:55:8d:08:4b:c2:36:
b2:1d:51:54:13:15:49:eb:11:71:d6:63:c9:23:a8:
61:ba:38:b5:c2:f4:66:de:4d:a1:f4:d4:28:39:aa:
b1:2d:31:cb:6f:39:b6:65:a1:e6:b1:30:7d:ff:e3:
6a:20:ef:e4:b9:7c:a8:4e:2d:3e:c5:00:c7:4b:01:
fb:d4:cd:e2:39:1b:25:da:ac:64:29:9f:a4:27:c1:
2c:db:b8:18:fd:15:d6:44:24:6a:bd:36:32:b5:74:
ee:c4:3c:3b:d6:d2:48:c1:ac:d0:92:2e:f8:ec:92:
07:46:f7:94:8f:e7:1b:a6:88:c9:b4:80:53:c6:c7:
4e:89:52:07:f5:1a:eb:4b:0b:a0:76:36:05:f9:47:
23:06:05:4e:53:8b:40:20:ab:f2:16:a1:20:5a:06:
24:4c:a8:f2:c4:a9:ff:dc:a7:1f:2e:78:a5:55:55:
93:d7:a3:3c:a1:c2:ba:12:dd:1e:6e:62:49:1d:9b:
51:25:25:8a:8f:27:83:fb:a4:73:32:7f:89:e2:44:
6f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:54:44:A5:3B:86:E4:C9:ED:6B:23:D6:34:35:E0:35:85:EC:AA:4D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/d1REpTuG5MntayPWNDXgNYXsqk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1440::/29
2a13:9380::/29
2a13:df00::/29
Signature Algorithm: sha256WithRSAEncryption
b8:70:01:b4:29:10:5d:c5:ae:fb:0f:3e:1e:28:5f:72:2e:df:
d6:f0:0e:68:e0:dd:6a:a7:47:37:a3:44:4b:3b:e1:f3:28:bc:
fe:d5:1c:fe:97:07:46:88:a9:3d:51:f4:b0:b9:78:5a:8d:28:
42:b6:41:64:06:58:a7:ed:97:39:43:b7:32:08:73:3c:fb:ba:
43:fa:6b:ef:b8:9c:e9:82:2c:92:3c:c9:f7:d6:5b:e4:a0:74:
f5:77:8f:77:55:29:2e:59:ef:ae:f0:9a:08:f8:49:a5:4a:95:
04:7d:08:3f:7c:b6:72:44:fe:59:05:22:ca:69:31:2d:7e:52:
4e:71:37:b2:ee:1d:13:bb:da:1c:66:69:5a:9e:5a:ae:3d:b3:
65:e2:2b:46:15:50:50:58:df:19:44:ca:8d:c0:1e:e2:9b:d9:
c3:7c:4e:b5:c5:1d:8d:95:71:74:8f:36:07:8d:c4:ad:18:a9:
4e:23:b2:d3:ec:d1:b5:da:55:d3:65:74:4b:19:6e:7c:a0:1a:
6d:ea:6a:2d:b7:e6:c5:c3:7b:60:11:cc:d7:bc:31:31:d8:75:
aa:14:8d:f3:65:7b:bc:60:1c:b6:7a:f5:52:7a:0d:10:8d:e3:
6b:f8:8c:14:7e:7c:06:b6:82:3d:4c:08:6a:6a:ba:25:f8:d5:
b1:73:ad:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVc/LUaddGB4KDD6eaDKnhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzAzMTcxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU0NDRhNTNiODZlNGM5ZWQ2YjIzZDYzNDM1ZTAzNTg1ZWNhYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrsEa6HFYxcp8hbiEn/wXE58Xwju
KBWa6zfNR2iHXZRq2lvxwRNJyiqm9dcWjTM99Q55JmlVjQhLwjayHVFUExVJ6xFx
1mPJI6hhuji1wvRm3k2h9NQoOaqxLTHLbzm2ZaHmsTB9/+NqIO/kuXyoTi0+xQDH
SwH71M3iORsl2qxkKZ+kJ8Es27gY/RXWRCRqvTYytXTuxDw71tJIwazQki747JIH
RveUj+cbpojJtIBTxsdOiVIH9RrrSwugdjYF+UcjBgVOU4tAIKvyFqEgWgYkTKjy
xKn/3KcfLnilVVWT16M8ocK6Et0ebmJJHZtRJSWKjyeD+6RzMn+J4kRvfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHdURKU7huTJ7Wsj1jQ14DWF7KpNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZDFSRXBUdUc1TW50YXlQV05EWGdOWVhzcWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8UQAMF
AyoTk4ADBQMqE98AMA0GCSqGSIb3DQEBCwUAA4IBAQC4cAG0KRBdxa77Dz4eKF9y
Lt/W8A5o4N1qp0c3o0RLO+HzKLz+1Rz+lwdGiKk9UfSwuXhajShCtkFkBlin7Zc5
Q7cyCHM8+7pD+mvvuJzpgiySPMn31lvkoHT1d493VSkuWe+u8JoI+EmlSpUEfQg/
fLZyRP5ZBSLKaTEtflJOcTey7h0Tu9ocZmlanlquPbNl4itGFVBQWN8ZRMqNwB7i
m9nDfE61xR2NlXF0jzYHjcStGKlOI7LT7NG12lXTZXRLGW58oBpt6mott+bFw3tg
EczXvDEx2HWqFI3zZXu8YBy2evVSeg0QjeNr+IwUfnwGtoI9TAhqarol+NWxc61b
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:13:02 2025 by rpki-client