Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jfBaqMItSPRvyjfIcUv0zPRm0ug.roa
File: jfBaqMItSPRvyjfIcUv0zPRm0ug.roa (raw, json)
Hash identifier: yQO3X3CxUcfaFuyYmQybfFHXgt8QBrGSDX5UELiBZvY=
Subject key identifier: 8D:F0:5A:A8:C2:2D:48:F4:6F:CA:37:C8:71:4B:F4:CC:F4:66:D2:E8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194DF993262AB9622DC6ADAFE407A41D97A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jfBaqMItSPRvyjfIcUv0zPRm0ug.roa
Signing time: Fri 07 Feb 2025 08:49:06 +0000
ROA not before: Fri 07 Feb 2025 08:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:e00::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 09 Feb 2025 11:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:99:32:62:ab:96:22:dc:6a:da:fe:40:7a:41:d9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 7 08:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8df05aa8c22d48f46fca37c8714bf4ccf466d2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:60:19:0c:ac:de:2d:8c:8c:e6:b5:b2:86:26:
c3:0a:52:53:10:17:e6:e9:c9:74:7d:84:f8:18:c7:
2d:9b:c2:ad:e5:0f:5d:1a:e6:ee:2a:18:4e:2e:8b:
22:a3:f4:b5:1e:3c:96:44:7e:12:22:0d:30:93:5c:
44:50:8d:05:69:9c:d4:52:98:88:e4:5c:52:65:38:
6a:4b:46:3d:05:2a:69:15:16:2c:8c:a7:c4:a2:78:
6d:bd:94:93:cf:39:07:e9:6e:77:a4:44:d2:33:09:
f4:43:5f:bf:97:fa:c3:42:8c:b6:41:85:47:63:c5:
f5:d1:e5:26:6a:13:4e:69:aa:21:f9:8c:fe:81:58:
db:50:41:f0:3a:9f:59:30:7f:53:10:e3:52:e6:d9:
4d:e9:a4:9c:e5:e1:94:4c:ff:bd:69:80:07:af:52:
48:05:67:5b:d2:02:2b:74:d8:b8:e1:26:0c:28:5e:
fd:58:c7:50:14:02:b7:84:f9:aa:27:84:e3:a9:07:
80:c1:da:30:6d:54:f1:a8:03:7c:3a:4b:07:72:ab:
ef:63:20:fa:66:c2:64:fc:7f:8d:12:b7:cf:93:c3:
f9:cc:ce:67:10:de:9a:44:2f:41:7c:c1:df:0d:7e:
f2:69:41:20:74:98:4e:08:c9:19:d3:33:13:fc:ad:
c0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F0:5A:A8:C2:2D:48:F4:6F:CA:37:C8:71:4B:F4:CC:F4:66:D2:E8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jfBaqMItSPRvyjfIcUv0zPRm0ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e00::/29
2a0f:1fc0::/29
2a0f:29c0::/29
2a11:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
84:df:78:d9:0f:9d:39:38:5e:56:fe:30:f1:b5:94:c5:c1:4b:
cb:21:2b:52:05:2f:7b:f5:e4:80:c2:4b:8e:b7:1f:68:17:0e:
b5:7f:da:05:28:24:9b:fc:54:75:85:b0:ed:66:51:68:05:6d:
6e:2c:fb:36:db:e2:c2:89:a4:48:0f:de:3d:df:cd:8e:3e:68:
7e:08:93:0a:e6:67:7d:a5:ec:63:74:7c:b6:b9:51:23:16:21:
3e:d3:ec:81:0b:71:2a:0d:8b:88:de:90:7b:02:e9:76:5d:30:
07:8f:aa:74:9d:77:2d:f5:a5:69:11:11:95:f2:75:5d:38:18:
d8:a9:20:36:7b:90:de:c9:bb:fc:2a:28:46:10:c8:68:19:19:
f3:cb:e0:22:34:f4:75:de:da:1b:28:6b:4b:6f:34:0a:45:b0:
60:bd:f7:ef:c0:82:4c:21:70:75:ed:80:66:a8:2c:ac:0e:ed:
13:c2:aa:72:bb:44:ae:c3:0a:08:3e:77:e0:f3:07:79:00:d6:
a4:6b:22:ad:f8:43:09:50:a9:3a:ca:df:3f:f4:6b:89:75:8c:
8a:48:23:19:94:88:56:0f:80:23:31:2a:7a:d9:f1:7b:07:4c:
4b:4d:4c:62:2e:68:b4:a0:79:76:d9:7a:c0:7c:21:27:97:72:
6a:1b:2c:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZTfmTJiq5Yi3Gra/kB6Qdl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjA3MDg0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGYwNWFhOGMyMmQ0OGY0NmZjYTM3Yzg3MTRiZjRjY2Y0NjZkMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGAZDKzeLYyM5rWyhibDClJTEBfm
6cl0fYT4GMctm8Kt5Q9dGubuKhhOLosio/S1HjyWRH4SIg0wk1xEUI0FaZzUUpiI
5FxSZThqS0Y9BSppFRYsjKfEonhtvZSTzzkH6W53pETSMwn0Q1+/l/rDQoy2QYVH
Y8X10eUmahNOaaoh+Yz+gVjbUEHwOp9ZMH9TEONS5tlN6aSc5eGUTP+9aYAHr1JI
BWdb0gIrdNi44SYMKF79WMdQFAK3hPmqJ4TjqQeAwdowbVTxqAN8OksHcqvvYyD6
ZsJk/H+NErfPk8P5zM5nEN6aRC9BfMHfDX7yaUEgdJhOCMkZ0zMT/K3AIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI3wWqjCLUj0b8o3yHFL9Mz0ZtLoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvamZCYXFNSXRTUFJ2eWpmSWNVdjB6UFJtMHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8OAAMF
AyoPH8ADBQMqDynAAwUDKhE/gDANBgkqhkiG9w0BAQsFAAOCAQEAhN942Q+dOThe
Vv4w8bWUxcFLyyErUgUve/XkgMJLjrcfaBcOtX/aBSgkm/xUdYWw7WZRaAVtbiz7
NtviwomkSA/ePd/Njj5ofgiTCuZnfaXsY3R8trlRIxYhPtPsgQtxKg2LiN6QewLp
dl0wB4+qdJ13LfWlaRERlfJ1XTgY2KkgNnuQ3sm7/CooRhDIaBkZ88vgIjT0dd7a
GyhrS280CkWwYL3378CCTCFwde2AZqgsrA7tE8KqcrtErsMKCD534PMHeQDWpGsi
rfhDCVCpOsrfP/RriXWMikgjGZSIVg+AIzEqetnxewdMS01MYi5otKB5dtl6wHwh
J5dyahsseA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:39:14 2025 by rpki-client