Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rN7M80MZMC35VW_lTrv6zD-1INU.roa
File: rN7M80MZMC35VW_lTrv6zD-1INU.roa (raw, json)
Hash identifier: +34ks5Gd9DsyS/zAIkch0JkgAjwVK+79PirKgRlKxPg=
Subject key identifier: AC:DE:CC:F3:43:19:30:2D:F9:55:6F:E5:4E:BB:FA:CC:3F:B5:20:D5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019567AB6369F8C0DB045A8A14C1BC36FB71
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rN7M80MZMC35VW_lTrv6zD-1INU.roa
Signing time: Wed 05 Mar 2025 18:57:20 +0000
ROA not before: Wed 05 Mar 2025 18:57:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a0d:8f80::/29 maxlen: 29
2a0e:1a86::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
2a13:8100::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Mar 2025 07:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:ab:63:69:f8:c0:db:04:5a:8a:14:c1:bc:36:fb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 5 18:57:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acdeccf34319302df9556fe54ebbfacc3fb520d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:27:29:06:3a:3c:4d:bf:e7:6d:d6:8e:8b:56:
e5:fc:69:5b:60:34:aa:34:e3:c0:ce:78:83:40:45:
a5:15:cd:02:82:3d:8e:78:28:7e:00:8f:45:c3:f5:
90:fa:9a:72:65:53:3a:65:de:a8:25:de:50:4c:fa:
5d:5b:e4:24:58:82:f6:fc:49:63:68:85:b7:f4:34:
f3:90:c3:0f:cd:e2:5d:91:39:c2:5d:e9:6b:4d:96:
13:52:37:aa:db:59:27:40:d3:3e:b5:f0:02:43:e7:
59:c4:26:73:82:9f:cc:c6:0d:31:4f:29:c3:85:9f:
bd:47:e2:80:38:a7:16:be:63:76:ac:2c:f4:a5:59:
7a:32:b6:e2:ac:a0:e8:d0:4a:1a:d3:a0:ff:08:6b:
81:8e:ef:c4:b6:6b:84:53:6e:4c:e6:0f:c5:55:5e:
fd:81:28:f7:19:86:bc:f5:c3:32:5b:1a:c0:28:12:
87:47:5c:41:dd:a5:00:46:e3:2c:e2:80:d3:02:35:
72:65:b7:c7:88:50:02:c3:59:de:00:e1:0e:87:ef:
43:23:3a:6f:ae:1f:05:3c:05:7b:81:69:d6:dd:9e:
fb:54:98:6c:1f:2f:ce:2b:73:a7:d9:50:68:f4:ad:
62:16:36:7b:6b:dd:41:87:6b:ef:72:16:a7:20:2b:
11:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DE:CC:F3:43:19:30:2D:F9:55:6F:E5:4E:BB:FA:CC:3F:B5:20:D5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rN7M80MZMC35VW_lTrv6zD-1INU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a0d:8f80::/29
2a0e:1a86::/32
2a0e:f500::/29
2a0f:2100::/29
2a0f:dac0::/29
2a0f:e0c0::/29
2a10:37c0::/29
2a13:3380::/29
2a13:8100::/29
Signature Algorithm: sha256WithRSAEncryption
53:09:ec:22:01:ed:ec:c7:cf:41:ea:ab:8d:c0:a7:43:b6:42:
d1:52:39:d1:ce:02:e3:36:e1:7d:d5:53:8a:78:bc:c5:42:40:
15:84:c5:82:ce:94:24:0c:b6:28:3c:65:ef:01:b7:46:55:67:
44:a2:76:8b:ac:f8:1e:4f:bf:7f:fc:0f:12:24:fd:e1:32:a7:
d4:c9:eb:c4:94:48:2b:55:40:44:78:fe:18:6c:28:12:96:43:
a6:06:97:09:4a:77:cf:8b:1d:fb:ae:55:9e:72:2a:94:b1:fa:
fc:e6:91:43:42:51:d8:06:ac:26:b5:d7:a8:5e:f1:99:51:cf:
de:26:41:29:51:96:06:a2:a7:25:d0:8f:97:94:4b:17:82:ca:
39:6a:b8:ef:76:6f:06:72:0f:8d:56:81:ec:8e:13:c3:27:2c:
a8:00:2a:fe:60:68:99:95:50:9c:59:0e:78:f6:c2:9a:b8:e3:
f5:64:c0:8a:72:79:2c:79:4a:ac:bf:e1:28:21:2b:22:31:40:
1c:f3:d6:59:e5:26:d8:f9:9c:11:e4:43:f9:14:30:f8:9e:9c:
4d:88:f3:71:03:4b:cb:05:69:2b:6a:06:91:69:65:e9:7d:83:
72:6b:48:aa:12:54:f3:9e:43:d4:5f:41:27:ad:c9:1e:c8:38:
0f:a0:09:8e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZVnq2Np+MDbBFqKFMG8NvtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzA1MTg1NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2RlY2NmMzQzMTkzMDJkZjk1NTZmZTU0ZWJiZmFjYzNmYjUyMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxScpBjo8Tb/nbdaOi1bl/GlbYDSq
NOPAzniDQEWlFc0Cgj2OeCh+AI9Fw/WQ+ppyZVM6Zd6oJd5QTPpdW+QkWIL2/Elj
aIW39DTzkMMPzeJdkTnCXelrTZYTUjeq21knQNM+tfACQ+dZxCZzgp/Mxg0xTynD
hZ+9R+KAOKcWvmN2rCz0pVl6MrbirKDo0Eoa06D/CGuBju/EtmuEU25M5g/FVV79
gSj3GYa89cMyWxrAKBKHR1xB3aUARuMs4oDTAjVyZbfHiFACw1neAOEOh+9DIzpv
rh8FPAV7gWnW3Z77VJhsHy/OK3On2VBo9K1iFjZ7a91Bh2vvchanICsRXwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKzezPNDGTAt+VVv5U67+sw/tSDVMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvck43TTgwTVpNQzM1VldfbFRydjZ6RC0xSU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUAKgY1wQMF
AyoNj4ADBQAqDhqGAwUDKg71AAMFAyoPIQADBQMqD9rAAwUDKg/gwAMFAyoQN8AD
BQMqEzOAAwUDKhOBADANBgkqhkiG9w0BAQsFAAOCAQEAUwnsIgHt7MfPQeqrjcCn
Q7ZC0VI50c4C4zbhfdVTini8xUJAFYTFgs6UJAy2KDxl7wG3RlVnRKJ2i6z4Hk+/
f/wPEiT94TKn1MnrxJRIK1VARHj+GGwoEpZDpgaXCUp3z4sd+65VnnIqlLH6/OaR
Q0JR2AasJrXXqF7xmVHP3iZBKVGWBqKnJdCPl5RLF4LKOWq473ZvBnIPjVaB7I4T
wycsqAAq/mBomZVQnFkOePbCmrjj9WTAinJ5LHlKrL/hKCErIjFAHPPWWeUm2Pmc
EeRD+RQw+J6cTYjzcQNLywVpK2oGkWll6X2DcmtIqhJU855D1F9BJ63JHsg4D6AJ
jg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:05 2025 by rpki-client