Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tDGlSvdvsy775xat-jnxNb_T_YU.roa
File: tDGlSvdvsy775xat-jnxNb_T_YU.roa (raw, json)
Hash identifier: 2xa2n04ATsjpRqBoiC/iOCHEBsp5dwTqGDtyy10AZcE=
Subject key identifier: B4:31:A5:4A:F7:6F:B3:2E:FB:E7:16:AD:FA:39:F1:35:BF:D3:FD:85
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195A9F439AA21997900679778EB4C492C32
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tDGlSvdvsy775xat-jnxNb_T_YU.roa
Signing time: Tue 18 Mar 2025 15:51:49 +0000
ROA not before: Tue 18 Mar 2025 15:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 2a0f:2840::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 27 Mar 2025 08:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:f4:39:aa:21:99:79:00:67:97:78:eb:4c:49:2c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 18 15:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b431a54af76fb32efbe716adfa39f135bfd3fd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2f:07:6e:cd:73:e3:77:ae:d3:23:0b:d2:ed:
0f:0a:bf:96:ff:10:a1:ae:9b:e0:16:40:b4:92:e2:
59:3e:1d:db:a8:57:08:05:f2:ae:ed:09:08:0f:8b:
17:22:dd:1d:bf:41:e9:e7:55:51:59:55:e0:3f:e2:
1e:1d:73:be:23:33:ce:3a:b4:4c:91:50:23:bf:a8:
21:2e:d5:db:8f:2d:60:d3:96:74:cc:28:53:26:20:
8f:72:fe:2d:95:e7:94:59:54:3f:ae:dc:ae:a4:6d:
c0:70:28:93:6c:46:46:4f:a7:c0:c1:41:ee:ae:db:
e5:a5:76:ff:34:bf:de:a3:65:ac:4c:3d:d0:77:8f:
83:9b:c5:53:44:44:56:67:92:cf:70:3f:0e:35:d8:
58:9f:87:20:b9:92:07:34:d2:e3:61:10:70:4d:d8:
37:25:27:37:ea:84:43:ab:56:42:a4:6d:fd:35:f6:
97:91:e7:36:01:b6:bf:82:e1:85:36:09:83:e2:59:
87:05:67:b8:70:57:6a:89:5c:80:29:bb:26:1e:6c:
56:5b:06:15:12:f8:03:90:5a:8a:65:e3:59:8b:3f:
21:58:a6:fc:9b:a6:ae:18:e1:d6:4a:6d:69:9b:e8:
c6:15:3f:06:e1:ed:68:ee:7e:39:c3:13:3e:d4:59:
0e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:31:A5:4A:F7:6F:B3:2E:FB:E7:16:AD:FA:39:F1:35:BF:D3:FD:85
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tDGlSvdvsy775xat-jnxNb_T_YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2840::/29
2a0f:9e00::/29
2a12:4b00::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:eb:f9:02:35:42:a3:89:cb:53:14:05:7d:7d:3c:a3:37:6f:
92:f5:57:93:c3:0d:44:3d:c8:b8:57:72:a4:a7:80:b3:6e:9b:
4b:27:cc:03:38:93:f0:61:69:82:cc:4b:1c:81:cf:6c:0b:d5:
4b:39:18:b0:2d:98:80:2c:1c:f9:6a:18:41:2a:16:73:da:03:
01:c2:7d:6f:40:fe:c2:92:d3:3d:66:03:d1:9c:6d:c8:7a:ed:
89:10:d6:2f:a2:ae:73:ae:1d:ec:84:59:86:45:bd:bd:86:e7:
31:37:8d:8a:88:dd:29:26:eb:53:84:4f:08:dd:91:e9:46:96:
54:8a:bf:dd:9f:a6:5b:a9:1e:8f:44:7e:99:e7:5a:04:d8:19:
c3:f5:ab:21:6e:f2:a8:d1:68:d4:dc:c2:19:4c:a7:e7:49:35:
b0:01:76:3c:11:34:27:b1:61:b1:f5:29:fb:d5:ee:c8:eb:f4:
8e:75:d2:e5:f3:7c:6f:a8:3b:d7:f9:6d:76:31:9d:4e:fd:dc:
f2:14:47:e7:e1:05:dd:6e:7b:da:cd:98:7c:62:97:91:a3:50:
da:3f:53:69:74:6d:0a:31:89:b8:70:a9:44:0f:b0:3f:e7:66:
6a:ee:70:62:f3:39:c7:80:44:cd:2b:19:5f:fd:f5:1d:2b:54:
c7:55:6f:a5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZWp9DmqIZl5AGeXeOtMSSwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzE4MTU1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMxYTU0YWY3NmZiMzJlZmJlNzE2YWRmYTM5ZjEzNWJmZDNmZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC8Hbs1z43eu0yML0u0PCr+W/xCh
rpvgFkC0kuJZPh3bqFcIBfKu7QkID4sXIt0dv0Hp51VRWVXgP+IeHXO+IzPOOrRM
kVAjv6ghLtXbjy1g05Z0zChTJiCPcv4tleeUWVQ/rtyupG3AcCiTbEZGT6fAwUHu
rtvlpXb/NL/eo2WsTD3Qd4+Dm8VTRERWZ5LPcD8ONdhYn4cguZIHNNLjYRBwTdg3
JSc36oRDq1ZCpG39NfaXkec2Aba/guGFNgmD4lmHBWe4cFdqiVyAKbsmHmxWWwYV
EvgDkFqKZeNZiz8hWKb8m6auGOHWSm1pm+jGFT8G4e1o7n45wxM+1FkOlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLQxpUr3b7Mu++cWrfo58TW/0/2FMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdERHbFN2ZHZzeTc3NXhhdC1qbnhOYl9UX1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8oQAMF
AyoPngADBQMqEksAAwUDKhLVwDANBgkqhkiG9w0BAQsFAAOCAQEAFOv5AjVCo4nL
UxQFfX08ozdvkvVXk8MNRD3IuFdypKeAs26bSyfMAziT8GFpgsxLHIHPbAvVSzkY
sC2YgCwc+WoYQSoWc9oDAcJ9b0D+wpLTPWYD0ZxtyHrtiRDWL6Kuc64d7IRZhkW9
vYbnMTeNiojdKSbrU4RPCN2R6UaWVIq/3Z+mW6kej0R+medaBNgZw/WrIW7yqNFo
1NzCGUyn50k1sAF2PBE0J7FhsfUp+9XuyOv0jnXS5fN8b6g71/ltdjGdTv3c8hRH
5+EF3W572s2YfGKXkaNQ2j9TaXRtCjGJuHCpRA+wP+dmau5wYvM5x4BEzSsZX/31
HStUx1VvpQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:55 2025 by rpki-client