Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vpf97mVCkSd954VkmypV3TiBtQM.roa
File: vpf97mVCkSd954VkmypV3TiBtQM.roa (raw, json)
Hash identifier: 34NaJ0f4L1h/JMeeLCc0tkIbS4PCWrhe0nslropxxvo=
Subject key identifier: BE:97:FD:EE:65:42:91:27:7D:E7:85:64:9B:2A:55:DD:38:81:B5:03
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427482302E7C8E06B685C777771F87F33
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vpf97mVCkSd954VkmypV3TiBtQM.roa
Signing time: Thu 02 Jan 2025 13:50:26 +0000
ROA not before: Thu 02 Jan 2025 13:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:1840::/29 maxlen: 29
2a0f:7d07::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 08:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:23:02:e7:c8:e0:6b:68:5c:77:77:71:f8:7f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be97fdee654291277de785649b2a55dd3881b503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:08:9c:ff:33:4c:fd:ff:68:48:6c:0f:08:74:
21:0a:46:9e:8a:f8:1e:5f:b6:48:a2:f7:1f:cd:56:
5c:78:07:ae:3e:c7:e1:30:6f:4a:fb:f5:9d:ae:af:
72:13:3b:86:64:fc:66:95:db:27:a4:5f:9f:6a:3e:
bc:81:8b:ac:7f:1e:15:32:a2:8b:f7:5f:1b:25:d7:
5d:b7:92:ed:2d:6a:12:dc:ff:92:d7:5d:0d:6e:ab:
3c:43:29:6d:4c:87:4c:c3:04:eb:0c:00:6d:bd:f7:
d7:35:8e:22:37:73:33:85:24:82:53:03:d7:02:5d:
72:a4:c2:9d:ec:10:d8:26:cb:b1:89:6e:97:58:88:
14:82:a8:c4:7d:c5:c6:b2:c2:ff:47:88:96:69:bc:
da:2f:30:dd:74:03:de:5e:b0:bf:96:50:cd:a7:0f:
f4:fb:7a:2e:b9:ec:6f:89:e2:f0:68:81:54:22:96:
f6:0c:9b:60:3c:44:bc:d7:f4:0c:4b:06:86:01:84:
17:b3:e6:69:9e:f9:c4:0a:98:e7:f6:a5:4e:74:4d:
60:f2:b3:35:5e:fd:78:25:83:d6:2f:3a:6f:7f:09:
52:f9:86:0f:e7:72:c5:d3:42:ca:7b:84:60:d4:a5:
f7:4c:5d:df:53:27:5c:2b:f1:46:38:1d:36:bd:a9:
ea:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:97:FD:EE:65:42:91:27:7D:E7:85:64:9B:2A:55:DD:38:81:B5:03
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vpf97mVCkSd954VkmypV3TiBtQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1840::/29
2a0f:7d07::/32
Signature Algorithm: sha256WithRSAEncryption
cd:2e:74:37:1a:b9:38:b2:b8:a0:20:f7:db:57:49:8b:e1:a2:
91:0e:53:fe:51:3e:84:e6:89:52:6b:d9:97:a2:ca:17:c5:f5:
91:d2:a5:f1:8c:7e:90:2f:cf:33:b3:d0:61:ea:e4:4f:05:0e:
48:48:3f:6d:30:57:7a:5a:a8:86:92:76:d4:de:c9:af:85:5c:
35:0f:b3:66:91:a0:59:6e:9c:85:dc:66:d8:4c:08:a2:c7:d5:
dd:7a:0f:9b:a8:f0:f4:25:92:7c:57:bc:ce:e2:7f:9a:a4:84:
fa:fd:3e:56:66:5e:44:9c:25:9a:3a:81:fb:d5:ef:d2:53:f9:
5a:3a:d0:c8:3b:56:ab:b7:0a:bb:f2:37:60:65:af:0b:47:5a:
c3:ba:6a:d8:50:14:0f:5e:48:82:12:e3:47:9e:4c:7d:16:3a:
58:c8:a0:5b:7c:52:47:c7:63:34:6d:18:a2:39:dd:b9:39:dc:
bb:02:93:a9:fb:c9:19:4d:af:06:8a:d6:ea:1a:2b:3d:0f:a1:
b0:4e:a6:03:0c:82:1c:84:ba:de:36:07:72:66:27:f5:e9:d4:
80:96:64:ea:48:57:ac:c4:1c:44:59:4f:60:1f:36:c3:ae:29:
5d:12:7f:de:9f:e6:b1:1b:24:e5:ae:ee:f2:b5:e9:b9:aa:15:
17:5e:a7:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSCMC58jga2hcd3dx+H8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTk3ZmRlZTY1NDI5MTI3N2RlNzg1NjQ5YjJhNTVkZDM4ODFiNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAic/zNM/f9oSGwPCHQhCkaeivge
X7ZIovcfzVZceAeuPsfhMG9K+/Wdrq9yEzuGZPxmldsnpF+faj68gYusfx4VMqKL
918bJdddt5LtLWoS3P+S110Nbqs8QyltTIdMwwTrDABtvffXNY4iN3MzhSSCUwPX
Al1ypMKd7BDYJsuxiW6XWIgUgqjEfcXGssL/R4iWabzaLzDddAPeXrC/llDNpw/0
+3ouuexvieLwaIFUIpb2DJtgPES81/QMSwaGAYQXs+ZpnvnECpjn9qVOdE1g8rM1
Xv14JYPWLzpvfwlS+YYP53LF00LKe4Rg1KX3TF3fUydcK/FGOB02vanq3QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL6X/e5lQpEnfeeFZJsqVd04gbUDMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdnBmOTdtVkNrU2Q5NTRWa215cFYzVGlCdFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg8YQAMF
ACoPfQcwDQYJKoZIhvcNAQELBQADggEBAM0udDcauTiyuKAg99tXSYvhopEOU/5R
PoTmiVJr2ZeiyhfF9ZHSpfGMfpAvzzOz0GHq5E8FDkhIP20wV3paqIaSdtTeya+F
XDUPs2aRoFlunIXcZthMCKLH1d16D5uo8PQlknxXvM7if5qkhPr9PlZmXkScJZo6
gfvV79JT+Vo60Mg7Vqu3CrvyN2BlrwtHWsO6athQFA9eSIIS40eeTH0WOljIoFt8
UkfHYzRtGKI53bk53LsCk6n7yRlNrwaK1uoaKz0PobBOpgMMghyEut42B3JmJ/Xp
1ICWZOpIV6zEHERZT2AfNsOuKV0Sf96f5rEbJOWu7vK16bmqFRdep50=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:05 2025 by rpki-client