Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjMwzGDYbz68GOqBB_mUuW_7Sa4.roa
File: xjMwzGDYbz68GOqBB_mUuW_7Sa4.roa (raw, json)
Hash identifier: HEfLc4bGlj5RpmI04TSmw995aQjiZ7xqVv+83Vip76w=
Subject key identifier: C6:33:30:CC:60:D8:6F:3E:BC:18:EA:81:07:F9:94:B9:6F:FB:49:AE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194274828D3A169266486416D3170FE69A6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjMwzGDYbz68GOqBB_mUuW_7Sa4.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152631
IP address blocks: 2a0f:3f80::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:b400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 13:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:28:d3:a1:69:26:64:86:41:6d:31:70:fe:69:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c63330cc60d86f3ebc18ea8107f994b96ffb49ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a4:cf:89:90:40:f8:aa:dd:f3:76:3a:a4:ce:
fd:22:88:ab:a2:9d:ee:40:73:f3:8b:37:cf:c3:06:
d0:7a:af:c1:8e:35:0e:3d:a1:bd:f2:fd:5b:0e:a9:
9f:e1:ed:19:a6:ca:0c:49:84:16:0e:ab:01:26:4d:
c9:ca:0d:62:b2:7b:75:05:b0:4e:0e:54:a9:52:16:
19:c5:0e:ab:94:9b:ae:5e:1d:c8:a2:91:9a:0c:62:
fe:bb:29:07:77:cc:39:2f:e1:b6:87:1a:66:7e:07:
fc:08:cb:b7:11:91:95:0a:d0:ca:a6:38:90:8c:36:
27:bb:1c:f6:5c:ce:08:58:18:f7:ec:28:ca:dc:dc:
e5:9b:d6:e4:91:61:69:70:e3:34:e8:26:68:1b:15:
fd:f6:c3:04:55:9e:88:c9:db:1a:43:07:d7:c6:ca:
c0:db:0f:d3:f5:a2:02:96:ba:00:e8:4e:af:f9:72:
59:78:be:48:28:87:c9:87:09:46:dc:62:6d:fc:c5:
18:1f:cc:f2:09:a1:c0:7c:14:e4:88:1d:97:e1:ff:
5d:4a:b0:65:07:de:31:8a:ad:79:81:90:60:a6:51:
fd:16:75:3d:45:71:c7:b2:4d:b5:f2:16:22:d2:76:
a2:12:6b:ff:1e:c1:c0:8d:cd:13:73:ae:5d:b5:8a:
16:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:33:30:CC:60:D8:6F:3E:BC:18:EA:81:07:F9:94:B9:6F:FB:49:AE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xjMwzGDYbz68GOqBB_mUuW_7Sa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3f80::/29
2a0f:9e00::/29
2a0f:b400::/29
Signature Algorithm: sha256WithRSAEncryption
ac:d7:0e:cc:ad:e4:73:ea:ad:f4:f0:59:07:98:a4:eb:3d:45:
2d:f2:d5:3e:a5:d1:e7:18:65:b5:68:74:94:16:03:97:22:ee:
77:0c:01:ff:34:2c:de:db:64:ce:74:d1:5e:64:c6:cf:f3:4a:
e1:63:d6:d1:ea:87:31:85:e6:28:23:c8:6f:08:a1:f3:d4:33:
57:5d:58:fa:fc:94:d6:b0:3f:f5:e4:72:b6:ac:e2:b5:f5:ef:
3a:52:2c:fd:0d:fb:82:88:1c:82:a3:d4:6c:a9:2e:30:1b:3d:
29:22:44:7f:c6:ab:56:95:0c:78:76:e0:29:7b:6a:98:3b:28:
e1:56:76:a8:db:73:7f:5d:f1:0b:4a:73:e0:f2:b6:45:e0:88:
41:3f:68:0d:90:55:49:3e:60:02:4a:8b:cc:69:ca:08:fd:f1:
84:9f:57:91:bd:22:9b:6b:c3:bb:8a:07:17:15:26:43:93:68:
9f:57:b4:02:44:9a:87:ec:44:d3:71:28:0f:71:cb:de:71:aa:
7c:a8:c4:21:74:0b:e3:c0:d3:07:d1:ab:d2:c3:c9:2e:ed:b3:
81:c0:2b:04:a7:d1:6d:c2:6b:59:02:cd:86:f3:42:bc:76:6d:
88:0f:2f:83:ee:99:50:f8:29:42:d1:e3:a9:9c:5c:65:32:fc:
bd:9d:57:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSCjToWkmZIZBbTFw/mmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjMzMzBjYzYwZDg2ZjNlYmMxOGVhODEwN2Y5OTRiOTZmZmI0OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aTPiZBA+Krd83Y6pM79Ioirop3u
QHPzizfPwwbQeq/BjjUOPaG98v1bDqmf4e0ZpsoMSYQWDqsBJk3Jyg1isnt1BbBO
DlSpUhYZxQ6rlJuuXh3IopGaDGL+uykHd8w5L+G2hxpmfgf8CMu3EZGVCtDKpjiQ
jDYnuxz2XM4IWBj37CjK3Nzlm9bkkWFpcOM06CZoGxX99sMEVZ6IydsaQwfXxsrA
2w/T9aIClroA6E6v+XJZeL5IKIfJhwlG3GJt/MUYH8zyCaHAfBTkiB2X4f9dSrBl
B94xiq15gZBgplH9FnU9RXHHsk218hYi0naiEmv/HsHAjc0Tc65dtYoWFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMYzMMxg2G8+vBjqgQf5lLlv+0muMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveGpNd3pHRFliejY4R09xQkJfbVV1V183U2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8/gAMF
AyoPngADBQMqD7QAMA0GCSqGSIb3DQEBCwUAA4IBAQCs1w7MreRz6q308FkHmKTr
PUUt8tU+pdHnGGW1aHSUFgOXIu53DAH/NCze22TOdNFeZMbP80rhY9bR6ocxheYo
I8hvCKHz1DNXXVj6/JTWsD/15HK2rOK19e86Uiz9DfuCiByCo9RsqS4wGz0pIkR/
xqtWlQx4duApe2qYOyjhVnao23N/XfELSnPg8rZF4IhBP2gNkFVJPmACSovMacoI
/fGEn1eRvSKba8O7igcXFSZDk2ifV7QCRJqH7ETTcSgPccvecap8qMQhdAvjwNMH
0avSw8ku7bOBwCsEp9FtwmtZAs2G80K8dm2IDy+D7plQ+ClC0eOpnFxlMvy9nVcW
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:41 2025 by rpki-client