Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xqWtJaN7KOtDwsC4m6q3twoh1Uo.roa
File: xqWtJaN7KOtDwsC4m6q3twoh1Uo.roa (raw, json)
Hash identifier: zEDF0zZSOOkLH5uT7VE0qFSIsNYvJfNeJthJIfr1oIU=
Subject key identifier: C6:A5:AD:25:A3:7B:28:EB:43:C2:C0:B8:9B:AA:B7:B7:0A:21:D5:4A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195B47041B9E55E9306AC454A6BD13E31F5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xqWtJaN7KOtDwsC4m6q3twoh1Uo.roa
Signing time: Thu 20 Mar 2025 16:43:30 +0000
ROA not before: Thu 20 Mar 2025 16:43:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a0d:8f80::/29 maxlen: 29
2a0e:c783::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a12:ac45::/32 maxlen: 32
2a13:e103::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Mar 2025 16:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b4:70:41:b9:e5:5e:93:06:ac:45:4a:6b:d1:3e:31:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 20 16:43:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6a5ad25a37b28eb43c2c0b89baab7b70a21d54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:7c:98:63:a6:e2:61:ae:f5:54:3b:ad:4d:
dc:56:d0:17:b5:a6:25:5d:1d:e3:8c:d0:32:05:55:
d6:09:44:45:52:61:5b:39:b8:f1:e8:52:9f:17:b0:
c5:46:6e:c7:7e:36:6e:42:95:cf:0e:71:1c:0a:68:
e8:82:24:6a:e7:fd:e6:64:87:0a:99:a2:7b:d6:0f:
0a:1b:f4:e8:74:24:50:36:b2:80:57:57:eb:38:a6:
5a:b7:6a:dd:34:a3:5b:c6:86:fd:3b:fb:e6:5b:a9:
b2:19:87:c1:22:43:4e:23:12:f5:8c:5c:be:f4:7f:
fd:67:ec:77:ab:7c:75:93:47:17:ad:43:26:65:c2:
ce:71:c2:d4:42:9d:15:d8:69:7a:80:ce:8c:2e:1e:
d8:94:23:81:82:14:f6:02:91:6b:70:c3:76:c8:72:
98:2d:19:56:7a:9e:5f:b7:7f:98:bf:fa:7c:d1:52:
38:43:07:35:47:8b:aa:af:5d:26:d4:0d:47:39:f4:
8a:39:fc:79:30:3d:32:e9:04:5f:e7:2b:13:eb:91:
e1:1b:2c:7b:1c:d6:7d:c8:b7:95:70:9b:fe:bb:30:
fe:2f:54:90:40:04:66:93:44:62:3b:91:fc:d9:db:
9e:64:77:9a:3c:02:ee:d6:29:43:80:ed:2a:e3:98:
15:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A5:AD:25:A3:7B:28:EB:43:C2:C0:B8:9B:AA:B7:B7:0A:21:D5:4A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xqWtJaN7KOtDwsC4m6q3twoh1Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a0d:8f80::/29
2a0e:c783::/32
2a0e:f500::/29
2a10:37c0::/29
2a12:ac45::/32
2a13:e103::/32
Signature Algorithm: sha256WithRSAEncryption
7f:d7:06:1f:03:87:33:96:bc:e2:0c:05:df:24:8d:78:0c:0e:
59:2b:bf:7a:50:88:ac:ad:41:07:8c:a8:bc:1b:ba:48:cf:68:
1b:37:2d:79:40:d5:6e:ee:ea:df:5e:ff:e8:a2:b1:ec:fd:a8:
76:6d:03:02:4a:37:52:48:61:c5:68:df:70:80:92:37:11:7f:
7e:d4:08:45:47:eb:53:94:8c:f0:14:ec:0a:23:ae:2f:db:94:
d5:50:ed:86:9b:ec:8f:a7:4f:31:b5:1f:d3:be:99:29:eb:af:
7c:2e:86:88:9f:54:5d:11:2f:70:6c:17:39:bf:aa:24:fb:2d:
48:f7:5b:16:3f:38:89:ee:f4:fb:76:bd:dc:9c:8e:26:4c:07:
af:26:02:66:7b:2e:27:b5:22:4f:da:af:4a:9d:e7:4c:f4:be:
8f:ca:53:ef:17:7f:8a:3f:43:35:1a:2e:2c:99:26:5d:ef:ed:
7e:c9:97:a9:f8:0d:cd:8b:25:14:fb:ab:b6:3d:ee:6e:0a:42:
83:5c:aa:fb:eb:bc:7b:2b:6e:d6:cc:e6:7f:2c:b7:b6:63:1e:
be:5b:30:9b:b9:a6:01:3b:10:ee:e1:31:08:d6:ce:64:7b:68:
4c:37:f5:ec:fe:38:20:f8:cb:3c:47:e7:40:d4:63:33:73:56:
4b:73:03:40
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZW0cEG55V6TBqxFSmvRPjH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzIwMTY0MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE1YWQyNWEzN2IyOGViNDNjMmMwYjg5YmFhYjdiNzBhMjFkNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTB8mGOm4mGu9VQ7rU3cVtAXtaYl
XR3jjNAyBVXWCURFUmFbObjx6FKfF7DFRm7HfjZuQpXPDnEcCmjogiRq5/3mZIcK
maJ71g8KG/TodCRQNrKAV1frOKZat2rdNKNbxob9O/vmW6myGYfBIkNOIxL1jFy+
9H/9Z+x3q3x1k0cXrUMmZcLOccLUQp0V2Gl6gM6MLh7YlCOBghT2ApFrcMN2yHKY
LRlWep5ft3+Yv/p80VI4Qwc1R4uqr10m1A1HOfSKOfx5MD0y6QRf5ysT65HhGyx7
HNZ9yLeVcJv+uzD+L1SQQARmk0RiO5H82dueZHeaPALu1ilDgO0q45gVQwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMalrSWjeyjrQ8LAuJuqt7cKIdVKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveHFXdEphTjdLT3REd3NDNG02cTN0d29oMVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjASBAIAATAMAwQBQOI2AwQC
QOKcMDAEAgACMCoDBQMqDY+AAwUAKg7HgwMFAyoO9QADBQMqEDfAAwUAKhKsRQMF
ACoT4QMwDQYJKoZIhvcNAQELBQADggEBAH/XBh8DhzOWvOIMBd8kjXgMDlkrv3pQ
iKytQQeMqLwbukjPaBs3LXlA1W7u6t9e/+iisez9qHZtAwJKN1JIYcVo33CAkjcR
f37UCEVH61OUjPAU7Aojri/blNVQ7Yab7I+nTzG1H9O+mSnrr3wuhoifVF0RL3Bs
Fzm/qiT7LUj3WxY/OInu9Pt2vdycjiZMB68mAmZ7Lie1Ik/ar0qd50z0vo/KU+8X
f4o/QzUaLiyZJl3v7X7Jl6n4Dc2LJRT7q7Y97m4KQoNcqvvrvHsrbtbM5n8st7Zj
Hr5bMJu5pgE7EO7hMQjWzmR7aEw39ez+OCD4yzxH50DUYzNzVktzA0A=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:31:47 2025 by rpki-client