Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zFmKUun8M0CpI7lSvi7uC5vCaKk.roa
File: zFmKUun8M0CpI7lSvi7uC5vCaKk.roa (raw, json)
Hash identifier: mNtivFCfTodKKfSdSs+y3Ndc+Hc9Z8gRotcUExJM1qc=
Subject key identifier: CC:59:8A:52:E9:FC:33:40:A9:23:B9:52:BE:2E:EE:0B:9B:C2:68:A9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019483E27F69E0F913C3260047DD6562E304
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zFmKUun8M0CpI7lSvi7uC5vCaKk.roa
Signing time: Mon 20 Jan 2025 13:24:06 +0000
ROA not before: Mon 20 Jan 2025 13:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:18c0::/29 maxlen: 29
2a0f:1fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 Jan 2025 16:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:83:e2:7f:69:e0:f9:13:c3:26:00:47:dd:65:62:e3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 20 13:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc598a52e9fc3340a923b952be2eee0b9bc268a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:06:66:56:0c:ec:40:26:32:65:96:25:af:
c9:74:c6:be:31:1e:8d:f1:3d:d1:85:f1:4a:13:01:
d2:61:7d:4a:29:a0:d7:5d:e2:cb:e2:5a:2b:e4:29:
03:fd:7b:d8:f3:03:b9:e5:8a:85:5f:f9:55:f4:10:
b3:92:ce:22:aa:6b:02:ec:6c:89:ac:5a:89:ab:c6:
e8:ba:76:3d:bc:56:66:3a:98:b4:5c:ac:2e:5a:37:
1b:22:0b:b3:56:ff:5d:43:0e:29:d9:81:15:e9:63:
0b:9a:72:57:8e:49:58:c1:2d:80:65:77:a5:93:66:
ae:0b:7d:d4:cd:3f:93:15:61:0e:1a:ed:a6:f9:58:
8a:9a:5c:60:75:4b:aa:03:8a:1d:a4:53:35:63:5c:
c7:8f:9a:96:a3:27:81:99:e3:bc:c7:f5:e1:93:72:
79:bc:2e:23:bc:83:88:dc:e8:c0:6d:7c:68:5d:79:
b1:be:ea:b4:55:57:37:2a:0c:8b:ee:41:3d:72:32:
6c:7c:a5:4a:ba:bd:df:95:eb:df:90:4d:04:1b:7c:
0f:c9:57:60:2b:be:6a:02:f7:cf:44:30:21:55:b6:
13:36:7d:48:2a:00:8c:4f:31:31:47:fa:58:d9:20:
5a:ef:cc:09:57:bf:1a:e2:54:f8:7e:4e:55:dc:73:
0d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:59:8A:52:E9:FC:33:40:A9:23:B9:52:BE:2E:EE:0B:9B:C2:68:A9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zFmKUun8M0CpI7lSvi7uC5vCaKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:18c0::/29
2a0f:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
09:c2:22:f5:09:73:44:f5:71:63:f4:c6:48:fd:1e:0f:b1:2d:
cd:2f:03:31:81:b3:31:58:cc:79:98:31:9c:30:b7:f7:03:e7:
fd:ff:57:c2:f1:a2:e2:71:91:2b:32:fb:02:15:83:9c:62:02:
22:00:46:18:23:fe:3e:55:3a:e2:4d:8d:53:ee:4d:da:f4:9b:
05:32:0e:4c:e7:62:b1:2a:b3:44:23:9a:4e:fa:39:64:b6:b3:
29:8b:13:73:bd:5e:2a:37:3d:82:1d:b4:04:5b:c0:88:2b:2b:
3c:44:4e:45:29:0b:cc:9f:08:30:d7:bd:42:4c:b6:83:fe:bc:
82:7f:1f:10:93:c0:14:df:1a:6a:e2:a1:5a:ec:c1:02:e1:9e:
0f:49:85:a0:80:7f:69:e3:b3:2d:33:fd:a2:1b:3f:50:d2:59:
7e:57:a6:00:4b:21:5b:af:f1:b9:6c:ac:60:5a:84:7b:0c:ce:
0f:8a:6e:1a:95:43:f8:05:f8:11:cd:13:1e:70:a6:77:ee:f2:
95:8f:a4:03:94:7b:cf:b9:f3:92:6f:4a:f5:c8:4b:b2:a7:28:
44:83:74:67:67:d1:1d:89:b9:75:5f:9b:bd:38:a1:6a:dd:2c:
70:f0:b2:17:b5:ee:ec:47:42:59:f0:ed:dd:71:b0:9a:13:0e:
23:32:c3:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSD4n9p4PkTwyYAR91lYuMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTIwMTMyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU5OGE1MmU5ZmMzMzQwYTkyM2I5NTJiZTJlZWUwYjliYzI2OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf8GZlYM7EAmMmWWJa/JdMa+MR6N
8T3RhfFKEwHSYX1KKaDXXeLL4lor5CkD/XvY8wO55YqFX/lV9BCzks4iqmsC7GyJ
rFqJq8bounY9vFZmOpi0XKwuWjcbIguzVv9dQw4p2YEV6WMLmnJXjklYwS2AZXel
k2auC33UzT+TFWEOGu2m+ViKmlxgdUuqA4odpFM1Y1zHj5qWoyeBmeO8x/Xhk3J5
vC4jvIOI3OjAbXxoXXmxvuq0VVc3KgyL7kE9cjJsfKVKur3flevfkE0EG3wPyVdg
K75qAvfPRDAhVbYTNn1IKgCMTzExR/pY2SBa78wJV78a4lT4fk5V3HMN5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMxZilLp/DNAqSO5Ur4u7gubwmipMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvekZtS1V1bjhNMENwSTdsU3ZpN3VDNXZDYUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg8YwAMF
AyoPH8AwDQYJKoZIhvcNAQELBQADggEBAAnCIvUJc0T1cWP0xkj9Hg+xLc0vAzGB
szFYzHmYMZwwt/cD5/3/V8LxouJxkSsy+wIVg5xiAiIARhgj/j5VOuJNjVPuTdr0
mwUyDkznYrEqs0Qjmk76OWS2symLE3O9Xio3PYIdtARbwIgrKzxETkUpC8yfCDDX
vUJMtoP+vIJ/HxCTwBTfGmrioVrswQLhng9JhaCAf2njsy0z/aIbP1DSWX5XpgBL
IVuv8blsrGBahHsMzg+KbhqVQ/gF+BHNEx5wpnfu8pWPpAOUe8+585JvSvXIS7Kn
KESDdGdn0R2JuXVfm704oWrdLHDwshe17uxHQlnw7d1xsJoTDiMyw5M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:41 2025 by rpki-client