Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/28EVq9LoXnu9jXQgBHyLpy78Vh0.roa
File: 28EVq9LoXnu9jXQgBHyLpy78Vh0.roa (raw, json)
Hash identifier: s2TSP/vV8GiUJDFDJp8qEqZQgIYTh560CsLwBRuqePs=
Subject key identifier: DB:C1:15:AB:D2:E8:5E:7B:BD:8D:74:20:04:7C:8B:A7:2E:FC:56:1D
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195241A0FFD17654F658816ED76E0E6CE6D
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/28EVq9LoXnu9jXQgBHyLpy78Vh0.roa
Signing time: Thu 20 Feb 2025 16:04:02 +0000
ROA not before: Thu 20 Feb 2025 16:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:8306::/32 maxlen: 32
2a11:8447::/32 maxlen: 32
2a11:cd04::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Apr 2025 19:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:1a:0f:fd:17:65:4f:65:88:16:ed:76:e0:e6:ce:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Feb 20 16:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbc115abd2e85e7bbd8d7420047c8ba72efc561d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d8:17:6c:5b:c7:8e:85:b9:e3:5b:f4:1e:33:
33:16:db:b9:60:1b:d4:35:7f:5c:51:1b:bc:24:25:
79:c4:5d:ec:58:ee:57:72:1e:da:a4:13:a1:9d:cf:
57:82:03:47:a4:bd:48:7b:3c:7e:90:74:4f:79:f2:
33:b9:e0:dd:c7:e2:33:9a:f2:89:6c:ce:2d:35:0c:
6b:a0:e5:10:d6:8f:b2:02:5a:59:3a:10:fe:ad:ba:
81:63:12:ca:df:7d:85:81:74:dc:32:9a:f6:48:bb:
64:73:57:b4:4b:97:16:c3:4d:d1:ca:db:a1:ee:70:
2a:36:3b:e2:ba:68:ba:b9:8c:a4:cb:f0:04:ba:cf:
7c:16:3e:ba:91:03:16:5d:9f:2c:e8:29:92:09:8c:
57:d5:42:01:6c:82:b3:63:91:03:d6:95:1c:33:14:
03:13:dc:cf:d1:e9:96:ab:80:bc:3a:f2:5a:f0:5c:
30:bb:63:32:6e:29:77:87:6f:e9:b3:52:44:41:07:
ae:86:8d:d2:45:13:ea:37:77:a0:b4:21:b4:aa:8a:
2b:b2:01:7b:7e:1c:bf:4e:29:29:11:13:3f:0d:d8:
34:04:7d:5c:fc:12:1f:98:fe:8e:08:de:49:64:76:
31:f1:22:e2:ef:3c:9a:0d:de:a4:aa:2e:ef:4f:ab:
84:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C1:15:AB:D2:E8:5E:7B:BD:8D:74:20:04:7C:8B:A7:2E:FC:56:1D
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/28EVq9LoXnu9jXQgBHyLpy78Vh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8306::/32
2a11:8447::/32
2a11:cd04::/32
Signature Algorithm: sha256WithRSAEncryption
b8:bb:75:1b:d6:3d:8a:22:74:30:1d:7a:2c:56:32:52:dc:2e:
fc:f9:8f:f4:30:dd:b8:9b:8c:a7:eb:c7:75:3d:ba:49:f0:69:
56:2f:eb:a2:11:e0:d7:03:21:0d:dc:da:f9:8c:93:22:4a:56:
38:08:3c:e6:54:92:a2:a7:6c:f3:c9:6a:fe:61:47:f2:d9:50:
d1:20:13:0d:ac:18:69:0c:05:75:11:bb:e5:9c:e5:49:5f:5b:
72:e3:ed:f7:c3:80:29:23:ec:52:75:e5:9b:a7:9d:d1:ff:78:
5c:d5:bb:08:bf:47:ca:d3:97:a5:be:8a:22:5a:f0:af:ce:ec:
38:89:75:b4:06:e7:4c:64:f6:e0:d9:db:6d:15:1d:c7:88:d2:
46:86:32:2c:f5:2c:c4:27:f2:bf:4f:e3:44:31:a7:dc:b4:66:
97:61:b3:8d:32:d3:90:d4:ab:77:92:b2:16:c3:37:20:b4:fa:
0a:06:76:46:32:e5:d8:71:d8:9e:7d:d2:7c:49:40:61:51:fc:
f0:44:e2:63:f2:04:20:e7:30:f6:a5:45:f0:ee:38:07:b9:bf:
8b:33:b4:6d:d3:ce:32:aa:86:a1:d5:d0:39:cb:24:fe:47:25:
a1:3b:7d:c5:44:f6:40:e0:8f:43:41:f1:9b:2f:62:cb:27:b9:
c8:63:db:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUkGg/9F2VPZYgW7Xbg5s5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMjIwMTYwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMxMTVhYmQyZTg1ZTdiYmQ4ZDc0MjAwNDdjOGJhNzJlZmM1NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9gXbFvHjoW541v0HjMzFtu5YBvU
NX9cURu8JCV5xF3sWO5Xch7apBOhnc9XggNHpL1Iezx+kHRPefIzueDdx+IzmvKJ
bM4tNQxroOUQ1o+yAlpZOhD+rbqBYxLK332FgXTcMpr2SLtkc1e0S5cWw03Rytuh
7nAqNjviumi6uYyky/AEus98Fj66kQMWXZ8s6CmSCYxX1UIBbIKzY5ED1pUcMxQD
E9zP0emWq4C8OvJa8Fwwu2Mybil3h2/ps1JEQQeuho3SRRPqN3egtCG0qoorsgF7
fhy/TikpERM/Ddg0BH1c/BIfmP6OCN5JZHYx8SLi7zyaDd6kqi7vT6uE5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvBFavS6F57vY10IAR8i6cu/FYdMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvMjhFVnE5TG9YbnU5alhRZ0JIeUxweTc4VmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhGDBgMF
ACoRhEcDBQAqEc0EMA0GCSqGSIb3DQEBCwUAA4IBAQC4u3Ub1j2KInQwHXosVjJS
3C78+Y/0MN24m4yn68d1PbpJ8GlWL+uiEeDXAyEN3Nr5jJMiSlY4CDzmVJKip2zz
yWr+YUfy2VDRIBMNrBhpDAV1EbvlnOVJX1ty4+33w4ApI+xSdeWbp53R/3hc1bsI
v0fK05elvooiWvCvzuw4iXW0BudMZPbg2dttFR3HiNJGhjIs9SzEJ/K/T+NEMafc
tGaXYbONMtOQ1Kt3krIWwzcgtPoKBnZGMuXYcdiefdJ8SUBhUfzwROJj8gQg5zD2
pUXw7jgHub+LM7Rt084yqoah1dA5yyT+RyWhO33FRPZA4I9DQfGbL2LLJ7nIY9ss
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:28:26 2025 by rpki-client