Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HWF1CgCpAlLMUnrLPdN3YZJxgMg.roa
File: HWF1CgCpAlLMUnrLPdN3YZJxgMg.roa (raw, json)
Hash identifier: pUvhCVujFRQkHfZml9nCFwud5l0ULy0rOqbYjWibVSQ=
Subject key identifier: 1D:61:75:0A:00:A9:02:52:CC:52:7A:CB:3D:D3:77:61:92:71:80:C8
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0194DFB01529CD8F6321A2484D909C23A549
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HWF1CgCpAlLMUnrLPdN3YZJxgMg.roa
Signing time: Fri 07 Feb 2025 09:14:06 +0000
ROA not before: Fri 07 Feb 2025 09:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:7686::/32 maxlen: 32
2a11:8307::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Mar 2025 08:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:b0:15:29:cd:8f:63:21:a2:48:4d:90:9c:23:a5:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Feb 7 09:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d61750a00a90252cc527acb3dd37761927180c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:85:eb:3f:57:a5:38:ef:1c:f8:4a:41:7d:
b9:2f:30:7d:d3:74:d3:09:be:da:0f:92:2a:70:dd:
6f:12:f2:47:44:36:8b:ae:da:45:8b:39:86:0c:52:
a4:01:d1:7f:7f:41:7c:ad:3a:20:c4:96:cb:53:57:
f4:46:95:bb:05:d4:62:b7:53:1e:66:9e:c5:86:ce:
e9:c9:35:60:1b:9e:a4:55:8e:1d:d0:f2:eb:85:f1:
6a:f4:57:e6:1f:c1:84:22:8c:d7:f5:a4:c4:e2:63:
93:23:ce:5e:54:e2:4a:e2:4d:de:67:f0:25:19:39:
93:f6:a9:ab:a9:9c:cd:e7:ee:ba:92:cc:b6:e7:c9:
32:5b:bf:03:13:c4:77:99:c6:71:8f:da:11:53:ee:
c7:b2:41:ac:7b:09:5b:db:93:4b:24:b4:3d:65:f0:
5e:9d:a3:7d:c9:f0:c9:10:22:3e:e0:8f:80:92:18:
e8:38:b2:a4:7a:81:32:b6:f6:d4:96:0d:c4:15:8e:
7a:97:ca:93:bc:31:a7:f9:06:af:9e:f5:f5:1e:af:
56:04:7a:37:64:af:48:c2:2d:55:21:bb:e7:d3:4b:
30:ad:c3:c1:f3:22:35:d0:de:78:ab:25:ed:db:e6:
31:25:fe:5e:1d:1b:83:49:69:9d:91:e6:42:f0:81:
d4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:61:75:0A:00:A9:02:52:CC:52:7A:CB:3D:D3:77:61:92:71:80:C8
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/HWF1CgCpAlLMUnrLPdN3YZJxgMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7686::/32
2a11:8307::/32
Signature Algorithm: sha256WithRSAEncryption
3e:a1:01:a1:e9:a4:1c:b5:10:f0:35:89:75:6f:fe:2d:14:81:
a9:1b:f0:b1:97:dd:17:fb:0b:f9:c5:b8:f0:b3:20:a2:c1:9a:
84:f8:bf:1a:0e:bf:2c:ff:23:c1:2c:69:30:c1:fb:4a:96:c7:
16:9f:14:65:e3:a7:54:43:a1:c0:9c:55:19:c4:8f:3d:69:46:
c8:b6:d1:ff:35:91:70:b3:fd:2c:3c:b6:8b:65:07:ee:28:c0:
e6:92:dd:e5:20:9b:d0:d6:66:9a:65:46:7e:c8:87:16:c6:4a:
a3:34:71:f3:9b:41:dd:c1:ba:36:f0:da:41:ea:cd:50:cf:65:
be:a6:8a:db:83:56:cd:cf:1e:10:40:41:54:2b:d3:78:b2:48:
5a:5f:e5:62:07:dd:63:fb:30:e2:06:5d:c5:08:8d:e5:7f:c1:
4c:4b:44:2b:73:ad:59:3e:11:6e:ed:fc:82:ef:2c:89:33:8f:
be:1d:af:68:e4:7a:4e:51:53:06:93:5e:94:9f:2a:38:67:1c:
8f:25:35:eb:57:7c:e4:5e:f3:dd:71:f9:6e:fa:50:39:6c:a0:
d6:db:54:1a:3f:83:2b:cd:0a:35:9b:95:a5:fa:0d:59:9c:00:
f5:ec:9b:97:16:38:1c:de:a5:3f:1f:1f:fb:0e:4c:20:23:7f:
7d:9e:cc:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTfsBUpzY9jIaJITZCcI6VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMjA3MDkxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDYxNzUwYTAwYTkwMjUyY2M1MjdhY2IzZGQzNzc2MTkyNzE4MGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP6F6z9XpTjvHPhKQX25LzB903TT
Cb7aD5IqcN1vEvJHRDaLrtpFizmGDFKkAdF/f0F8rTogxJbLU1f0RpW7BdRit1Me
Zp7Fhs7pyTVgG56kVY4d0PLrhfFq9FfmH8GEIozX9aTE4mOTI85eVOJK4k3eZ/Al
GTmT9qmrqZzN5+66ksy258kyW78DE8R3mcZxj9oRU+7HskGsewlb25NLJLQ9ZfBe
naN9yfDJECI+4I+AkhjoOLKkeoEytvbUlg3EFY56l8qTvDGn+QavnvX1Hq9WBHo3
ZK9Iwi1VIbvn00swrcPB8yI10N54qyXt2+YxJf5eHRuDSWmdkeZC8IHU1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB1hdQoAqQJSzFJ6yz3Td2GScYDIMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvSFdGMUNnQ3BBbExNVW5yTFBkTjNZWkp4Z01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhF2hgMF
ACoRgwcwDQYJKoZIhvcNAQELBQADggEBAD6hAaHppBy1EPA1iXVv/i0Ugakb8LGX
3Rf7C/nFuPCzIKLBmoT4vxoOvyz/I8EsaTDB+0qWxxafFGXjp1RDocCcVRnEjz1p
Rsi20f81kXCz/Sw8totlB+4owOaS3eUgm9DWZpplRn7IhxbGSqM0cfObQd3Bujbw
2kHqzVDPZb6mituDVs3PHhBAQVQr03iySFpf5WIH3WP7MOIGXcUIjeV/wUxLRCtz
rVk+EW7t/ILvLIkzj74dr2jkek5RUwaTXpSfKjhnHI8lNetXfORe891x+W76UDls
oNbbVBo/gyvNCjWblaX6DVmcAPXsm5cWOBzepT8fH/sOTCAjf32ezPk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:51:06 2025 by rpki-client