Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1pRseOyvDz6EKaj1_l5SwKhcfE.roa
File: d1pRseOyvDz6EKaj1_l5SwKhcfE.roa (raw, json)
Hash identifier: M5RNCXGR5IG4o1VoLGKp/XjSxNDalDBvWnthuimmZl0=
Subject key identifier: 77:5A:51:B1:E3:B2:BC:3C:FA:10:A6:A3:D7:F9:79:4B:02:A1:71:F1
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195AAB2A86AA2E094CE5D6B4C669B552CEF
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1pRseOyvDz6EKaj1_l5SwKhcfE.roa
Signing time: Tue 18 Mar 2025 19:19:50 +0000
ROA not before: Tue 18 Mar 2025 19:19:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:7683::/32 maxlen: 32
2a11:8304::/32 maxlen: 32
2a11:8441::/32 maxlen: 32
2a11:b782::/32 maxlen: 32
2a11:cd06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Mar 2025 19:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:b2:a8:6a:a2:e0:94:ce:5d:6b:4c:66:9b:55:2c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Mar 18 19:19:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=775a51b1e3b2bc3cfa10a6a3d7f9794b02a171f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e5:1c:49:e1:80:2e:4f:62:28:f2:a5:ba:28:
c1:35:69:12:e3:17:e3:6c:a0:20:56:f1:a0:84:55:
c1:fe:53:72:55:d7:9e:e5:f3:17:d8:e4:16:2d:57:
be:96:0e:25:4c:4b:64:3d:c9:5d:7d:a3:2e:f0:3d:
c6:e6:0b:c9:2e:cd:e7:d0:8a:40:52:d5:fa:fe:9a:
e7:17:70:59:a4:b2:09:d4:5b:b7:74:7a:b8:5a:10:
61:69:dd:31:c2:64:2e:be:6d:dc:6e:5d:aa:04:a1:
df:53:e4:d7:a9:72:aa:4c:2f:33:8b:e3:68:80:22:
9d:e9:22:aa:d9:d7:7c:9d:c9:92:1e:7f:fa:4a:01:
51:c2:d9:dc:4b:1b:03:c7:8f:22:67:2b:62:91:c1:
01:21:96:9d:fd:27:be:b2:f8:e6:0f:43:5b:77:9e:
33:3a:05:10:7a:63:cf:7c:4f:76:ec:08:af:89:2a:
2e:18:75:d4:ee:27:f4:f4:19:37:25:06:a3:92:41:
1b:47:ec:e7:6a:b1:d2:5a:ed:f7:ea:5c:9e:9d:89:
e3:b3:80:88:47:74:d5:23:91:9c:01:33:7e:27:28:
95:6e:c4:2b:e5:86:21:63:75:65:b6:9e:ba:ba:47:
c5:2e:71:2a:1a:69:ae:b0:68:d2:59:3f:af:df:da:
f4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5A:51:B1:E3:B2:BC:3C:FA:10:A6:A3:D7:F9:79:4B:02:A1:71:F1
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/d1pRseOyvDz6EKaj1_l5SwKhcfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7683::/32
2a11:8304::/32
2a11:8441::/32
2a11:b782::/32
2a11:cd06::/32
Signature Algorithm: sha256WithRSAEncryption
9a:54:ba:b3:b3:dc:1b:cb:87:e0:d2:f9:97:8a:30:1c:1d:31:
c1:75:db:f4:b3:b8:aa:7b:a9:77:67:c9:3b:fe:0e:8c:42:80:
70:c7:c0:45:6f:a7:f0:cf:b7:2b:dc:83:ff:85:14:ed:63:ff:
1a:0c:5a:8d:5b:b9:9f:29:d2:e4:37:39:7e:a2:d5:e5:81:9b:
f7:91:ad:6a:ef:b4:a2:da:b9:aa:47:d7:f1:69:1b:62:3f:b2:
ea:53:1d:30:d5:da:8a:73:db:4e:36:45:13:21:db:9f:bc:1b:
0e:bc:4e:49:5f:4b:f0:d0:d1:14:e9:05:3d:80:9e:32:a8:fe:
18:06:6e:2d:a3:a1:e2:0f:81:12:1f:5e:5b:41:ce:44:a6:57:
00:22:d6:e6:86:65:8a:40:7e:d6:51:5f:3d:3c:9b:42:4c:83:
67:07:fb:0c:c7:16:1a:b8:b1:45:87:06:22:89:79:45:22:6f:
f4:83:7e:9b:87:8a:eb:8b:12:50:d3:b5:8e:75:c7:1e:3e:f0:
1b:ff:e1:2e:aa:67:bf:60:af:94:c4:b7:db:dd:fe:31:98:85:
8b:61:40:65:9f:a8:db:49:83:99:85:bd:57:f5:21:7f:4f:05:
01:81:78:cf:fe:2f:7b:c1:62:5e:e0:17:90:92:26:a1:e2:be:
3d:8e:75:3b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZWqsqhqouCUzl1rTGabVSzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMzE4MTkxOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVhNTFiMWUzYjJiYzNjZmExMGE2YTNkN2Y5Nzk0YjAyYTE3MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOUcSeGALk9iKPKluijBNWkS4xfj
bKAgVvGghFXB/lNyVdee5fMX2OQWLVe+lg4lTEtkPcldfaMu8D3G5gvJLs3n0IpA
UtX6/prnF3BZpLIJ1Fu3dHq4WhBhad0xwmQuvm3cbl2qBKHfU+TXqXKqTC8zi+No
gCKd6SKq2dd8ncmSHn/6SgFRwtncSxsDx48iZytikcEBIZad/Se+svjmD0Nbd54z
OgUQemPPfE927AiviSouGHXU7if09Bk3JQajkkEbR+znarHSWu336lyenYnjs4CI
R3TVI5GcATN+JyiVbsQr5YYhY3Vltp66ukfFLnEqGmmusGjSWT+v39r0VQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHdaUbHjsrw8+hCmo9f5eUsCoXHxMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvZDFwUnNlT3l2RHo2RUthajFfbDVTd0toY2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhF2gwMF
ACoRgwQDBQAqEYRBAwUAKhG3ggMFACoRzQYwDQYJKoZIhvcNAQELBQADggEBAJpU
urOz3BvLh+DS+ZeKMBwdMcF12/SzuKp7qXdnyTv+DoxCgHDHwEVvp/DPtyvcg/+F
FO1j/xoMWo1buZ8p0uQ3OX6i1eWBm/eRrWrvtKLauapH1/FpG2I/supTHTDV2opz
2042RRMh25+8Gw68TklfS/DQ0RTpBT2AnjKo/hgGbi2joeIPgRIfXltBzkSmVwAi
1uaGZYpAftZRXz08m0JMg2cH+wzHFhq4sUWHBiKJeUUib/SDfpuHiuuLElDTtY51
xx4+8Bv/4S6qZ79gr5TEt9vd/jGYhYthQGWfqNtJg5mFvVf1IX9PBQGBeM/+L3vB
Yl7gF5CSJqHivj2OdTs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:53:34 2025 by rpki-client