Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/dXJL6r0q2ZhgZMvLQyLLdGBpJ9M.roa
File: dXJL6r0q2ZhgZMvLQyLLdGBpJ9M.roa (raw, json)
Hash identifier: 5+bGmv79XYDZ0/wU0C9LX3NJYlSFfrNHkNhax38q7LY=
Subject key identifier: 75:72:4B:EA:BD:2A:D9:98:60:64:CB:CB:43:22:CB:74:60:69:27:D3
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195F6E3F7D2DFBF217ADB3254FDA568C434
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/dXJL6r0q2ZhgZMvLQyLLdGBpJ9M.roa
Signing time: Wed 02 Apr 2025 14:24:49 +0000
ROA not before: Wed 02 Apr 2025 14:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:8444::/32 maxlen: 32
2a11:9fc3::/32 maxlen: 32
2a11:fec3::/32 maxlen: 32
2a12:4c07::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Apr 2025 18:08:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:e3:f7:d2:df:bf:21:7a:db:32:54:fd:a5:68:c4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 2 14:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75724beabd2ad9986064cbcb4322cb74606927d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:f5:7a:48:8e:b8:2d:9d:ee:83:0f:da:71:
11:8e:f4:7c:f6:22:dc:01:ac:9f:e7:1a:97:45:c2:
e0:0a:2d:bb:0c:17:bc:89:14:b3:2b:01:6d:83:5c:
21:c9:64:81:ae:ed:c2:5a:5c:52:0a:83:8b:d0:cd:
12:03:11:79:f5:a4:35:f8:c1:4d:1e:a1:7d:3c:85:
4f:b8:1a:e1:78:56:4d:c8:0d:e1:73:e9:31:21:25:
c4:2b:c9:12:fb:50:00:68:d9:c2:bb:6e:37:eb:e2:
cc:2c:b2:e5:ad:97:84:8b:f9:c1:6b:80:fe:4e:25:
dc:65:cb:6a:d4:34:8a:e5:67:40:39:a0:38:97:38:
b9:6c:16:40:13:ca:5e:f4:13:16:b5:71:01:ff:b3:
11:26:21:f0:b5:c2:c7:c3:a6:f4:bc:5f:6f:6d:d4:
80:7c:6d:e5:6c:3f:94:ed:8d:85:54:bf:a8:ec:ad:
77:bb:0f:19:2c:fa:c4:e5:85:b6:58:d3:1e:c3:d5:
62:8f:08:90:7a:6a:29:1c:5e:b1:d4:02:b2:16:ad:
43:b9:4f:bb:54:e9:b0:48:7d:9a:16:bd:ba:44:c0:
f0:86:0f:dc:2d:0e:c0:29:04:16:61:bc:1d:ba:61:
78:01:cd:41:bb:d9:6f:86:32:0f:b1:b3:29:f6:5b:
7a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:72:4B:EA:BD:2A:D9:98:60:64:CB:CB:43:22:CB:74:60:69:27:D3
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/dXJL6r0q2ZhgZMvLQyLLdGBpJ9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8444::/32
2a11:9fc3::/32
2a11:fec3::/32
2a12:4c07::/32
Signature Algorithm: sha256WithRSAEncryption
1a:e2:6c:eb:e3:99:c5:1d:bb:30:b0:27:9d:de:21:74:a6:f6:
9d:17:dc:80:ca:5e:53:61:d5:0d:77:e8:25:dc:5c:35:e9:e9:
ad:6b:78:64:4c:3e:50:a9:89:48:34:9b:b8:10:0b:7c:1a:b7:
0f:1a:9a:44:1b:78:70:9b:01:02:fe:ea:43:66:e5:7a:fe:80:
ca:ee:a3:eb:0b:9c:84:ce:59:48:a6:32:33:19:4f:85:d3:f5:
92:5a:5c:c2:56:fa:54:f4:69:f1:48:70:ad:71:4c:eb:ae:03:
2d:93:b2:15:cb:6c:ff:db:d9:62:f1:45:81:44:7c:bd:27:f4:
50:39:f2:2b:ac:6a:dd:ac:e0:88:64:65:84:54:73:21:09:dd:
b8:2e:ca:ea:5e:f1:a5:f4:ae:b9:fb:09:c6:2c:ff:05:83:47:
a3:46:d4:b7:5c:f6:b4:3c:f4:3b:99:0b:98:2c:6a:49:90:a1:
d8:22:8c:fc:59:e3:eb:f6:1d:ee:81:bc:5d:79:f0:e7:db:df:
53:5f:d5:00:4c:dc:ed:14:a3:f3:ae:d9:e2:06:b3:d1:78:12:
cf:48:71:fb:1d:c2:2a:20:7d:c1:da:df:c7:81:99:50:2e:bd:
37:60:87:6a:a5:d8:61:ce:e9:e3:f3:0b:f1:a9:48:fc:72:67:
9a:8b:29:d7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZX24/fS378hetsyVP2laMQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDAyMTQyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTcyNGJlYWJkMmFkOTk4NjA2NGNiY2I0MzIyY2I3NDYwNjkyN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO71ekiOuC2d7oMP2nERjvR89iLc
Aayf5xqXRcLgCi27DBe8iRSzKwFtg1whyWSBru3CWlxSCoOL0M0SAxF59aQ1+MFN
HqF9PIVPuBrheFZNyA3hc+kxISXEK8kS+1AAaNnCu2436+LMLLLlrZeEi/nBa4D+
TiXcZctq1DSK5WdAOaA4lzi5bBZAE8pe9BMWtXEB/7MRJiHwtcLHw6b0vF9vbdSA
fG3lbD+U7Y2FVL+o7K13uw8ZLPrE5YW2WNMew9VijwiQemopHF6x1AKyFq1DuU+7
VOmwSH2aFr26RMDwhg/cLQ7AKQQWYbwdumF4Ac1Bu9lvhjIPsbMp9lt6ewIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHVyS+q9KtmYYGTLy0Miy3RgaSfTMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvZFhKTDZyMHEyWmhnWk12TFF5TExkR0JwSjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhGERAMF
ACoRn8MDBQAqEf7DAwUAKhJMBzANBgkqhkiG9w0BAQsFAAOCAQEAGuJs6+OZxR27
MLAnnd4hdKb2nRfcgMpeU2HVDXfoJdxcNenprWt4ZEw+UKmJSDSbuBALfBq3Dxqa
RBt4cJsBAv7qQ2blev6Ayu6j6wuchM5ZSKYyMxlPhdP1klpcwlb6VPRp8UhwrXFM
664DLZOyFcts/9vZYvFFgUR8vSf0UDnyK6xq3azgiGRlhFRzIQnduC7K6l7xpfSu
ufsJxiz/BYNHo0bUt1z2tDz0O5kLmCxqSZCh2CKM/Fnj6/Yd7oG8XXnw59vfU1/V
AEzc7RSj867Z4gaz0XgSz0hx+x3CKiB9wdrfx4GZUC69N2CHaqXYYc7p4/ML8alI
/HJnmosp1w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:41:39 2025 by rpki-client