Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1XdgTT7O1cFBl17mNlJJSrOd3fk.roa
File: 1XdgTT7O1cFBl17mNlJJSrOd3fk.roa (raw, json)
Hash identifier: wimOvTU0Udfym02N3oPJ/PQrKaSWZuQr8ga8Wsigo2A=
Subject key identifier: D5:77:60:4D:3E:CE:D5:C1:41:97:5E:E6:36:52:49:4A:B3:9D:DD:F9
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01961FD67A7D07E83B5C7648DC0553D54751
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1XdgTT7O1cFBl17mNlJJSrOd3fk.roa
Signing time: Thu 10 Apr 2025 13:14:31 +0000
ROA not before: Thu 10 Apr 2025 13:14:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Sun 13 Apr 2025 22:56:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:d6:7a:7d:07:e8:3b:5c:76:48:dc:05:53:d5:47:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Apr 10 13:14:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d577604d3eced5c141975ee63652494ab39dddf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:7e:81:af:b5:19:77:61:37:be:f2:2a:2b:
c1:8c:87:c5:4f:0e:6c:9a:55:ad:05:44:2a:1d:66:
4f:6f:20:be:0f:6c:69:5b:8f:7b:32:cc:39:f7:9f:
76:4e:f5:67:c3:9c:2c:64:c6:e4:02:b5:83:c2:41:
4f:62:9e:fb:c3:f7:79:a5:b3:2a:0d:2d:ed:13:c0:
37:d9:d4:62:e5:bb:98:8b:57:41:18:3b:85:9f:80:
94:15:83:1a:78:c2:b2:cb:1d:3f:76:ba:b7:9a:b9:
4e:43:17:3a:5f:32:74:c1:dc:2d:16:5c:d5:ce:37:
f4:a1:cc:07:6a:9a:c0:50:e2:1f:97:a8:7d:86:00:
bf:ad:af:56:eb:1a:09:94:bc:85:c7:91:3c:54:57:
78:ef:80:70:76:a3:cf:9d:1c:96:24:1d:b2:e8:f7:
b0:33:6d:15:6b:ea:20:7b:fb:d6:17:34:f7:80:f7:
eb:6b:68:4b:e1:2d:99:c6:7f:5d:b9:22:02:0b:56:
90:e0:30:5f:21:12:6e:93:4d:b3:e0:2b:75:ee:f1:
c6:22:9d:e5:fd:4b:f7:ca:25:0f:24:07:41:c2:17:
16:c5:07:05:6a:71:ca:43:c5:81:8c:2d:3a:d2:66:
72:7f:d1:d3:08:4e:ba:a0:3c:4c:42:bb:88:bf:26:
1c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:77:60:4D:3E:CE:D5:C1:41:97:5E:E6:36:52:49:4A:B3:9D:DD:F9
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1XdgTT7O1cFBl17mNlJJSrOd3fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:1f00::/40
Signature Algorithm: sha256WithRSAEncryption
66:23:63:2d:93:6e:0d:d9:ea:16:9b:1c:a8:48:2c:42:87:ec:
f4:95:12:03:66:cd:3f:e3:7c:83:79:81:bc:02:a4:93:c7:d7:
20:64:50:c8:0e:56:64:8e:83:cd:ac:8b:8c:82:b5:32:8b:dc:
64:69:12:80:07:4b:a7:ed:56:aa:8a:ae:57:e7:2a:21:35:e3:
f8:a4:5e:fa:62:47:1b:3f:cd:f1:b6:a9:1d:14:74:6b:7e:69:
a6:62:c7:89:c3:50:b9:81:9e:2b:77:ae:4e:02:6c:fb:dc:a2:
d0:6b:b9:e8:bb:75:2a:fa:db:7b:ba:11:f3:99:7a:78:c2:5e:
5b:14:71:45:44:10:1e:20:17:3c:51:ff:a8:fa:38:5d:93:b8:
13:cf:04:d8:85:8e:20:ba:8b:3b:be:d9:d4:6b:1e:98:ef:7f:
b8:1d:6f:b3:b0:b4:03:7a:49:4d:2b:29:b2:37:c4:bc:e4:a5:
b9:07:dc:19:7c:6c:19:83:ee:84:68:e9:0f:38:61:57:29:33:
06:42:fc:20:93:69:18:16:0d:6f:4e:49:51:e1:eb:77:20:89:
9b:a9:9d:99:f6:3d:06:95:1f:48:3c:96:36:58:ac:06:e4:b6:
ca:2a:e6:9c:9c:78:80:b2:32:09:2f:ba:15:7c:50:3a:ce:c1:
f4:18:ac:bf
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZYf1np9B+g7XHZI3AVT1UdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNDEwMTMxNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTc3NjA0ZDNlY2VkNWMxNDE5NzVlZTYzNjUyNDk0YWIzOWRkZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e1+ga+1GXdhN77yKivBjIfFTw5s
mlWtBUQqHWZPbyC+D2xpW497Msw59592TvVnw5wsZMbkArWDwkFPYp77w/d5pbMq
DS3tE8A32dRi5buYi1dBGDuFn4CUFYMaeMKyyx0/drq3mrlOQxc6XzJ0wdwtFlzV
zjf0ocwHaprAUOIfl6h9hgC/ra9W6xoJlLyFx5E8VFd474BwdqPPnRyWJB2y6Pew
M20Va+oge/vWFzT3gPfra2hL4S2Zxn9duSICC1aQ4DBfIRJuk02z4Ct17vHGIp3l
/Uv3yiUPJAdBwhcWxQcFanHKQ8WBjC060mZyf9HTCE66oDxMQruIvyYcGQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNV3YE0+ztXBQZde5jZSSUqznd35MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvMVhkZ1RUN08xY0ZCbDE3bU5sSkpTck9kM2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBgAqDdlAHzANBgkqhkiG9w0BAQsFAAOCAQEA
ZiNjLZNuDdnqFpscqEgsQofs9JUSA2bNP+N8g3mBvAKkk8fXIGRQyA5WZI6DzayL
jIK1MovcZGkSgAdLp+1WqoquV+cqITXj+KRe+mJHGz/N8bapHRR0a35ppmLHicNQ
uYGeK3euTgJs+9yi0Gu56Lt1Kvrbe7oR85l6eMJeWxRxRUQQHiAXPFH/qPo4XZO4
E88E2IWOILqLO77Z1GsemO9/uB1vs7C0A3pJTSspsjfEvOSluQfcGXxsGYPuhGjp
DzhhVykzBkL8IJNpGBYNb05JUeHrdyCJm6mdmfY9BpUfSDyWNlisBuS2yirmnJx4
gLIyCS+6FXxQOs7B9Bisvw==
-----END CERTIFICATE-----
Generated at Sun May 11 16:52:45 2025 by rpki-client