Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/Ay4b3ajJkLykovWF9TjqQqbcHKU.roa
File: Ay4b3ajJkLykovWF9TjqQqbcHKU.roa (raw, json)
Hash identifier: omxOzeb4Pzvn6j3tpP5mYOhTVxWbaKFXVvjCcysWYgY=
Subject key identifier: 03:2E:1B:DD:A8:C9:90:BC:A4:A2:F5:85:F5:38:EA:42:A6:DC:1C:A5
Certificate issuer: /CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Certificate serial: 019590CC67433C2518957DA921CDCE14911A
Authority key identifier: 53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/Ay4b3ajJkLykovWF9TjqQqbcHKU.roa
Signing time: Thu 13 Mar 2025 18:37:49 +0000
ROA not before: Thu 13 Mar 2025 18:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 212.29.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 18:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:cc:67:43:3c:25:18:95:7d:a9:21:cd:ce:14:91:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Validity
Not Before: Mar 13 18:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=032e1bdda8c990bca4a2f585f538ea42a6dc1ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:80:b2:5f:75:a2:51:4b:e6:26:1c:5a:e7:64:
44:d7:eb:e5:2f:ee:73:e7:d2:fa:a3:ac:37:f1:fe:
4e:40:3b:45:53:bb:60:b1:d4:83:9d:1d:32:4c:1b:
a2:9a:fe:8a:37:3d:5c:ac:e8:83:61:df:8a:6c:2d:
68:95:68:41:9a:e7:27:47:55:9c:f9:14:94:f2:27:
1f:d0:d7:d4:d3:ae:4e:de:b9:f0:52:d7:35:4a:6a:
e3:41:ef:a5:4d:83:58:78:7c:dc:76:74:17:99:f6:
b3:c0:ba:1a:a0:4d:76:48:a3:b3:7d:50:bd:8e:7a:
f8:68:9a:b8:51:b7:16:74:66:e0:ca:29:5b:f2:06:
3c:a1:08:83:05:06:4e:82:75:13:ac:30:d8:7d:e0:
06:f5:ba:d6:46:9d:b9:81:dc:a0:7c:1b:1a:8a:78:
ce:2e:98:ec:f7:89:9d:4d:83:48:73:2c:4f:78:f5:
b0:20:e4:4b:24:d2:36:1c:81:bf:0f:f0:a6:e0:42:
7e:90:99:72:4c:ec:38:6b:76:78:f6:2d:62:c1:6d:
cf:76:80:a6:38:c0:e2:44:d0:fd:19:23:dd:5a:79:
0a:9c:31:57:31:e9:45:7c:06:28:67:61:32:b1:77:
b9:d9:27:af:40:41:81:70:09:3c:e0:49:de:2e:d9:
7e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2E:1B:DD:A8:C9:90:BC:A4:A2:F5:85:F5:38:EA:42:A6:DC:1C:A5
X509v3 Authority Key Identifier:
keyid:53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/Ay4b3ajJkLykovWF9TjqQqbcHKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.28.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:0b:a6:66:e6:1e:ee:3f:b3:5d:40:b9:aa:dc:48:51:8b:93:
28:3d:17:04:f7:df:32:43:0a:94:59:44:ac:01:3a:43:8d:ea:
47:aa:b7:9e:46:bb:31:11:24:74:e9:d4:9c:eb:de:e1:f4:80:
ac:84:04:5a:cd:f6:68:1e:ae:77:fa:3c:a6:09:75:c9:d2:62:
20:e5:44:19:3c:9b:6a:36:2c:b9:d7:ec:cf:05:89:2f:00:67:
28:c2:2a:7f:78:c2:68:5f:42:d5:01:07:81:9c:1b:55:e8:dc:
25:fb:67:3c:ce:61:34:4b:41:f8:31:1f:e2:3e:88:30:52:26:
8c:f4:5a:10:90:29:a5:69:85:13:9e:2a:97:a5:e6:c6:4b:48:
1f:7a:5d:23:44:e3:53:19:a5:04:8a:07:d8:d0:90:53:dd:9a:
d0:46:16:5d:3d:47:c6:1f:a5:07:59:11:30:25:7a:5b:d0:2d:
34:ad:41:d7:a3:67:ee:d5:4b:ef:d7:72:41:a1:49:84:c0:f2:
da:eb:5b:b1:b8:f5:9c:4c:83:39:73:83:d8:c9:47:12:f3:ab:
39:f1:8f:a1:46:8d:ac:5b:63:81:67:d6:9b:51:3b:16:85:e7:
db:b8:50:a3:a3:1c:59:8c:63:d1:44:94:96:d8:90:21:8f:9a:
72:cb:35:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQzGdDPCUYlX2pIc3OFJEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmJiYmFhM2VlMjRjN2FkOWIyYzYwNDMyZTE0ZWRhMzg0
OWI1ZTIwHhcNMjUwMzEzMTgzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzJlMWJkZGE4Yzk5MGJjYTRhMmY1ODVmNTM4ZWE0MmE2ZGMxY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4CyX3WiUUvmJhxa52RE1+vlL+5z
59L6o6w38f5OQDtFU7tgsdSDnR0yTBuimv6KNz1crOiDYd+KbC1olWhBmucnR1Wc
+RSU8icf0NfU065O3rnwUtc1SmrjQe+lTYNYeHzcdnQXmfazwLoaoE12SKOzfVC9
jnr4aJq4UbcWdGbgyilb8gY8oQiDBQZOgnUTrDDYfeAG9brWRp25gdygfBsainjO
Lpjs94mdTYNIcyxPePWwIORLJNI2HIG/D/Cm4EJ+kJlyTOw4a3Z49i1iwW3PdoCm
OMDiRND9GSPdWnkKnDFXMelFfAYoZ2EysXe52SevQEGBcAk84EneLtl+7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMuG92oyZC8pKL1hfU46kKm3BylMB8GA1UdIwQY
MBaAFFO7u6o+4kx62bLGBDLhTto4SbXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUt
MDBlY2YwYzRkMGVmLzEvQXk0YjNhakprTHlrb3ZXRjlUanFRcWJjSEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUtMDBlY2YwYzRkMGVm
LzEvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B0cMA0G
CSqGSIb3DQEBCwUAA4IBAQDKC6Zm5h7uP7NdQLmq3EhRi5MoPRcE998yQwqUWUSs
ATpDjepHqreeRrsxESR06dSc697h9ICshARazfZoHq53+jymCXXJ0mIg5UQZPJtq
Niy51+zPBYkvAGcowip/eMJoX0LVAQeBnBtV6Nwl+2c8zmE0S0H4MR/iPogwUiaM
9FoQkCmlaYUTniqXpebGS0gfel0jRONTGaUEigfY0JBT3ZrQRhZdPUfGH6UHWREw
JXpb0C00rUHXo2fu1Uvv13JBoUmEwPLa61uxuPWcTIM5c4PYyUcS86s58Y+hRo2s
W2OBZ9abUTsWhefbuFCjoxxZjGPRRJSW2JAhj5pyyzXo
-----END CERTIFICATE-----
Generated at Thu May 15 12:42:33 2025 by rpki-client