Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/VfpFUzy3dXFufmae_tNpADTNP-A.roa
File: VfpFUzy3dXFufmae_tNpADTNP-A.roa (raw, json)
Hash identifier: D7I5fF7TUAXgk4p4D4WzsroSSM9ogjTzZ/5I14eDnb4=
Subject key identifier: 55:FA:45:53:3C:B7:75:71:6E:7E:66:9E:FE:D3:69:00:34:CD:3F:E0
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 019679AA5D7645C9DD3474E67C317D9B5320
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/VfpFUzy3dXFufmae_tNpADTNP-A.roa
Signing time: Sun 27 Apr 2025 23:52:10 +0000
ROA not before: Sun 27 Apr 2025 23:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8796
IP address blocks: 2a0f:9a00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Apr 2025 03:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:aa:5d:76:45:c9:dd:34:74:e6:7c:31:7d:9b:53:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Apr 27 23:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55fa45533cb775716e7e669efed3690034cd3fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:05:97:80:1f:6d:65:84:dd:b2:58:f7:a4:
1c:a7:f4:53:07:a9:76:70:51:5b:7e:0c:6e:7d:5b:
04:75:28:f1:f1:10:31:96:db:5d:78:28:28:24:ef:
65:c6:e2:27:7b:7c:b5:2f:f3:7d:6a:bd:c4:1e:c8:
65:b1:31:dd:0b:be:82:eb:70:d4:75:52:7b:63:c9:
7d:c5:c0:4d:a1:55:78:f6:88:06:e5:b7:66:e1:ba:
eb:e3:30:82:99:4d:ae:6e:a5:37:3b:19:c1:55:86:
15:75:75:4b:0d:7d:c1:78:71:fe:48:96:1f:b6:8a:
d5:e0:ce:9a:81:9c:65:ca:38:a7:b6:21:3b:d9:c8:
c8:5d:f8:89:54:d5:cf:46:5f:12:be:63:11:51:17:
a8:1a:7c:74:60:91:f2:52:5d:25:d9:dc:92:a2:0c:
d0:58:e5:0e:dc:8b:b0:ba:a5:e8:fb:69:6e:dc:07:
a0:ca:10:51:79:68:c0:81:cb:96:46:48:86:4a:3e:
bc:3e:63:54:d1:98:68:b3:39:8e:d0:65:4a:ca:2f:
97:04:e3:4c:54:19:b2:8f:39:90:39:c2:7c:95:71:
02:75:ef:8e:0b:c8:ec:5b:da:30:96:eb:2f:51:b2:
7d:94:c3:fb:b5:53:b2:3b:75:28:61:57:1a:1e:1c:
4c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FA:45:53:3C:B7:75:71:6E:7E:66:9E:FE:D3:69:00:34:CD:3F:E0
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/VfpFUzy3dXFufmae_tNpADTNP-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9a00::/48
Signature Algorithm: sha256WithRSAEncryption
93:06:42:ec:a6:23:69:a2:be:d7:0d:48:a6:e9:05:0f:4a:07:
7c:75:63:aa:a5:59:ef:29:d5:f1:99:0b:83:6b:9d:6a:cb:db:
ee:a0:e5:33:cb:e2:60:34:9f:62:f5:c2:f2:92:73:b1:fd:56:
9c:53:f2:47:21:5f:27:5e:27:6d:c7:e7:48:c5:e4:29:95:46:
a1:d6:45:4f:57:8d:61:42:34:bd:72:28:3a:42:51:83:64:dc:
a0:f1:b4:aa:52:9d:99:57:be:49:03:f2:c7:db:e9:7f:3d:d6:
ee:51:53:ad:93:2b:f1:e3:6d:9a:99:65:92:2e:eb:82:95:0b:
26:96:d7:fe:18:a7:01:05:1a:09:14:7c:5f:5b:9e:19:b7:03:
bc:68:42:d2:fd:a3:09:b1:ef:d6:56:6c:d3:2f:c4:6d:b7:82:
ac:ce:89:b6:e4:ac:f9:fd:1d:d2:61:8c:52:b7:3f:38:2c:e4:
70:46:86:e9:f8:a9:02:8a:49:49:f4:69:95:72:13:e4:a0:e0:
de:c7:33:c1:f2:e5:db:1a:91:6b:51:6d:90:5a:fb:d7:2f:d1:
a7:9a:e5:c9:72:73:d5:3e:ba:ce:b2:d3:88:b1:69:45:0a:9a:
6c:d5:98:b3:4c:46:02:de:fe:b7:25:d3:ad:96:2e:4d:80:c8:
bc:d6:92:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZZ5ql12RcndNHTmfDF9m1MgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjUwNDI3MjM1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZhNDU1MzNjYjc3NTcxNmU3ZTY2OWVmZWQzNjkwMDM0Y2QzZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui4Fl4AfbWWE3bJY96Qcp/RTB6l2
cFFbfgxufVsEdSjx8RAxlttdeCgoJO9lxuIne3y1L/N9ar3EHshlsTHdC76C63DU
dVJ7Y8l9xcBNoVV49ogG5bdm4brr4zCCmU2ubqU3OxnBVYYVdXVLDX3BeHH+SJYf
torV4M6agZxlyjintiE72cjIXfiJVNXPRl8SvmMRUReoGnx0YJHyUl0l2dySogzQ
WOUO3IuwuqXo+2lu3AegyhBReWjAgcuWRkiGSj68PmNU0ZhoszmO0GVKyi+XBONM
VBmyjzmQOcJ8lXECde+OC8jsW9owlusvUbJ9lMP7tVOyO3UoYVcaHhxM8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFX6RVM8t3Vxbn5mnv7TaQA0zT/gMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvVmZwRlV6eTNkWEZ1Zm1hZV90TnBBRFROUC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+aAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTBkLspiNpor7XDUim6QUPSgd8dWOqpVnvKdXx
mQuDa51qy9vuoOUzy+JgNJ9i9cLyknOx/VacU/JHIV8nXidtx+dIxeQplUah1kVP
V41hQjS9cig6QlGDZNyg8bSqUp2ZV75JA/LH2+l/PdbuUVOtkyvx422amWWSLuuC
lQsmltf+GKcBBRoJFHxfW54ZtwO8aELS/aMJse/WVmzTL8Rtt4Kszom25Kz5/R3S
YYxStz84LORwRobp+KkCiklJ9GmVchPkoODexzPB8uXbGpFrUW2QWvvXL9GnmuXJ
cnPVPrrOstOIsWlFCpps1ZizTEYC3v63JdOtli5NgMi81pJI
-----END CERTIFICATE-----
Generated at Fri May 9 22:25:57 2025 by rpki-client