Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ZF30VPwqhEb0rDZzzTbv7bxUIE.roa
File: 0ZF30VPwqhEb0rDZzzTbv7bxUIE.roa (raw, json)
Hash identifier: UsCbPj3hiIog/9RM9P/JuHcQMW2kOALn2x7KpmPudJM=
Subject key identifier: D1:91:77:D1:53:F0:AA:11:1B:D2:B0:D9:CF:34:DB:BF:B6:F1:50:81
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196876F262073FC632538FBC5D942BECA3D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ZF30VPwqhEb0rDZzzTbv7bxUIE.roa
Signing time: Wed 30 Apr 2025 16:02:10 +0000
ROA not before: Wed 30 Apr 2025 16:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a09:4500::/29 maxlen: 29
2a0f:1540::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a13:f40::/29 maxlen: 29
2a13:2ec0::/29 maxlen: 29
2a13:3040::/29 maxlen: 29
2a13:a100::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 04 May 2025 16:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:6f:26:20:73:fc:63:25:38:fb:c5:d9:42:be:ca:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 30 16:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d19177d153f0aa111bd2b0d9cf34dbbfb6f15081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:83:98:96:a0:b1:21:c5:d1:17:dd:66:55:
a7:28:c6:1f:3a:ad:e7:1f:57:37:eb:08:b3:1e:bb:
4b:2b:1e:5f:17:89:ca:d1:90:8a:f9:52:1c:29:8a:
3f:46:3f:75:ad:f9:98:7f:39:25:87:54:4c:35:6f:
1c:1b:9f:9a:eb:3c:c0:0a:3d:52:d1:d2:57:5b:99:
25:12:31:00:8f:0a:8b:1e:93:8f:57:0d:27:81:2a:
d4:78:7e:15:2a:43:55:fc:d3:dc:1b:67:41:32:ad:
7c:e6:72:6e:35:92:22:92:25:d1:2c:4b:35:55:0c:
7c:b8:5c:eb:8f:7a:a2:3b:51:8c:98:f1:9e:82:e6:
7c:ae:eb:2f:7b:27:30:7f:2e:33:16:d9:5e:1d:d2:
b3:7e:ea:f0:54:b7:38:79:d2:33:9a:ea:f5:84:df:
87:e9:cf:89:c6:74:a0:e8:40:86:69:68:b7:ec:dc:
1f:95:1f:4f:0c:4a:00:c6:51:60:bd:8f:df:e3:99:
52:99:e9:3f:6b:dc:f3:0f:a4:de:de:c9:ca:96:0a:
b9:0d:9f:70:54:5a:c0:7a:98:bd:4f:dd:01:a3:3b:
22:53:16:1e:0b:c9:21:6b:b5:d1:46:81:5a:8e:af:
d9:5d:5f:14:dd:9e:fb:62:cb:32:9f:ca:9d:8f:93:
38:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:91:77:D1:53:F0:AA:11:1B:D2:B0:D9:CF:34:DB:BF:B6:F1:50:81
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ZF30VPwqhEb0rDZzzTbv7bxUIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4500::/29
2a0f:1540::/29
2a0f:dec0::/29
2a13:f40::/29
2a13:2ec0::/29
2a13:3040::/29
2a13:a100::/29
Signature Algorithm: sha256WithRSAEncryption
16:51:ab:15:89:07:ca:57:f6:5b:83:25:0d:d6:d1:de:49:6c:
44:8c:34:fb:c3:1e:5f:7b:d7:e4:ab:31:59:6c:d5:74:13:92:
55:05:d6:86:1b:dc:9d:48:11:f3:e2:01:b8:a9:68:07:39:dd:
b0:0a:46:13:74:08:71:c6:87:85:a4:74:e7:48:bf:10:a1:75:
82:12:cc:8f:63:25:f9:bb:72:f0:cc:0e:52:53:09:4e:42:e9:
95:4a:c7:41:b1:dc:26:1b:57:97:9d:52:58:28:15:92:b4:cd:
9d:7e:cc:09:9b:db:ca:b3:4d:df:b3:78:7b:f2:e1:6a:ca:9a:
a4:17:4a:fd:3b:ba:f8:77:83:b8:29:75:c7:49:a5:76:3e:b7:
73:f3:6d:c2:60:ba:c5:37:e1:e3:e8:6a:01:69:e3:83:f3:ec:
ad:03:9f:f2:15:2f:19:30:24:d0:36:8c:cf:83:e1:4c:5f:de:
ba:71:d7:aa:67:7b:84:3d:30:80:ea:44:2b:28:a2:37:04:44:
ee:32:0f:b3:7f:d6:dc:40:ce:c8:5c:c4:d7:a5:ff:3a:6d:25:
b5:56:1f:68:c0:32:e5:84:52:40:34:28:4d:2e:98:7d:06:fd:
3f:2b:64:f4:9c:c5:51:df:70:37:a0:3f:53:98:8d:06:8c:e7:
72:06:53:1c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZaHbyYgc/xjJTj7xdlCvso9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDMwMTYwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTkxNzdkMTUzZjBhYTExMWJkMmIwZDljZjM0ZGJiZmI2ZjE1MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRKDmJagsSHF0RfdZlWnKMYfOq3n
H1c36wizHrtLKx5fF4nK0ZCK+VIcKYo/Rj91rfmYfzklh1RMNW8cG5+a6zzACj1S
0dJXW5klEjEAjwqLHpOPVw0ngSrUeH4VKkNV/NPcG2dBMq185nJuNZIikiXRLEs1
VQx8uFzrj3qiO1GMmPGeguZ8rusveycwfy4zFtleHdKzfurwVLc4edIzmur1hN+H
6c+JxnSg6ECGaWi37NwflR9PDEoAxlFgvY/f45lSmek/a9zzD6Te3snKlgq5DZ9w
VFrAepi9T90BozsiUxYeC8kha7XRRoFajq/ZXV8U3Z77Yssyn8qdj5M4WwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNGRd9FT8KoRG9Kw2c8027+28VCBMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMFpGMzBWUHdxaEViMHJEWnp6VGJ2N2J4VUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKglFAAMF
AyoPFUADBQMqD97AAwUDKhMPQAMFAyoTLsADBQMqEzBAAwUDKhOhADANBgkqhkiG
9w0BAQsFAAOCAQEAFlGrFYkHylf2W4MlDdbR3klsRIw0+8MeX3vX5KsxWWzVdBOS
VQXWhhvcnUgR8+IBuKloBzndsApGE3QIccaHhaR050i/EKF1ghLMj2Ml+bty8MwO
UlMJTkLplUrHQbHcJhtXl51SWCgVkrTNnX7MCZvbyrNN37N4e/LhasqapBdK/Tu6
+HeDuCl1x0mldj63c/NtwmC6xTfh4+hqAWnjg/PsrQOf8hUvGTAk0DaMz4PhTF/e
unHXqmd7hD0wgOpEKyiiNwRE7jIPs3/W3EDOyFzE16X/Om0ltVYfaMAy5YRSQDQo
TS6YfQb9Pytk9JzFUd9wN6A/U5iNBozncgZTHA==
-----END CERTIFICATE-----
Generated at Mon May 12 18:29:31 2025 by rpki-client