Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5vDnkj4mp9eQPnEKrCNTVyYA-Ms.roa
File: 5vDnkj4mp9eQPnEKrCNTVyYA-Ms.roa (raw, json)
Hash identifier: mEPuklRZ9XtPzvVyWoRyvVswIJ9TUBPFwBgU1xjWCvc=
Subject key identifier: E6:F0:E7:92:3E:26:A7:D7:90:3E:71:0A:AC:23:53:57:26:00:F8:CB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01951F1B126291CB030E6F6F7FA02C87E3E1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5vDnkj4mp9eQPnEKrCNTVyYA-Ms.roa
Signing time: Wed 19 Feb 2025 16:47:02 +0000
ROA not before: Wed 19 Feb 2025 16:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 2a0f:3540::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 23 Feb 2025 10:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:1b:12:62:91:cb:03:0e:6f:6f:7f:a0:2c:87:e3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 19 16:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6f0e7923e26a7d7903e710aac2353572600f8cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:14:48:ab:33:0c:76:2d:a6:77:f9:67:8d:a1:
22:f3:a8:54:ad:38:ff:3d:61:14:b4:97:a0:e4:f7:
56:c9:8d:64:c2:25:ce:f7:e3:dc:b6:3a:ac:dd:ae:
9c:76:14:1f:fc:13:9b:e4:a6:cb:6e:b7:0e:87:72:
38:99:2e:c6:c9:5f:27:34:90:f4:58:cc:1a:7d:f2:
35:47:1a:e7:26:30:84:14:34:0b:71:c7:73:2e:aa:
40:f3:be:5a:45:58:1f:85:fa:44:ad:c1:c4:50:0c:
3e:35:c4:be:0d:6a:df:e1:bf:7d:fd:01:57:47:da:
07:c3:08:c1:7d:11:29:53:87:3c:84:a4:5c:77:a0:
a3:c7:d5:bf:2c:e7:d2:b6:47:29:ea:bb:73:a1:da:
20:27:cf:aa:a2:43:11:d8:73:93:8b:d2:f5:5c:1c:
83:b4:f3:5b:3a:2a:32:77:dc:cc:10:fd:aa:7c:91:
6d:7e:2d:8c:f9:bc:9d:cc:e8:74:c0:30:d3:65:71:
ba:d4:58:84:c5:35:f0:20:b9:bf:f5:23:7a:d4:ef:
7c:99:ea:3c:0a:f7:b5:c6:bc:41:fb:e4:99:3e:de:
6a:b9:58:f8:ae:9d:53:b2:88:2d:df:17:28:a4:3b:
86:02:54:b4:8a:08:cb:7a:06:49:8c:19:89:a4:d8:
c1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F0:E7:92:3E:26:A7:D7:90:3E:71:0A:AC:23:53:57:26:00:F8:CB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5vDnkj4mp9eQPnEKrCNTVyYA-Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3540::/29
2a0f:3640::/29
2a0f:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:8d:65:6c:d4:4b:5d:ea:55:d6:6a:26:97:cf:fc:c1:41:f2:
8e:22:23:7e:ad:a8:69:0e:32:5f:c2:34:a3:bc:8b:b5:f9:36:
8c:62:9c:a3:2c:e3:2e:8d:52:9c:c6:6e:85:04:84:00:87:05:
9b:fb:f6:a3:e7:db:75:e6:d2:3c:3f:d4:b5:da:62:1e:2a:80:
2d:71:5b:3d:57:f4:46:5b:78:9f:80:ff:5e:3c:1b:8d:86:5d:
47:c5:92:f7:d8:5d:6d:50:20:d9:e0:45:ae:cd:e1:6f:9f:29:
38:99:b4:7e:ea:d5:53:45:65:b5:d8:25:90:6b:9a:df:c5:12:
19:70:9a:29:d3:23:00:2d:8b:7f:56:cf:d3:dd:26:44:6d:c3:
9c:71:aa:e5:3d:57:a8:a3:18:b3:d2:51:56:da:ca:3c:76:66:
6a:48:eb:b8:08:87:9d:40:1c:d3:f4:28:22:bf:22:da:33:88:
fd:4b:8b:3e:65:cb:fa:fa:4d:99:55:6a:32:df:23:ad:07:38:
6a:03:a1:6f:6b:ce:41:e0:4c:7f:ce:92:9b:e6:7f:d4:8c:ef:
3a:63:29:3c:52:c7:35:15:a6:02:23:3d:87:33:97:cb:14:24:
c8:53:22:d9:4b:fb:44:2a:69:aa:2b:ec:b6:98:8d:ab:0b:ca:
3f:4f:92:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUfGxJikcsDDm9vf6Ash+PhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjE5MTY0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmYwZTc5MjNlMjZhN2Q3OTAzZTcxMGFhYzIzNTM1NzI2MDBmOGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hRIqzMMdi2md/lnjaEi86hUrTj/
PWEUtJeg5PdWyY1kwiXO9+Pctjqs3a6cdhQf/BOb5KbLbrcOh3I4mS7GyV8nNJD0
WMwaffI1RxrnJjCEFDQLccdzLqpA875aRVgfhfpErcHEUAw+NcS+DWrf4b99/QFX
R9oHwwjBfREpU4c8hKRcd6Cjx9W/LOfStkcp6rtzodogJ8+qokMR2HOTi9L1XByD
tPNbOioyd9zMEP2qfJFtfi2M+bydzOh0wDDTZXG61FiExTXwILm/9SN61O98meo8
Cve1xrxB++SZPt5quVj4rp1Tsogt3xcopDuGAlS0igjLegZJjBmJpNjB4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFObw55I+JqfXkD5xCqwjU1cmAPjLMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNXZEbmtqNG1wOWVRUG5FS3JDTlRWeVlBLU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg81QAMF
AyoPNkADBQMqD97AMA0GCSqGSIb3DQEBCwUAA4IBAQAtjWVs1Etd6lXWaiaXz/zB
QfKOIiN+rahpDjJfwjSjvIu1+TaMYpyjLOMujVKcxm6FBIQAhwWb+/aj59t15tI8
P9S12mIeKoAtcVs9V/RGW3ifgP9ePBuNhl1HxZL32F1tUCDZ4EWuzeFvnyk4mbR+
6tVTRWW12CWQa5rfxRIZcJop0yMALYt/Vs/T3SZEbcOccarlPVeooxiz0lFW2so8
dmZqSOu4CIedQBzT9CgivyLaM4j9S4s+Zcv6+k2ZVWoy3yOtBzhqA6Fva85B4Ex/
zpKb5n/UjO86Yyk8Usc1FaYCIz2HM5fLFCTIUyLZS/tEKmmqK+y2mI2rC8o/T5I7
-----END CERTIFICATE-----
Generated at Tue May 13 22:49:45 2025 by rpki-client