Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mIHBBrOtCbEpi0qiQqS4cKxcEek.roa
File: mIHBBrOtCbEpi0qiQqS4cKxcEek.roa (raw, json)
Hash identifier: n1LOMUF1VozfsGtEssgvDraF7JFoz8UligyFG2XMJss=
Subject key identifier: 98:81:C1:06:B3:AD:09:B1:29:8B:4A:A2:42:A4:B8:70:AC:5C:11:E9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195AEFD4A6F39A600C11B7D61D9C1028475
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mIHBBrOtCbEpi0qiQqS4cKxcEek.roa
Signing time: Wed 19 Mar 2025 15:19:49 +0000
ROA not before: Wed 19 Mar 2025 15:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:1fc0::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:c500::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:fd:4a:6f:39:a6:00:c1:1b:7d:61:d9:c1:02:84:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 19 15:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9881c106b3ad09b1298b4aa242a4b870ac5c11e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:54:16:f2:8a:88:c3:fd:50:3a:5c:0b:45:
e9:cd:b1:c8:5b:ed:8c:64:e9:77:63:ff:5b:0f:77:
91:d6:c4:ae:ef:46:16:39:c2:be:c2:be:a1:c6:6a:
57:31:6b:23:3a:45:92:8c:9b:cc:88:11:cc:53:79:
ea:fe:4b:0a:ff:9f:b2:0c:02:f7:d7:3e:53:56:ba:
74:da:1a:41:9b:54:76:dd:23:7a:61:98:e3:84:cf:
a9:5f:0b:b1:f4:0f:b3:67:7d:59:b5:bc:1e:73:b4:
8d:05:d1:fa:e5:41:05:77:b4:40:5a:6b:98:0f:e4:
9e:d0:29:5b:5c:b9:5f:77:e9:bd:c9:3a:45:8d:d1:
dd:6a:75:2c:80:95:02:25:7c:d3:22:ff:7e:ab:3a:
c2:49:55:7b:81:ae:bb:55:c5:7d:58:ba:66:0c:6f:
6f:09:f3:8d:a2:ce:98:63:07:10:f0:d4:58:76:09:
2d:98:55:c1:63:b6:7f:6e:43:67:73:fc:6e:62:7f:
47:e2:4d:22:e5:e6:fa:c7:ae:c4:16:37:eb:75:67:
1e:b6:5c:8c:ef:bc:79:cd:46:c4:9e:c5:4a:f1:0f:
0b:f0:e2:fd:29:f6:13:58:2d:3f:17:40:8f:f4:9d:
25:80:6c:7f:df:84:f3:c6:59:8c:c0:77:02:53:56:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:81:C1:06:B3:AD:09:B1:29:8B:4A:A2:42:A4:B8:70:AC:5C:11:E9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mIHBBrOtCbEpi0qiQqS4cKxcEek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1fc0::/29
2a10:7100::/29
2a11:3f80::/29
2a11:4e80::/29
2a13:8f00::/29
2a13:c500::/29
Signature Algorithm: sha256WithRSAEncryption
b3:81:0b:0e:40:ce:69:12:f2:f1:c2:6e:e5:e2:a4:17:a6:b8:
31:01:9d:5d:93:42:8a:6c:7a:7b:6b:56:2b:3c:5e:12:cd:d3:
4a:66:50:e2:62:dd:a0:20:ea:9f:ff:1c:f5:09:5e:23:f8:30:
98:e4:3f:e2:ed:6c:16:59:cf:f3:41:59:41:9e:42:fd:c4:d9:
0c:50:cb:4e:9b:cf:8f:c9:c6:5b:c0:f2:cd:28:d3:d4:bb:7f:
0c:ce:e4:c7:ed:3d:f8:77:98:ef:65:60:76:56:8b:87:0c:68:
77:29:ed:62:b6:d8:77:12:8c:6e:50:f4:8f:cd:78:e4:e4:b2:
ce:b6:7e:e5:22:3c:44:97:ff:26:a0:53:74:a0:d9:f2:d5:16:
ff:41:0e:7d:6a:cc:e1:cb:52:07:9c:5a:8e:ed:a5:3e:65:9e:
8f:83:1f:5b:b5:d0:16:05:e7:01:4e:56:f7:2e:89:82:cb:f1:
f7:50:cf:a0:bc:1d:84:7b:7b:04:6b:58:1b:9f:3b:f0:6c:67:
54:c1:76:ec:71:ab:49:3f:69:dd:65:0a:3c:43:15:a7:6f:0c:
6d:42:cc:02:5d:24:90:d1:dd:a2:1c:2e:d8:56:45:96:f5:8c:
b9:e1:b3:27:50:7a:48:da:dd:4e:8d:a4:c4:f9:25:2d:99:8a:
25:b7:9b:10
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWu/UpvOaYAwRt9YdnBAoR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzE5MTUxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODgxYzEwNmIzYWQwOWIxMjk4YjRhYTI0MmE0Yjg3MGFjNWMxMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu1UFvKKiMP9UDpcC0XpzbHIW+2M
ZOl3Y/9bD3eR1sSu70YWOcK+wr6hxmpXMWsjOkWSjJvMiBHMU3nq/ksK/5+yDAL3
1z5TVrp02hpBm1R23SN6YZjjhM+pXwux9A+zZ31Ztbwec7SNBdH65UEFd7RAWmuY
D+Se0ClbXLlfd+m9yTpFjdHdanUsgJUCJXzTIv9+qzrCSVV7ga67VcV9WLpmDG9v
CfONos6YYwcQ8NRYdgktmFXBY7Z/bkNnc/xuYn9H4k0i5eb6x67EFjfrdWcetlyM
77x5zUbEnsVK8Q8L8OL9KfYTWC0/F0CP9J0lgGx/34TzxlmMwHcCU1beWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJiBwQazrQmxKYtKokKkuHCsXBHpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbUlIQkJyT3RDYkVwaTBxaVFxUzRjS3hjRWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8fwAMF
AyoQcQADBQMqET+AAwUDKhFOgAMFAyoTjwADBQMqE8UAMA0GCSqGSIb3DQEBCwUA
A4IBAQCzgQsOQM5pEvLxwm7l4qQXprgxAZ1dk0KKbHp7a1YrPF4SzdNKZlDiYt2g
IOqf/xz1CV4j+DCY5D/i7WwWWc/zQVlBnkL9xNkMUMtOm8+PycZbwPLNKNPUu38M
zuTH7T34d5jvZWB2VouHDGh3Ke1itth3EoxuUPSPzXjk5LLOtn7lIjxEl/8moFN0
oNny1Rb/QQ59aszhy1IHnFqO7aU+ZZ6Pgx9btdAWBecBTlb3LomCy/H3UM+gvB2E
e3sEa1gbnzvwbGdUwXbscatJP2ndZQo8QxWnbwxtQswCXSSQ0d2iHC7YVkWW9Yy5
4bMnUHpI2t1OjaTE+SUtmYolt5sQ
-----END CERTIFICATE-----
Generated at Sun May 11 22:34:05 2025 by rpki-client