Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/1wEZ_NwY5ZQqdkugYkx3bu4KHAc.roa
File: 1wEZ_NwY5ZQqdkugYkx3bu4KHAc.roa (raw, json)
Hash identifier: 5b596Vhsyvbzu/2JkCIffyhYQa7djN10/ISyHyBrYC8=
Subject key identifier: D7:01:19:FC:DC:18:E5:94:2A:76:4B:A0:62:4C:77:6E:EE:0A:1C:07
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019522B242CD8BE76B46AEF0B53AA5F86EEC
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/1wEZ_NwY5ZQqdkugYkx3bu4KHAc.roa
Signing time: Thu 20 Feb 2025 09:31:02 +0000
ROA not before: Thu 20 Feb 2025 09:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:8306::/32 maxlen: 32
2a11:8447::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Feb 2025 16:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:b2:42:cd:8b:e7:6b:46:ae:f0:b5:3a:a5:f8:6e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Feb 20 09:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d70119fcdc18e5942a764ba0624c776eee0a1c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:51:4a:e9:7a:44:8d:13:78:11:02:98:20:
75:58:d1:2a:ef:85:ab:dd:fc:5c:0c:22:64:52:cc:
62:32:f0:ae:6b:3b:25:ac:06:41:53:12:fa:d3:98:
b0:87:8b:41:1f:3e:68:62:0f:4c:cb:2b:2d:70:8c:
b8:c3:82:01:08:43:b2:90:d4:8c:94:97:e7:98:01:
72:21:73:12:09:05:5d:32:a9:81:84:cf:f8:9c:c7:
26:65:72:a9:83:4c:47:33:a8:78:06:f7:8e:c1:77:
d6:9b:05:18:7f:9e:8e:5b:01:54:f2:e6:76:72:b9:
ce:7f:77:11:e6:ce:fc:63:5a:04:6a:fa:b1:70:31:
65:ac:a9:8c:e7:00:c3:51:8d:00:1f:b5:6b:ed:0a:
e8:ec:10:45:ec:c7:84:9b:b4:24:f3:7b:f4:7f:3a:
01:c1:32:71:a6:45:cf:71:2b:69:a8:e2:5e:2e:56:
6c:37:be:c1:a2:84:22:d4:69:85:6e:48:7a:1a:3e:
b7:11:e1:e2:0f:77:44:05:31:e1:3b:32:2f:df:35:
75:2a:5e:e3:db:07:aa:11:1a:20:37:63:2a:aa:6c:
ce:ef:cd:eb:76:2c:d9:3b:99:cb:44:57:03:26:18:
22:23:f6:b9:61:d0:f7:a3:fd:db:6e:2b:44:ae:a4:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:01:19:FC:DC:18:E5:94:2A:76:4B:A0:62:4C:77:6E:EE:0A:1C:07
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/1wEZ_NwY5ZQqdkugYkx3bu4KHAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8306::/32
2a11:8447::/32
Signature Algorithm: sha256WithRSAEncryption
8d:7d:28:60:15:96:8d:ba:06:73:fd:05:d6:7a:78:69:0f:92:
25:b1:e3:68:59:79:1c:67:e6:00:28:09:47:aa:59:7d:b2:f3:
63:31:50:50:9e:60:32:a6:05:86:1d:3a:13:78:ba:f2:a9:15:
6b:cc:15:6e:6b:99:0a:01:75:fc:a0:fe:71:e6:23:8c:6f:0f:
d8:7d:50:94:40:43:6d:43:06:09:1f:0f:00:ef:96:3f:c8:c3:
cb:8a:70:99:c5:56:b3:9b:a6:32:03:89:98:6c:6a:af:db:ff:
c7:23:8e:dd:de:d5:89:6a:96:f7:bd:a4:7d:ca:bf:86:07:a6:
68:72:1c:0f:dd:dc:61:e8:74:5d:9e:ff:82:09:67:af:57:7e:
72:56:55:91:9a:cb:0e:5a:da:88:6b:88:1b:62:48:10:73:60:
ce:de:89:af:38:fd:5e:b5:da:64:38:c7:24:5d:63:8c:a2:cb:
3f:5c:19:23:0b:50:64:a1:09:22:61:81:08:7d:c7:a4:57:12:
15:e8:a9:13:5a:b4:d5:e1:c7:17:d7:6c:2e:b9:5d:d2:b0:67:
0f:ff:7b:0b:b2:43:ab:60:be:1b:ed:0e:35:0e:5d:d8:e8:17:
2c:72:d9:f8:9f:1e:96:97:8d:ea:89:59:67:c5:c7:8d:7d:05:
2f:e2:79:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUiskLNi+drRq7wtTql+G7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMjIwMDkzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzAxMTlmY2RjMThlNTk0MmE3NjRiYTA2MjRjNzc2ZWVlMGExYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjJRSul6RI0TeBECmCB1WNEq74Wr
3fxcDCJkUsxiMvCuazslrAZBUxL605iwh4tBHz5oYg9MyystcIy4w4IBCEOykNSM
lJfnmAFyIXMSCQVdMqmBhM/4nMcmZXKpg0xHM6h4BveOwXfWmwUYf56OWwFU8uZ2
crnOf3cR5s78Y1oEavqxcDFlrKmM5wDDUY0AH7Vr7Qro7BBF7MeEm7Qk83v0fzoB
wTJxpkXPcStpqOJeLlZsN77BooQi1GmFbkh6Gj63EeHiD3dEBTHhOzIv3zV1Kl7j
2weqERogN2MqqmzO783rdizZO5nLRFcDJhgiI/a5YdD3o/3bbitErqTbQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNcBGfzcGOWUKnZLoGJMd27uChwHMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvMXdFWl9Od1k1WlFxZGt1Z1lreDNidTRLSEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhGDBgMF
ACoRhEcwDQYJKoZIhvcNAQELBQADggEBAI19KGAVlo26BnP9BdZ6eGkPkiWx42hZ
eRxn5gAoCUeqWX2y82MxUFCeYDKmBYYdOhN4uvKpFWvMFW5rmQoBdfyg/nHmI4xv
D9h9UJRAQ21DBgkfDwDvlj/Iw8uKcJnFVrObpjIDiZhsaq/b/8cjjt3e1Ylqlve9
pH3Kv4YHpmhyHA/d3GHodF2e/4IJZ69XfnJWVZGayw5a2ohriBtiSBBzYM7eia84
/V612mQ4xyRdY4yiyz9cGSMLUGShCSJhgQh9x6RXEhXoqRNatNXhxxfXbC65XdKw
Zw//ewuyQ6tgvhvtDjUOXdjoFyxy2fifHpaXjeqJWWfFx419BS/ieW4=
-----END CERTIFICATE-----
Generated at Tue May 13 02:18:17 2025 by rpki-client