Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/HV1EyQC9TY3zSygc-FJHrV8yTt8.roa
File: HV1EyQC9TY3zSygc-FJHrV8yTt8.roa (raw, json)
Hash identifier: HE3gzqJMeOvw+evc4YLpr9WUNbEbjHTAwQtjktIl0PM=
Subject key identifier: 1D:5D:44:C9:00:BD:4D:8D:F3:4B:28:1C:F8:52:47:AD:5F:32:4E:DF
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 01963FFF7D0E1B4A269FD26BF100ED9A2E61
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/HV1EyQC9TY3zSygc-FJHrV8yTt8.roa
Signing time: Wed 16 Apr 2025 19:07:10 +0000
ROA not before: Wed 16 Apr 2025 19:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:35c3::/32 maxlen: 32
2a11:7084::/32 maxlen: 32
2a12:1545::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Apr 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ff:7d:0e:1b:4a:26:9f:d2:6b:f1:00:ed:9a:2e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 16 19:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d5d44c900bd4d8df34b281cf85247ad5f324edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:50:ce:16:cd:62:d8:25:9a:2c:95:8a:f3:ab:
3c:d6:86:90:9b:05:c6:8d:a5:82:21:e5:11:b9:08:
7b:dd:37:48:d0:42:55:5a:7e:49:44:90:f9:f8:70:
6d:25:f7:82:40:86:6b:9d:9f:38:42:df:33:8e:5e:
7a:07:fb:44:00:fe:2a:ff:e4:e5:ce:2a:f7:06:c4:
b2:61:c2:ad:52:19:ec:37:dd:e9:82:51:ff:9e:48:
c1:9f:75:f4:b9:45:e4:5d:43:0e:d3:97:08:55:23:
4b:da:49:d5:ac:c4:86:04:ef:35:0a:6b:a5:48:dc:
9c:a5:10:bb:ef:05:43:bb:fb:94:03:07:4c:5d:ed:
9f:d3:6e:94:ed:c2:3f:19:3a:81:6c:a1:9c:a7:08:
ac:0b:bf:a1:41:b2:3a:f7:19:d2:9e:b3:e1:f7:b1:
f4:7e:22:65:ce:3d:a3:e2:9f:97:76:2d:e0:40:1d:
81:b4:bc:69:3b:ab:d9:7c:5f:d5:bf:d9:59:f9:de:
31:9f:da:5f:d6:bf:ab:a2:a3:29:eb:f4:9b:cd:80:
5c:20:0e:27:6e:8b:ba:d4:85:5e:55:f4:63:ae:cd:
9e:13:05:47:5b:ec:4f:44:87:26:91:ab:9f:c0:e5:
cb:2c:8c:d5:1a:90:1b:28:4d:ca:f2:9b:3b:48:1f:
52:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5D:44:C9:00:BD:4D:8D:F3:4B:28:1C:F8:52:47:AD:5F:32:4E:DF
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/HV1EyQC9TY3zSygc-FJHrV8yTt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:35c3::/32
2a11:7084::/32
2a12:1545::/32
Signature Algorithm: sha256WithRSAEncryption
49:cc:cb:6c:40:29:fd:3d:3c:1f:70:5d:96:93:44:2f:21:35:
d8:6f:f3:3f:24:03:bd:a7:e8:0a:93:80:21:65:59:53:68:80:
1f:1f:75:31:b5:c3:1c:3b:6c:f6:f3:16:05:b9:71:0d:65:bf:
b4:42:f9:30:e0:ee:95:f5:18:4a:b5:61:0c:42:e9:30:f2:a4:
03:d0:a5:74:07:79:e9:f6:0d:81:53:0c:8d:fc:92:87:3c:aa:
73:ca:2f:d4:c8:b4:fe:81:22:fc:67:2f:3b:63:93:d4:b1:25:
8d:1b:37:80:46:a2:0e:a0:50:73:99:37:f8:89:43:13:27:32:
46:d8:c6:97:a1:b2:a8:67:cc:6c:67:5c:06:c4:9f:72:4f:fa:
83:c2:da:79:f7:d5:d4:dd:54:a3:ae:1f:d7:16:14:87:df:ae:
4d:8e:2f:82:c2:4c:5c:79:03:b1:b3:7e:77:da:6a:9e:3d:e6:
d9:d8:86:32:0d:6a:a0:b4:a0:ed:d6:c9:a2:cb:f5:a7:30:0d:
fa:d6:e3:91:55:8f:7e:e2:88:ad:9b:5b:f1:8a:bf:3f:7b:79:
00:96:8a:7e:2f:ce:26:32:fa:60:89:72:62:06:3f:72:18:d5:
eb:95:0e:ca:b2:3a:b8:27:40:b1:f1:24:a8:02:c4:03:33:0c:
d7:7d:0d:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZY//30OG0omn9Jr8QDtmi5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwNDE2MTkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVkNDRjOTAwYmQ0ZDhkZjM0YjI4MWNmODUyNDdhZDVmMzI0ZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lDOFs1i2CWaLJWK86s81oaQmwXG
jaWCIeURuQh73TdI0EJVWn5JRJD5+HBtJfeCQIZrnZ84Qt8zjl56B/tEAP4q/+Tl
zir3BsSyYcKtUhnsN93pglH/nkjBn3X0uUXkXUMO05cIVSNL2knVrMSGBO81Cmul
SNycpRC77wVDu/uUAwdMXe2f026U7cI/GTqBbKGcpwisC7+hQbI69xnSnrPh97H0
fiJlzj2j4p+Xdi3gQB2BtLxpO6vZfF/Vv9lZ+d4xn9pf1r+roqMp6/SbzYBcIA4n
bou61IVeVfRjrs2eEwVHW+xPRIcmkaufwOXLLIzVGpAbKE3K8ps7SB9SswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB1dRMkAvU2N80soHPhSR61fMk7fMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvSFYxRXlRQzlUWTN6U3lnYy1GSkhyVjh5VHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhE1wwMF
ACoRcIQDBQAqEhVFMA0GCSqGSIb3DQEBCwUAA4IBAQBJzMtsQCn9PTwfcF2Wk0Qv
ITXYb/M/JAO9p+gKk4AhZVlTaIAfH3UxtcMcO2z28xYFuXENZb+0Qvkw4O6V9RhK
tWEMQukw8qQD0KV0B3np9g2BUwyN/JKHPKpzyi/UyLT+gSL8Zy87Y5PUsSWNGzeA
RqIOoFBzmTf4iUMTJzJG2MaXobKoZ8xsZ1wGxJ9yT/qDwtp599XU3VSjrh/XFhSH
365Nji+CwkxceQOxs3532mqePebZ2IYyDWqgtKDt1smiy/WnMA361uORVY9+4oit
m1vxir8/e3kAlop+L84mMvpgiXJiBj9yGNXrlQ7Ksjq4J0Cx8SSoAsQDMwzXfQ2P
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:28:52 2025 by rpki-client