Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Z30whtW5WzfIVt8YEM7TvOkiius.roa
File: Z30whtW5WzfIVt8YEM7TvOkiius.roa (raw, json)
Hash identifier: 3yxfJiYd4sq+BsBb4wxrSRTHZIkprp5SqZ3xp79AMKc=
Subject key identifier: 67:7D:30:86:D5:B9:5B:37:C8:56:DF:18:10:CE:D3:BC:E9:22:8A:EB
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01955C59BD67129423AA482FDC014A328EEE
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Z30whtW5WzfIVt8YEM7TvOkiius.roa
Signing time: Mon 03 Mar 2025 14:12:19 +0000
ROA not before: Mon 03 Mar 2025 14:12:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:e000::/29 maxlen: 36
2a12:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:59:bd:67:12:94:23:aa:48:2f:dc:01:4a:32:8e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Mar 3 14:12:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=677d3086d5b95b37c856df1810ced3bce9228aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:8a:ac:f7:68:73:85:d1:40:17:36:6b:7f:6f:
8c:a8:0a:be:c9:2e:37:20:79:d9:6e:97:43:d1:ec:
9b:89:c8:45:e8:a6:30:47:96:8f:ab:04:c2:ec:d8:
f2:95:e8:93:c8:e3:d6:df:96:90:e0:6f:16:d4:b3:
28:95:73:32:d8:9a:cf:06:f4:e3:5d:86:d4:98:c3:
a8:71:1c:03:5a:38:f7:b5:a8:dc:be:30:7b:31:ec:
08:6b:d0:07:ab:1a:d1:b0:bc:17:dd:1f:37:df:ba:
bf:19:65:45:f6:d3:67:3e:02:ae:78:e4:7b:1c:95:
61:d0:bd:bb:1b:82:55:87:c2:02:23:78:d5:6a:12:
4a:94:35:62:87:56:65:95:dd:53:20:ec:e1:a4:15:
f4:0c:f4:a9:0c:30:34:63:70:e9:b4:01:83:49:72:
39:08:7c:d7:e4:85:03:0e:c8:cc:41:f0:c5:78:b5:
98:01:4e:f0:96:1e:a2:e2:6d:21:2f:ae:10:ff:e6:
3f:57:b2:8c:1b:7e:ca:e9:b3:06:28:79:da:16:3d:
64:f1:40:fd:6e:9a:b5:0a:7f:c6:33:32:65:f9:8f:
0a:23:af:5f:e9:b8:ad:51:4f:05:e5:c5:f5:4e:2f:
f7:58:42:e2:6a:e1:7e:d9:e7:d9:b8:4d:fc:49:c4:
cd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7D:30:86:D5:B9:5B:37:C8:56:DF:18:10:CE:D3:BC:E9:22:8A:EB
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Z30whtW5WzfIVt8YEM7TvOkiius.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:3e:91:e3:a3:8b:4f:60:6f:23:6d:db:45:26:6c:cc:ac:d4:
37:2c:fe:52:df:3d:a7:46:da:cd:01:9f:fa:92:ac:5a:bf:b5:
d5:71:31:d0:6f:9f:38:7b:d3:ad:7a:94:28:dc:d5:68:0e:32:
29:3b:5b:1b:2d:a5:f4:b5:14:e3:75:fe:e9:02:0b:85:41:d2:
31:98:a9:9c:bf:6a:81:4c:db:ea:c4:dd:8c:1d:a7:76:ba:2e:
3e:6a:8c:c9:22:3e:12:90:c8:b0:e6:2d:a6:79:96:b4:61:2a:
93:a8:f5:84:76:d8:08:22:bc:44:7a:8f:3b:82:d0:b1:50:e1:
b3:78:2d:86:a9:78:27:19:34:47:da:c2:61:13:32:f4:bf:34:
f2:dd:fa:1d:de:71:a4:fa:c7:ec:7f:fe:dc:08:67:53:da:b6:
39:56:20:6c:5e:bc:a2:76:94:80:47:b1:d3:ec:87:65:92:02:
20:db:07:8d:6b:1b:39:2a:28:a1:bb:25:14:27:14:ee:48:ef:
6b:8a:8d:65:95:9d:ad:a9:bc:71:ea:f6:40:e1:84:7a:97:f4:
29:e9:06:a7:aa:0a:02:e9:1c:dc:ad:85:85:59:15:50:db:e0:
b4:c6:31:7b:d5:52:b7:51:62:cd:a6:65:dd:f4:8e:e4:a3:0d:
e8:ed:a6:64
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVcWb1nEpQjqkgv3AFKMo7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwMzAzMTQxMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdkMzA4NmQ1Yjk1YjM3Yzg1NmRmMTgxMGNlZDNiY2U5MjI4YWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Yqs92hzhdFAFzZrf2+MqAq+yS43
IHnZbpdD0eybichF6KYwR5aPqwTC7NjyleiTyOPW35aQ4G8W1LMolXMy2JrPBvTj
XYbUmMOocRwDWjj3tajcvjB7MewIa9AHqxrRsLwX3R8337q/GWVF9tNnPgKueOR7
HJVh0L27G4JVh8ICI3jVahJKlDVih1Zlld1TIOzhpBX0DPSpDDA0Y3DptAGDSXI5
CHzX5IUDDsjMQfDFeLWYAU7wlh6i4m0hL64Q/+Y/V7KMG37K6bMGKHnaFj1k8UD9
bpq1Cn/GMzJl+Y8KI69f6bitUU8F5cX1Ti/3WELiauF+2efZuE38ScTNhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGd9MIbVuVs3yFbfGBDO07zpIorrMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvWjMwd2h0VzVXemZJVnQ4WUVNN1R2T2tpaXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/gAAMF
AyoS8MAwDQYJKoZIhvcNAQELBQADggEBALQ+keOji09gbyNt20UmbMys1Dcs/lLf
PadG2s0Bn/qSrFq/tdVxMdBvnzh70616lCjc1WgOMik7WxstpfS1FON1/ukCC4VB
0jGYqZy/aoFM2+rE3Ywdp3a6Lj5qjMkiPhKQyLDmLaZ5lrRhKpOo9YR22AgivER6
jzuC0LFQ4bN4LYapeCcZNEfawmETMvS/NPLd+h3ecaT6x+x//twIZ1PatjlWIGxe
vKJ2lIBHsdPsh2WSAiDbB41rGzkqKKG7JRQnFO5I72uKjWWVna2pvHHq9kDhhHqX
9CnpBqeqCgLpHNythYVZFVDb4LTGMXvVUrdRYs2mZd30juSjDejtpmQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:39:47 2025 by rpki-client