Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JPxVqOesXWA7UlnuVxuhJ41K4nE.roa
File: JPxVqOesXWA7UlnuVxuhJ41K4nE.roa (raw, json)
Hash identifier: WJ4EYG+ApUnDg4fMXPapVphOz6r73qJ1wqwoDoIYIpU=
Subject key identifier: 24:FC:55:A8:E7:AC:5D:60:3B:52:59:EE:57:1B:A1:27:8D:4A:E2:71
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0195ED48DB4938DAFA0AF10FE7FC420C9F02
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JPxVqOesXWA7UlnuVxuhJ41K4nE.roa
Signing time: Mon 31 Mar 2025 17:38:49 +0000
ROA not before: Mon 31 Mar 2025 17:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0e:7f47::/32 maxlen: 32
2a11:c101::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 18:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:48:db:49:38:da:fa:0a:f1:0f:e7:fc:42:0c:9f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Mar 31 17:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24fc55a8e7ac5d603b5259ee571ba1278d4ae271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:5c:af:e3:f0:9a:86:73:b6:14:82:ce:cc:
5c:d2:6e:3a:d6:2f:f1:f9:4d:6a:91:11:a7:eb:6c:
dc:d9:09:56:94:8d:86:3b:28:64:51:68:33:76:ba:
21:46:42:2c:4e:e9:e9:3e:34:bc:29:ae:4a:0c:8c:
9d:10:6b:bd:61:4f:24:18:57:45:7e:43:04:29:9d:
ca:8d:66:4a:5d:b0:75:60:52:25:aa:b6:28:cb:ab:
66:37:65:48:63:72:9a:0e:e2:84:d2:b7:61:b9:2a:
37:ff:e5:f0:30:75:80:06:26:68:f5:d3:96:7b:98:
cb:36:c7:cc:ac:8c:f3:46:ee:e4:2a:1c:9f:f6:b2:
68:a0:00:60:7a:a0:e1:a3:6f:88:d8:48:a4:40:76:
d1:ea:af:42:3d:8b:69:03:3f:19:f5:a5:53:a3:e2:
c1:57:c8:0d:65:ef:47:2e:51:91:24:0d:27:b0:dd:
a8:ec:f7:f7:9a:7d:6a:63:57:bb:89:82:75:eb:ce:
9c:7e:fd:dc:f7:27:2c:17:e7:6d:d6:b2:ba:d5:1c:
28:c0:44:41:de:92:e8:94:76:8f:3a:b0:db:8b:d8:
16:3e:1e:f2:dd:6f:1b:48:44:46:ac:b7:7e:1c:70:
27:7c:fd:0e:08:5c:b4:be:85:95:c9:a8:c9:60:14:
9c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FC:55:A8:E7:AC:5D:60:3B:52:59:EE:57:1B:A1:27:8D:4A:E2:71
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/JPxVqOesXWA7UlnuVxuhJ41K4nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f47::/32
2a11:c101::/32
Signature Algorithm: sha256WithRSAEncryption
33:55:bb:2b:56:f4:4f:e2:25:69:c8:c8:8c:70:4c:3a:1a:0b:
9b:2b:a6:1a:00:60:15:bc:49:51:6c:aa:f3:5b:c5:a1:93:33:
a2:ef:73:b0:86:3a:bf:5b:47:53:b6:e5:7c:68:c6:d3:58:4b:
37:b1:07:0f:eb:75:6e:18:67:07:e0:2b:c7:ad:69:80:32:3e:
15:a1:08:8d:98:29:44:7e:50:1e:f9:cc:3f:b1:3f:16:4c:9d:
ca:2d:19:4d:d4:ff:99:96:00:fe:7d:bf:19:23:cf:fd:6a:ca:
6d:aa:66:d8:d5:1c:ca:2a:00:bb:e0:e4:c3:da:d3:da:1a:aa:
66:f4:f0:14:b1:d1:24:2b:04:38:39:ed:16:0d:fd:81:91:9d:
1c:c5:b8:fd:47:b7:60:f1:2a:d2:7e:07:4b:60:08:3f:90:cf:
98:d4:22:4b:99:ec:bb:35:ea:a5:30:80:a2:8b:12:1b:5f:c6:
d8:a6:97:90:8b:a1:2d:f2:4e:61:0e:6b:43:0f:4b:74:3b:4a:
76:34:75:73:ca:9c:f0:e7:25:b1:5d:6b:02:cb:50:a6:5f:2a:
ee:81:a8:4d:e4:c0:f8:b1:4e:27:07:bb:6d:d9:45:41:90:b8:
16:c6:ff:9e:1f:17:12:e2:61:5f:9b:f3:dc:da:93:06:5b:14:
31:50:bb:3d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZXtSNtJONr6CvEP5/xCDJ8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMzMxMTczODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZjNTVhOGU3YWM1ZDYwM2I1MjU5ZWU1NzFiYTEyNzhkNGFlMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjdcr+PwmoZzthSCzsxc0m461i/x
+U1qkRGn62zc2QlWlI2GOyhkUWgzdrohRkIsTunpPjS8Ka5KDIydEGu9YU8kGFdF
fkMEKZ3KjWZKXbB1YFIlqrYoy6tmN2VIY3KaDuKE0rdhuSo3/+XwMHWABiZo9dOW
e5jLNsfMrIzzRu7kKhyf9rJooABgeqDho2+I2EikQHbR6q9CPYtpAz8Z9aVTo+LB
V8gNZe9HLlGRJA0nsN2o7Pf3mn1qY1e7iYJ1686cfv3c9ycsF+dt1rK61RwowERB
3pLolHaPOrDbi9gWPh7y3W8bSERGrLd+HHAnfP0OCFy0voWVyajJYBSc9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCT8VajnrF1gO1JZ7lcboSeNSuJxMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvSlB4VnFPZXNYV0E3VWxudVZ4dWhKNDFLNG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/RwMF
ACoRwQEwDQYJKoZIhvcNAQELBQADggEBADNVuytW9E/iJWnIyIxwTDoaC5srphoA
YBW8SVFsqvNbxaGTM6Lvc7CGOr9bR1O25XxoxtNYSzexBw/rdW4YZwfgK8etaYAy
PhWhCI2YKUR+UB75zD+xPxZMncotGU3U/5mWAP59vxkjz/1qym2qZtjVHMoqALvg
5MPa09oaqmb08BSx0SQrBDg57RYN/YGRnRzFuP1Ht2DxKtJ+B0tgCD+Qz5jUIkuZ
7Ls16qUwgKKLEhtfxtiml5CLoS3yTmEOa0MPS3Q7SnY0dXPKnPDnJbFdawLLUKZf
Ku6BqE3kwPixTicHu23ZRUGQuBbG/54fFxLiYV+b89zakwZbFDFQuz0=
-----END CERTIFICATE-----
Generated at Tue Apr 29 15:19:46 2025 by rpki-client