Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xjzT1XK8gAZUV2Yvp1g1j3inv8.roa
File: 2xjzT1XK8gAZUV2Yvp1g1j3inv8.roa (raw, json)
Hash identifier: tlmVWgd4Kt7C9peRVrKb4UJ6/QwGu3oscLin4EU6Ig8=
Subject key identifier: DB:18:F3:4F:55:CA:F2:00:19:51:5D:98:BE:9D:60:D6:3D:E2:9E:FF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195FA68D9E22043D0E27F00CF5EE6C57D3E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xjzT1XK8gAZUV2Yvp1g1j3inv8.roa
Signing time: Thu 03 Apr 2025 06:48:50 +0000
ROA not before: Thu 03 Apr 2025 06:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62553
IP address blocks: 2a13:9f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Apr 2025 13:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:68:d9:e2:20:43:d0:e2:7f:00:cf:5e:e6:c5:7d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 3 06:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db18f34f55caf20019515d98be9d60d63de29eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:60:24:2a:84:86:76:ed:ca:e2:2a:2e:f2:7f:
7c:f3:38:0e:a3:9a:6e:4e:0e:c4:01:e7:2b:10:5e:
b2:a7:8f:60:33:a1:2f:c5:a6:2b:e4:43:d3:ed:ee:
fd:a0:8c:e5:77:dd:a6:46:bd:de:6f:9d:af:e0:a4:
1f:41:d4:f6:56:c8:ad:e9:97:35:03:c2:63:f1:c9:
fc:7c:87:64:5e:b0:1a:5f:f0:14:dd:d2:68:54:71:
5c:5d:55:42:47:57:cf:91:00:14:2a:33:a2:e0:a6:
64:48:ed:e2:18:18:a9:68:33:9a:06:27:f8:fa:29:
35:50:0a:87:4b:a1:a6:7b:cd:a2:c2:e5:21:e4:5e:
3b:a5:31:b6:64:fa:f7:f1:90:53:71:13:70:e0:9a:
b8:22:75:6b:56:51:80:2a:5b:ad:bd:ae:d8:56:40:
45:7c:a9:7e:86:53:ed:f4:17:58:e4:cf:42:d3:e1:
8c:db:78:77:28:41:56:f3:7f:56:0c:54:74:99:31:
1b:e7:c7:7f:8a:bb:24:14:44:35:c7:3b:7d:b8:b6:
2f:0c:fe:a9:fe:05:89:fb:d5:86:bd:e8:71:27:67:
8e:14:d3:33:50:99:9d:3a:43:2d:64:7f:4e:05:f4:
9d:a0:5d:80:85:64:c6:df:ff:a9:38:49:24:b7:af:
51:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:18:F3:4F:55:CA:F2:00:19:51:5D:98:BE:9D:60:D6:3D:E2:9E:FF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xjzT1XK8gAZUV2Yvp1g1j3inv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
16:53:ab:e3:72:be:7e:e3:20:87:04:6b:0c:18:92:79:78:6b:
0c:35:0e:e0:28:50:5b:81:e5:04:a6:82:87:d2:b9:79:8f:7c:
a9:6c:dd:76:64:02:96:40:4b:49:3e:a9:bd:ea:4c:ff:d1:7f:
14:c0:e5:92:a7:0e:81:3b:b3:96:56:17:0e:d3:68:14:bc:fb:
4f:00:f6:04:bb:59:a8:43:65:0b:30:de:0a:a6:ce:2f:f9:28:
17:db:a2:0a:a5:23:84:e2:db:b9:59:99:68:49:c7:ff:ca:df:
a9:13:11:66:35:81:63:e4:f2:7d:20:87:a6:4b:77:48:de:0c:
28:36:ba:0d:de:65:27:2d:ab:18:94:28:71:0f:db:9a:93:b9:
3f:b7:e0:9d:bd:c2:53:22:2a:e0:a0:9d:57:c8:3b:d9:59:25:
24:33:68:64:52:70:c2:53:e8:ea:85:77:63:a4:11:14:66:d5:
e6:d5:30:74:d3:a4:f8:4e:c7:40:34:4e:94:a2:07:83:37:e7:
a9:6d:e4:fd:32:56:ca:5d:b4:5c:b5:d9:22:c6:4b:21:34:f8:
19:58:b4:6f:e3:38:4b:44:ab:c2:b3:0d:49:ac:b8:ef:c5:14:
52:f2:23:75:dd:e6:e0:5a:83:b4:d8:a2:a0:98:cc:ce:57:de:
5c:73:d2:8c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZX6aNniIEPQ4n8Az17mxX0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDAzMDY0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE4ZjM0ZjU1Y2FmMjAwMTk1MTVkOThiZTlkNjBkNjNkZTI5ZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimAkKoSGdu3K4iou8n988zgOo5pu
Tg7EAecrEF6yp49gM6EvxaYr5EPT7e79oIzld92mRr3eb52v4KQfQdT2Vsit6Zc1
A8Jj8cn8fIdkXrAaX/AU3dJoVHFcXVVCR1fPkQAUKjOi4KZkSO3iGBipaDOaBif4
+ik1UAqHS6Gme82iwuUh5F47pTG2ZPr38ZBTcRNw4Jq4InVrVlGAKlutva7YVkBF
fKl+hlPt9BdY5M9C0+GM23h3KEFW839WDFR0mTEb58d/irskFEQ1xzt9uLYvDP6p
/gWJ+9WGvehxJ2eOFNMzUJmdOkMtZH9OBfSdoF2AhWTG3/+pOEkkt69RGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNsY809VyvIAGVFdmL6dYNY94p7/MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMnhqelQxWEs4Z0FaVVYyWXZwMWcxajNpbnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOfADAN
BgkqhkiG9w0BAQsFAAOCAQEAFlOr43K+fuMghwRrDBiSeXhrDDUO4ChQW4HlBKaC
h9K5eY98qWzddmQClkBLST6pvepM/9F/FMDlkqcOgTuzllYXDtNoFLz7TwD2BLtZ
qENlCzDeCqbOL/koF9uiCqUjhOLbuVmZaEnH/8rfqRMRZjWBY+TyfSCHpkt3SN4M
KDa6Dd5lJy2rGJQocQ/bmpO5P7fgnb3CUyIq4KCdV8g72VklJDNoZFJwwlPo6oV3
Y6QRFGbV5tUwdNOk+E7HQDROlKIHgzfnqW3k/TJWyl20XLXZIsZLITT4GVi0b+M4
S0SrwrMNSay478UUUvIjdd3m4FqDtNiioJjMzlfeXHPSjA==
-----END CERTIFICATE-----
Generated at Thu Jun 19 19:27:23 2025 by rpki-client