Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U1q_ATh_YB6aH3RpYWS0_Xydf80.roa
File: U1q_ATh_YB6aH3RpYWS0_Xydf80.roa (raw, json)
Hash identifier: W4NzRDTc9ZOpPAXa92BaDSHe8sPj+IkyZGDdWz1XX3U=
Subject key identifier: 53:5A:BF:01:38:7F:60:1E:9A:1F:74:69:61:64:B4:FD:7C:9D:7F:CD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01973B5B7145B3376501DC5586F3341AF5B2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U1q_ATh_YB6aH3RpYWS0_Xydf80.roa
Signing time: Wed 04 Jun 2025 14:32:17 +0000
ROA not before: Wed 04 Jun 2025 14:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0f:ee00::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a13:1380::/29 maxlen: 29
2a13:2c40::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a13:9f00::/29 maxlen: 29
2a13:cf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 06 Jun 2025 06:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:5b:71:45:b3:37:65:01:dc:55:86:f3:34:1a:f5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 4 14:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=535abf01387f601e9a1f74696164b4fd7c9d7fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:f4:b0:41:35:30:17:38:6a:a3:e6:47:bb:
40:c8:4c:53:47:04:a7:49:99:8c:c5:71:74:c2:c7:
f3:ae:7f:74:37:d1:0f:06:d6:da:26:c5:c8:4c:48:
79:54:03:85:26:85:1c:8e:2b:b1:cc:3d:be:9a:cb:
64:28:eb:18:66:b1:5b:87:88:ca:b5:f8:b2:f6:1e:
cb:c5:e3:04:a5:c4:2a:9a:a2:c3:a9:85:f3:ba:8b:
6d:ec:d8:41:ac:4e:1e:b1:fa:3c:fd:b3:e4:bd:97:
ff:bb:be:9c:88:43:5e:d8:7e:65:2f:fd:a4:df:1e:
14:da:17:74:f8:d1:d4:0a:81:46:24:35:d1:27:72:
64:52:10:5a:d6:f4:33:32:76:43:db:ef:a9:1e:eb:
52:3a:bb:71:7b:39:4a:ed:35:95:c2:80:d8:eb:f5:
43:79:35:39:14:5f:50:1b:fd:0d:bc:b3:6e:55:08:
2e:66:91:39:25:c8:44:53:69:88:4b:43:e6:16:82:
67:0e:e5:aa:ce:23:a7:d0:48:6e:a8:96:aa:7b:0d:
47:62:bc:e9:51:65:2f:85:51:00:db:3b:bc:15:07:
9c:3d:9a:31:29:4e:fe:1c:db:f8:49:98:9e:07:42:
ed:45:62:e6:af:29:c6:a2:a0:e4:f7:3a:78:5d:ae:
8d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5A:BF:01:38:7F:60:1E:9A:1F:74:69:61:64:B4:FD:7C:9D:7F:CD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/U1q_ATh_YB6aH3RpYWS0_Xydf80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ee00::/29
2a11:5c80::/29
2a13:1380::/29
2a13:2c40::/29
2a13:9380::/29
2a13:9f00::/29
2a13:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
b0:62:57:07:c3:a5:f9:db:11:04:80:3d:03:b8:21:01:0c:31:
06:49:82:a8:65:d6:88:3a:f5:5a:b1:4f:54:cb:ef:3b:f6:de:
54:13:d6:a5:1a:5d:80:72:b1:9a:6d:5f:d9:9d:24:71:d3:fc:
5f:c0:da:14:d6:94:6e:1e:39:b7:fb:4b:a6:48:5f:58:35:76:
d4:b9:f2:01:d6:7b:d8:5a:1f:bc:94:58:0b:a7:2d:4d:0a:40:
34:26:48:2e:7e:30:88:81:c0:a6:e4:79:d4:13:de:1a:24:08:
d5:24:b9:ff:ed:e1:9d:45:0e:ed:ce:3c:b0:6b:3f:00:00:eb:
e9:fd:6c:0b:80:62:3f:9d:e9:92:42:be:2c:ca:0c:79:5d:7d:
cf:90:d5:a6:86:01:9a:3c:a9:ca:5d:1a:b1:ee:16:3f:7c:98:
f6:59:13:1a:c8:69:5b:fa:71:3e:e4:f7:10:39:97:d3:e3:29:
28:7d:65:ef:c2:a7:ba:36:a8:fd:33:62:b6:4c:07:7e:8b:57:
5a:9d:34:26:59:18:c3:c0:02:3c:83:99:69:f6:08:74:89:55:
8f:92:1a:c1:42:e0:0a:02:5c:50:80:f6:e1:72:98:48:75:c4:
3b:12:84:43:c5:d9:b3:c5:3c:b5:96:0c:4e:76:91:91:a4:24:
e8:6c:4f:1b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZc7W3FFszdlAdxVhvM0GvWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjA0MTQzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzVhYmYwMTM4N2Y2MDFlOWExZjc0Njk2MTY0YjRmZDdjOWQ3ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti70sEE1MBc4aqPmR7tAyExTRwSn
SZmMxXF0wsfzrn90N9EPBtbaJsXITEh5VAOFJoUcjiuxzD2+mstkKOsYZrFbh4jK
tfiy9h7LxeMEpcQqmqLDqYXzuott7NhBrE4esfo8/bPkvZf/u76ciENe2H5lL/2k
3x4U2hd0+NHUCoFGJDXRJ3JkUhBa1vQzMnZD2++pHutSOrtxezlK7TWVwoDY6/VD
eTU5FF9QG/0NvLNuVQguZpE5JchEU2mIS0PmFoJnDuWqziOn0EhuqJaqew1HYrzp
UWUvhVEA2zu8FQecPZoxKU7+HNv4SZieB0LtRWLmrynGoqDk9zp4Xa6NgQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFFNavwE4f2Aemh90aWFktP18nX/NMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVTFxX0FUaF9ZQjZhSDNScFlXUzBfWHlkZjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg/uAAMF
AyoRXIADBQMqExOAAwUDKhMsQAMFAyoTk4ADBQMqE58AAwUDKhPPADANBgkqhkiG
9w0BAQsFAAOCAQEAsGJXB8Ol+dsRBIA9A7ghAQwxBkmCqGXWiDr1WrFPVMvvO/be
VBPWpRpdgHKxmm1f2Z0kcdP8X8DaFNaUbh45t/tLpkhfWDV21LnyAdZ72FofvJRY
C6ctTQpANCZILn4wiIHApuR51BPeGiQI1SS5/+3hnUUO7c48sGs/AADr6f1sC4Bi
P53pkkK+LMoMeV19z5DVpoYBmjypyl0ase4WP3yY9lkTGshpW/pxPuT3EDmX0+Mp
KH1l78Knujao/TNitkwHfotXWp00JlkYw8ACPIOZafYIdIlVj5IawULgCgJcUID2
4XKYSHXEOxKEQ8XZs8U8tZYMTnaRkaQk6GxPGw==
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:19:40 2025 by rpki-client