Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/W90bopzUhY1BoI__DDfbzQlMUKY.roa
File: W90bopzUhY1BoI__DDfbzQlMUKY.roa (raw, json)
Hash identifier: +GtLmr1LpBC4F8c1Jx2FobyAbcx1khbZDMksfvHrPcg=
Subject key identifier: 5B:DD:1B:A2:9C:D4:85:8D:41:A0:8F:FF:0C:37:DB:CD:09:4C:50:A6
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019644B9D043D43850A642D55182AE513C50
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/W90bopzUhY1BoI__DDfbzQlMUKY.roa
Signing time: Thu 17 Apr 2025 17:09:10 +0000
ROA not before: Thu 17 Apr 2025 17:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:8443::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:d085::/32 maxlen: 32
2a12:4c01::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Apr 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:b9:d0:43:d4:38:50:a6:42:d5:51:82:ae:51:3c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 17 17:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bdd1ba29cd4858d41a08fff0c37dbcd094c50a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f5:92:5b:27:e1:b5:ea:03:85:98:f0:48:71:
3d:c2:2e:2d:fa:02:2c:8f:07:88:bb:f9:d2:76:a6:
15:60:31:d0:1a:0b:6e:f6:ac:1e:25:c3:d9:73:e5:
62:1f:01:09:dc:08:35:43:7c:d4:df:b1:84:7a:65:
ad:c0:b8:45:21:3f:95:cd:79:e6:cb:ef:27:13:71:
59:57:4a:ae:3b:25:f4:60:77:94:1a:e5:60:ab:9d:
3c:07:a9:0e:00:f9:7b:f3:4a:fb:10:10:ca:09:04:
7b:95:4b:ba:9d:81:ed:45:bd:61:4a:26:46:76:34:
fb:98:98:62:3d:9a:a2:56:67:72:1a:8a:f6:de:df:
e2:1b:f2:b8:c0:a8:61:7d:19:5b:be:ef:54:45:01:
c6:ec:9b:6c:40:b7:74:8b:a3:ef:a7:79:e3:fa:b1:
ce:46:58:e0:ad:5f:ac:da:61:c7:28:d6:4f:87:85:
92:f9:89:75:a5:32:b4:82:7e:9a:63:bd:cb:d7:8d:
a9:0c:01:61:1c:f4:94:f0:08:73:bb:32:09:24:f1:
7f:8c:a3:09:4f:91:55:7b:43:ed:3e:47:6b:8a:2e:
8d:a4:c2:d7:9f:85:d4:ab:a5:06:d6:81:91:c3:3e:
75:9c:20:21:41:b0:30:22:bb:35:09:76:41:c5:a5:
e1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DD:1B:A2:9C:D4:85:8D:41:A0:8F:FF:0C:37:DB:CD:09:4C:50:A6
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/W90bopzUhY1BoI__DDfbzQlMUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8443::/32
2a11:b785::/32
2a11:d085::/32
2a12:4c01::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
20:8a:b2:f3:2e:cf:ee:64:6b:89:5b:f4:78:1c:f4:9e:5a:24:
9f:a4:ac:40:0c:2b:2f:e2:31:ab:be:12:4e:9f:9e:74:d0:66:
d4:6a:3f:22:e0:f8:b6:91:2b:ce:ae:ad:91:ad:ae:0a:c3:19:
6d:2e:81:27:63:85:06:e2:2e:c0:ba:0e:41:b0:40:2d:e6:87:
b5:e6:23:8d:8e:ab:fc:66:3c:9f:74:52:52:72:4e:2c:5b:0d:
a1:5e:e5:ba:ed:2d:f1:66:35:3c:03:97:ee:82:7d:11:12:91:
67:8c:84:01:b2:b3:07:8f:a5:df:cf:37:fc:6c:a8:2e:fe:3d:
93:90:34:2c:7a:cd:9c:79:4d:fb:65:c9:72:39:71:19:3a:1f:
10:fe:44:f3:70:71:37:e2:df:9b:70:2b:c5:b2:53:e5:1d:8b:
af:7f:28:58:af:ea:a8:2d:c4:03:58:f1:ee:88:c7:0e:b2:49:
4d:01:6d:9a:6d:82:51:ab:c4:0f:c9:76:8a:18:fd:1c:90:37:
01:3d:3a:87:f6:57:51:e1:d0:74:31:c8:93:ea:8a:03:f8:3f:
07:a9:1e:62:6a:1f:9e:b1:b1:5d:3c:af:05:7a:fe:ad:18:45:
b9:4c:ee:e7:dc:df:54:4d:47:c2:7b:72:b1:c8:2e:95:17:f2:
79:3a:f9:0f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZZEudBD1DhQpkLVUYKuUTxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDE3MTcwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRkMWJhMjljZDQ4NThkNDFhMDhmZmYwYzM3ZGJjZDA5NGM1MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vWSWyfhteoDhZjwSHE9wi4t+gIs
jweIu/nSdqYVYDHQGgtu9qweJcPZc+ViHwEJ3Ag1Q3zU37GEemWtwLhFIT+VzXnm
y+8nE3FZV0quOyX0YHeUGuVgq508B6kOAPl780r7EBDKCQR7lUu6nYHtRb1hSiZG
djT7mJhiPZqiVmdyGor23t/iG/K4wKhhfRlbvu9URQHG7JtsQLd0i6Pvp3nj+rHO
RljgrV+s2mHHKNZPh4WS+Yl1pTK0gn6aY73L142pDAFhHPSU8AhzuzIJJPF/jKMJ
T5FVe0PtPkdrii6NpMLXn4XUq6UG1oGRwz51nCAhQbAwIrs1CXZBxaXhHwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFvdG6Kc1IWNQaCP/ww3280JTFCmMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvVzkwYm9welVoWTFCb0lfX0REZmJ6UWxNVUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhGEQwMF
ACoRt4UDBQAqEdCFAwUAKhJMAQMFACoSTAYwDQYJKoZIhvcNAQELBQADggEBACCK
svMuz+5ka4lb9Hgc9J5aJJ+krEAMKy/iMau+Ek6fnnTQZtRqPyLg+LaRK86urZGt
rgrDGW0ugSdjhQbiLsC6DkGwQC3mh7XmI42Oq/xmPJ90UlJyTixbDaFe5brtLfFm
NTwDl+6CfRESkWeMhAGyswePpd/PN/xsqC7+PZOQNCx6zZx5TftlyXI5cRk6HxD+
RPNwcTfi35twK8WyU+Udi69/KFiv6qgtxANY8e6Ixw6ySU0BbZptglGrxA/JdooY
/RyQNwE9Oof2V1Hh0HQxyJPqigP4PwepHmJqH56xsV08rwV6/q0YRblM7ufc31RN
R8J7crHILpUX8nk6+Q8=
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:42:25 2025 by rpki-client