Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/d3NwjCX2tpLccso9xzpooTGtK9w.roa
File: d3NwjCX2tpLccso9xzpooTGtK9w.roa (raw, json)
Hash identifier: pgH8J2lS1fxzmwArrrvOFqK3bVtREWoYMzXdP+SUXUM=
Subject key identifier: 77:73:70:8C:25:F6:B6:92:DC:72:CA:3D:C7:3A:68:A1:31:AD:2B:DC
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0195763B6997C211C303F35767A793D65427
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/d3NwjCX2tpLccso9xzpooTGtK9w.roa
Signing time: Sat 08 Mar 2025 14:49:19 +0000
ROA not before: Sat 08 Mar 2025 14:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213891
IP address blocks: 2a14:67c1:a060::/44 maxlen: 48
2a14:67c1:b000::/40 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Mar 2025 18:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:76:3b:69:97:c2:11:c3:03:f3:57:67:a7:93:d6:54:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Mar 8 14:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7773708c25f6b692dc72ca3dc73a68a131ad2bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8d:3c:72:02:5f:2b:04:9a:fa:97:44:df:c4:
f6:1a:df:f7:1b:01:b9:69:2d:f2:81:5b:b2:53:89:
f1:0c:16:0b:f1:e4:57:fa:04:d1:d7:27:eb:cd:97:
6f:d5:81:eb:18:1a:b5:f3:01:c9:d6:a8:1a:d7:bc:
14:9f:5d:fc:14:b1:db:9c:30:e5:d7:1a:4c:c2:23:
db:96:3d:67:af:2b:b4:23:47:94:23:a2:b8:eb:8e:
49:0d:25:e1:75:88:f2:a9:61:10:5f:a9:f0:e7:3a:
b8:64:6e:1d:22:1d:2c:3b:b7:d0:45:0a:6b:e0:52:
4d:a0:b9:19:58:59:1e:c9:6a:12:17:9a:26:f3:05:
cd:01:35:e2:17:aa:e9:50:3b:c5:8c:48:aa:20:7c:
6e:ef:e1:2e:b3:57:92:7a:37:55:9b:d0:b6:f7:69:
24:8c:6b:60:1c:bc:12:d2:3a:b6:59:77:00:91:c0:
a8:d6:60:8c:f7:eb:e0:f8:c1:ed:2e:cb:fc:1e:10:
d6:e5:cd:bf:fc:ab:8d:27:68:b4:eb:bb:31:5c:f4:
83:c4:03:8c:d2:dd:d0:d7:a6:31:c0:29:ae:7c:53:
89:f7:8c:e9:07:14:60:08:5d:f1:ab:b7:9e:65:21:
00:f8:fa:4c:26:7d:f1:c2:85:a2:db:a3:df:e1:5e:
dd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:73:70:8C:25:F6:B6:92:DC:72:CA:3D:C7:3A:68:A1:31:AD:2B:DC
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/d3NwjCX2tpLccso9xzpooTGtK9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a060::/44
2a14:67c1:b000::/40
Signature Algorithm: sha256WithRSAEncryption
99:92:07:3e:c4:4d:57:09:f9:90:40:34:7e:06:ee:a2:4c:7d:
68:48:f9:95:6d:55:53:7f:d9:18:90:ad:dc:21:df:9f:fb:7c:
13:c2:c3:a6:70:89:79:47:9d:aa:70:ad:2e:64:97:30:92:e6:
5d:35:d1:a7:6c:eb:38:15:c9:42:b0:f3:b7:16:60:60:b3:a9:
b9:c3:a4:3d:26:24:51:af:ea:4b:99:44:ea:f4:14:a7:68:e4:
7b:b3:30:1f:b0:95:73:3b:fb:1a:12:8b:70:1a:ab:62:f5:1a:
d0:e2:b7:c7:57:22:41:7d:65:1c:1d:a6:19:ec:c8:25:e6:3b:
c9:99:60:16:94:7e:32:eb:10:7f:7d:25:63:a3:da:0f:f2:cb:
24:14:6c:65:4f:9b:ae:89:30:81:a7:10:f0:9f:c6:0e:47:15:
be:93:95:e6:10:87:64:8c:40:7f:10:a4:1a:6d:03:37:fd:4b:
e8:db:a0:89:12:f6:2e:7f:9d:19:2d:1c:0a:19:46:41:01:d0:
93:5b:45:9d:ed:15:29:d1:ad:1d:d8:09:10:48:c6:83:09:e0:
22:60:be:00:12:9f:6f:af:7f:3c:91:04:98:e1:83:be:a7:e6:
5e:f4:23:92:ef:e5:48:14:3b:87:fe:b0:df:f1:0e:a7:ec:90:
25:82:a0:d0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZV2O2mXwhHDA/NXZ6eT1lQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMzA4MTQ0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzczNzA4YzI1ZjZiNjkyZGM3MmNhM2RjNzNhNjhhMTMxYWQyYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0I08cgJfKwSa+pdE38T2Gt/3GwG5
aS3ygVuyU4nxDBYL8eRX+gTR1yfrzZdv1YHrGBq18wHJ1qga17wUn138FLHbnDDl
1xpMwiPblj1nryu0I0eUI6K4645JDSXhdYjyqWEQX6nw5zq4ZG4dIh0sO7fQRQpr
4FJNoLkZWFkeyWoSF5om8wXNATXiF6rpUDvFjEiqIHxu7+Eus1eSejdVm9C292kk
jGtgHLwS0jq2WXcAkcCo1mCM9+vg+MHtLsv8HhDW5c2//KuNJ2i067sxXPSDxAOM
0t3Q16YxwCmufFOJ94zpBxRgCF3xq7eeZSEA+PpMJn3xwoWi26Pf4V7dOQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHdzcIwl9raS3HLKPcc6aKExrSvcMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvZDNOd2pDWDJ0cExjY3NvOXh6cG9vVEd0Szl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhRnwaBg
AwYAKhRnwbAwDQYJKoZIhvcNAQELBQADggEBAJmSBz7ETVcJ+ZBANH4G7qJMfWhI
+ZVtVVN/2RiQrdwh35/7fBPCw6ZwiXlHnapwrS5klzCS5l010ads6zgVyUKw87cW
YGCzqbnDpD0mJFGv6kuZROr0FKdo5HuzMB+wlXM7+xoSi3Aaq2L1GtDit8dXIkF9
ZRwdphnsyCXmO8mZYBaUfjLrEH99JWOj2g/yyyQUbGVPm66JMIGnEPCfxg5HFb6T
leYQh2SMQH8QpBptAzf9S+jboIkS9i5/nRktHAoZRkEB0JNbRZ3tFSnRrR3YCRBI
xoMJ4CJgvgASn2+vfzyRBJjhg76n5l70I5Lv5UgUO4f+sN/xDqfskCWCoNA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:52:09 2025 by rpki-client