Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gFb9x271QBGkbm_V99LlzxCgJxI.roa
File: gFb9x271QBGkbm_V99LlzxCgJxI.roa (raw, json)
Hash identifier: huwLTVesXGNnDKL5SUro7bJazoEk4WukGdkUsnUSSZI=
Subject key identifier: 80:56:FD:C7:6E:F5:40:11:A4:6E:6F:D5:F7:D2:E5:CF:10:A0:27:12
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0195AAB3940C6736F9042F5201064548290E
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gFb9x271QBGkbm_V99LlzxCgJxI.roa
Signing time: Tue 18 Mar 2025 19:20:50 +0000
ROA not before: Tue 18 Mar 2025 19:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a09:3707::/32 maxlen: 32
2a09:da43::/32 maxlen: 32
2a11:5a47::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:b3:94:0c:67:36:f9:04:2f:52:01:06:45:48:29:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Mar 18 19:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8056fdc76ef54011a46e6fd5f7d2e5cf10a02712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:14:ab:fd:5d:a5:d1:86:c5:fc:3f:8b:74:7d:
c5:97:53:50:b9:45:38:cb:73:c0:25:e7:5a:76:46:
b6:17:34:78:74:d8:00:f6:ca:10:e6:5a:c5:a5:55:
09:ca:80:75:62:bd:08:57:9f:00:91:f3:9b:9f:93:
94:02:85:1c:f1:70:19:84:fb:04:1f:af:f5:92:c3:
fd:18:25:a5:77:a5:a7:e1:4e:ae:ba:38:13:82:90:
59:7c:ae:d0:6e:07:4a:ea:1d:f0:9e:44:7d:3e:09:
02:00:64:75:2f:2b:8f:cb:32:34:67:4d:7b:d2:2f:
d8:b6:29:0e:d9:e7:ca:02:9d:89:28:00:19:ae:8e:
e2:65:7d:c3:fa:55:d4:d8:fd:91:b5:e6:10:d4:24:
2f:19:be:4b:0e:48:60:89:5e:ba:2e:54:c9:00:d4:
8b:9a:96:ae:f1:93:12:12:19:26:81:54:06:3f:bb:
17:42:ad:45:2b:84:13:0b:c3:fc:3d:3d:fa:bc:de:
d8:89:81:b4:83:5a:74:40:1d:a2:e9:0b:c4:f0:a8:
23:83:ad:2e:ea:c6:77:13:c3:1e:8a:1b:b8:66:d0:
90:39:3e:01:45:aa:9e:6b:17:43:57:3a:cb:e1:b1:
72:4a:53:4d:5d:96:5d:c2:84:e5:9d:3a:ea:c1:37:
73:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:56:FD:C7:6E:F5:40:11:A4:6E:6F:D5:F7:D2:E5:CF:10:A0:27:12
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/gFb9x271QBGkbm_V99LlzxCgJxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3707::/32
2a09:da43::/32
2a11:5a47::/32
Signature Algorithm: sha256WithRSAEncryption
a0:60:5b:a1:5e:f4:06:81:a5:d4:90:21:96:65:09:95:ae:19:
0a:3e:1b:8a:ba:e3:d1:c1:66:dd:c1:3a:48:43:8d:88:12:e9:
99:87:de:c5:7c:be:d4:2f:60:26:7b:fa:2b:b2:62:9e:bf:12:
9b:3b:82:9c:28:1f:55:60:77:06:66:ac:4e:66:39:08:20:0c:
0a:4e:af:68:eb:15:01:bd:47:be:9d:6f:18:52:51:ad:b1:4a:
c0:a4:70:7d:22:9a:84:5b:fb:d2:6a:31:91:fc:d2:56:c3:62:
a7:d0:db:62:bb:7e:d1:1d:cf:2d:6a:76:38:a2:d7:34:dc:8e:
b9:e1:76:a0:17:d6:2b:e5:e6:5d:9c:7e:1a:72:e2:39:51:16:
66:d2:bd:e5:c6:fc:ae:e4:eb:fb:ba:30:08:1c:a6:11:ae:21:
ec:3a:df:9a:cf:ea:da:a6:a2:0d:84:27:36:e5:e1:18:3b:02:
08:16:d0:76:21:60:cd:02:9f:87:ee:62:42:32:61:e1:91:3d:
00:9b:57:a7:89:45:51:2d:f9:6c:a6:ad:2d:cb:dd:da:d5:2f:
99:77:e0:de:a7:a8:29:4e:83:e1:72:4a:1f:f6:ae:12:dc:f2:
fe:d9:f5:bb:40:6c:75:cc:37:e6:df:b4:51:83:8a:08:3d:00:
31:11:83:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWqs5QMZzb5BC9SAQZFSCkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMzE4MTkyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU2ZmRjNzZlZjU0MDExYTQ2ZTZmZDVmN2QyZTVjZjEwYTAyNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRSr/V2l0YbF/D+LdH3Fl1NQuUU4
y3PAJedadka2FzR4dNgA9soQ5lrFpVUJyoB1Yr0IV58AkfObn5OUAoUc8XAZhPsE
H6/1ksP9GCWld6Wn4U6uujgTgpBZfK7QbgdK6h3wnkR9PgkCAGR1LyuPyzI0Z017
0i/YtikO2efKAp2JKAAZro7iZX3D+lXU2P2RteYQ1CQvGb5LDkhgiV66LlTJANSL
mpau8ZMSEhkmgVQGP7sXQq1FK4QTC8P8PT36vN7YiYG0g1p0QB2i6QvE8Kgjg60u
6sZ3E8Meihu4ZtCQOT4BRaqeaxdDVzrL4bFySlNNXZZdwoTlnTrqwTdziwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIBW/cdu9UARpG5v1ffS5c8QoCcSMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvZ0ZiOXgyNzFRQkdrYm1fVjk5TGx6eENnSnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgk3BwMF
ACoJ2kMDBQAqEVpHMA0GCSqGSIb3DQEBCwUAA4IBAQCgYFuhXvQGgaXUkCGWZQmV
rhkKPhuKuuPRwWbdwTpIQ42IEumZh97FfL7UL2Ame/orsmKevxKbO4KcKB9VYHcG
ZqxOZjkIIAwKTq9o6xUBvUe+nW8YUlGtsUrApHB9IpqEW/vSajGR/NJWw2Kn0Nti
u37RHc8tanY4otc03I654XagF9Yr5eZdnH4acuI5URZm0r3lxvyu5Ov7ujAIHKYR
riHsOt+az+rapqINhCc25eEYOwIIFtB2IWDNAp+H7mJCMmHhkT0Am1eniUVRLfls
pq0ty93a1S+Zd+Dep6gpToPhckof9q4S3PL+2fW7QGx1zDfm37RRg4oIPQAxEYML
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:46 2025 by rpki-client