Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/piRZFNFHopTOzexH68wttQRvcJc.roa
File: piRZFNFHopTOzexH68wttQRvcJc.roa (raw, json)
Hash identifier: By597QDH+CF5ZOlPcDgdoRwjvMcimLi/HdHUSCjk/MQ=
Subject key identifier: A6:24:59:14:D1:47:A2:94:CE:CD:EC:47:EB:CC:2D:B5:04:6F:70:97
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0195ED47F1799F76447228B476822A00797C
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/piRZFNFHopTOzexH68wttQRvcJc.roa
Signing time: Mon 31 Mar 2025 17:37:49 +0000
ROA not before: Mon 31 Mar 2025 17:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a09:3707::/32 maxlen: 32
2a09:da43::/32 maxlen: 32
2a11:5a47::/32 maxlen: 32
2a12:1540::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Apr 2025 14:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:47:f1:79:9f:76:44:72:28:b4:76:82:2a:00:79:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Mar 31 17:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6245914d147a294cecdec47ebcc2db5046f7097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7b:5a:65:e6:46:ec:32:6f:d3:2f:07:3a:e5:
96:c6:08:25:0d:c5:5d:8a:36:99:3c:19:78:ba:aa:
92:3d:be:34:9f:ae:6c:9e:29:c9:23:66:bc:4c:5f:
30:e0:ad:b0:37:49:35:97:56:f6:f1:be:33:fe:4a:
65:88:34:bf:6e:e6:55:c5:69:fa:78:34:e3:f6:71:
73:5a:67:1f:d7:10:fe:54:30:04:36:77:63:ec:30:
bf:3b:79:c1:77:c3:14:ad:db:e6:ad:f2:14:55:91:
2b:6e:3e:e8:48:83:97:2e:4c:5f:9c:63:c3:dd:1d:
57:62:e2:d5:82:50:6d:06:ab:69:1f:0a:41:87:f5:
aa:09:b9:6a:cd:1a:a2:e2:39:01:3e:37:4d:89:99:
0d:94:c3:95:bb:f1:7e:00:13:21:8f:e0:b7:47:d6:
32:19:cd:a3:89:72:93:ce:64:c4:d7:cb:1a:d8:53:
36:72:02:90:75:a2:1e:d6:d6:8b:67:10:9d:d6:0a:
c5:9e:cd:b2:61:b1:b0:69:40:bd:7a:92:0b:26:85:
d0:ce:93:87:e2:0a:d5:20:43:fb:c8:c2:a0:d3:20:
8f:fd:3e:82:01:78:c0:42:64:7a:3d:c5:c3:9a:6b:
95:8c:2e:26:15:d9:1d:52:28:6f:06:77:58:f2:dc:
b7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:24:59:14:D1:47:A2:94:CE:CD:EC:47:EB:CC:2D:B5:04:6F:70:97
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/piRZFNFHopTOzexH68wttQRvcJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3707::/32
2a09:da43::/32
2a11:5a47::/32
2a12:1540::/32
Signature Algorithm: sha256WithRSAEncryption
b9:4f:03:01:05:dc:63:11:4f:8a:a7:56:7c:0a:ba:20:1c:44:
2d:d6:cc:8a:ce:65:b7:66:44:12:76:e7:d9:b6:74:b1:c6:2c:
7d:fc:d0:5a:01:0f:05:8f:19:67:dc:ab:6c:d2:26:b7:23:1c:
34:8a:f9:b2:c8:d4:76:46:33:72:c3:82:2b:b6:1e:35:2f:d0:
d9:cd:d3:46:d9:3b:37:bc:fd:a6:0b:29:d8:4d:25:1b:71:fc:
84:5d:be:dc:d5:b4:77:41:89:2c:6e:c8:af:df:74:98:2b:b7:
2b:fb:90:b3:90:3e:59:2f:28:be:6e:09:41:ff:b5:fb:c7:e6:
0e:33:8d:1e:4c:e7:b7:8b:08:96:8f:63:67:95:c4:d6:67:a8:
ac:c5:97:79:64:cf:47:57:eb:8d:4a:c8:f2:21:cb:e7:44:2a:
ed:08:1b:da:cc:7a:94:1f:66:8d:2a:6f:95:de:f4:03:c0:a6:
56:f2:c5:37:cd:6a:e6:b2:ba:3e:a5:f4:5d:d1:15:cb:cb:7a:
f7:12:7f:75:80:81:92:94:79:e1:00:f5:40:b9:ec:7e:5a:82:
fe:ba:f2:f2:17:ba:66:1c:89:e8:91:70:ab:ee:88:9b:f8:89:
37:96:59:10:bc:4d:d9:8f:92:30:72:12:e7:17:12:da:be:7e:
fd:29:87:f6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZXtR/F5n3ZEcii0doIqAHl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMzMxMTczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI0NTkxNGQxNDdhMjk0Y2VjZGVjNDdlYmNjMmRiNTA0NmY3MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXtaZeZG7DJv0y8HOuWWxgglDcVd
ijaZPBl4uqqSPb40n65sninJI2a8TF8w4K2wN0k1l1b28b4z/kpliDS/buZVxWn6
eDTj9nFzWmcf1xD+VDAENndj7DC/O3nBd8MUrdvmrfIUVZErbj7oSIOXLkxfnGPD
3R1XYuLVglBtBqtpHwpBh/WqCblqzRqi4jkBPjdNiZkNlMOVu/F+ABMhj+C3R9Yy
Gc2jiXKTzmTE18sa2FM2cgKQdaIe1taLZxCd1grFns2yYbGwaUC9epILJoXQzpOH
4grVIEP7yMKg0yCP/T6CAXjAQmR6PcXDmmuVjC4mFdkdUihvBndY8ty3PQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKYkWRTRR6KUzs3sR+vMLbUEb3CXMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvcGlSWkZORkhvcFRPemV4SDY4d3R0UVJ2Y0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgk3BwMF
ACoJ2kMDBQAqEVpHAwUAKhIVQDANBgkqhkiG9w0BAQsFAAOCAQEAuU8DAQXcYxFP
iqdWfAq6IBxELdbMis5lt2ZEEnbn2bZ0scYsffzQWgEPBY8ZZ9yrbNImtyMcNIr5
ssjUdkYzcsOCK7YeNS/Q2c3TRtk7N7z9pgsp2E0lG3H8hF2+3NW0d0GJLG7Ir990
mCu3K/uQs5A+WS8ovm4JQf+1+8fmDjONHkznt4sIlo9jZ5XE1meorMWXeWTPR1fr
jUrI8iHL50Qq7Qgb2sx6lB9mjSpvld70A8CmVvLFN81q5rK6PqX0XdEVy8t69xJ/
dYCBkpR54QD1QLnsflqC/rry8he6ZhyJ6JFwq+6Im/iJN5ZZELxN2Y+SMHIS5xcS
2r5+/SmH9g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:27:09 2025 by rpki-client