Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/D6NPywEn1JDfCsQa1CfAhF0jwQ8.roa
File: D6NPywEn1JDfCsQa1CfAhF0jwQ8.roa (raw, json)
Hash identifier: AGfGn379TRsypwahLghhJyWJR7gPgUlMfESkk6YFXHc=
Subject key identifier: 0F:A3:4F:CB:01:27:D4:90:DF:0A:C4:1A:D4:27:C0:84:5D:23:C1:0F
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0196169E4023C44914AE7E82DC305339108D
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/D6NPywEn1JDfCsQa1CfAhF0jwQ8.roa
Signing time: Tue 08 Apr 2025 18:16:31 +0000
ROA not before: Tue 08 Apr 2025 18:16:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0f:9c04::/32 maxlen: 32
2a11:68c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Apr 2025 17:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:9e:40:23:c4:49:14:ae:7e:82:dc:30:53:39:10:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Apr 8 18:16:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fa34fcb0127d490df0ac41ad427c0845d23c10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:12:05:04:51:56:00:3e:1e:ce:59:de:b2:9a:
ae:50:8d:a5:c5:4d:67:c2:d3:be:2f:5c:e4:49:25:
3b:0f:97:0f:25:84:74:6f:a6:60:c0:0e:43:b9:5b:
cd:b4:50:64:d1:27:c3:82:88:25:f5:cc:2a:d2:44:
52:31:3d:b4:56:7d:b8:e3:5c:ab:92:f7:f2:38:e9:
b6:f5:95:10:ec:9d:a2:01:81:fc:df:f2:9c:11:44:
cf:60:5f:88:be:05:f2:61:11:ce:94:18:a4:99:d2:
96:a7:9c:6d:ff:39:b0:dd:a2:11:a7:d1:ad:3f:34:
b0:03:c4:03:32:3c:e1:c2:53:cc:1e:5a:7a:77:b4:
cc:b8:36:4c:27:62:b6:8d:bd:0a:70:b0:8c:44:cc:
58:6d:4c:d5:9e:0e:f8:94:57:03:fb:b8:12:f4:2c:
05:57:12:38:ed:12:ca:9a:90:fa:24:f9:c8:6a:58:
f6:3a:ed:07:e1:05:66:60:e1:82:58:ed:4c:a3:29:
21:02:84:91:b5:33:0e:94:bc:58:05:52:30:19:02:
5c:c9:ed:06:3d:16:16:0e:63:53:97:b2:9c:1c:88:
b9:e2:23:ab:be:49:5b:b4:90:e4:04:aa:6f:42:bd:
cc:73:49:a6:52:40:10:92:e9:bb:95:5e:f0:e1:3f:
79:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A3:4F:CB:01:27:D4:90:DF:0A:C4:1A:D4:27:C0:84:5D:23:C1:0F
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/D6NPywEn1JDfCsQa1CfAhF0jwQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c04::/32
2a11:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
75:65:d7:ff:5f:50:1f:3f:e2:9a:9f:51:46:ee:de:9b:2a:b3:
06:f9:63:1d:b8:89:ed:b8:85:d4:48:3b:a6:e8:e5:73:92:c2:
7f:9c:34:26:ed:3b:98:e3:0c:97:79:22:52:a6:48:02:8d:0f:
58:8e:1f:f9:e4:4d:28:9d:3c:2a:1f:f0:7a:fb:89:b3:16:80:
29:60:30:a6:a6:e3:e1:f0:7f:2c:3c:02:2e:fa:13:29:8f:a2:
ed:4e:a1:3c:30:45:bc:d3:bd:9e:3c:a9:e5:63:db:83:8e:63:
43:78:93:b8:11:6b:8d:40:a8:b6:83:1e:34:f6:f0:da:75:61:
7e:70:9d:09:f4:23:cd:de:8a:61:ed:cf:c8:4f:d0:2c:a2:27:
e6:62:32:a1:5d:f9:f1:03:d6:8a:8e:4b:f7:cd:f6:f6:8f:26:
e2:9e:de:04:7b:31:18:1d:01:1c:14:cc:f0:ff:dc:8a:c5:23:
5e:e1:07:34:62:41:d0:7c:68:90:5d:f7:f9:4d:93:73:b7:77:
83:99:f2:4a:dd:5f:5f:9e:f5:c2:95:3c:4a:13:7f:84:8a:98:
53:01:cd:02:0a:47:d3:40:25:87:1b:4d:20:bb:8f:b0:73:d8:
1e:33:63:e5:67:1f:0c:47:53:3b:07:17:41:e3:8e:fc:81:b6:
c4:72:a3:35
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYWnkAjxEkUrn6C3DBTORCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwNDA4MTgxNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEzNGZjYjAxMjdkNDkwZGYwYWM0MWFkNDI3YzA4NDVkMjNjMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRIFBFFWAD4ezlnespquUI2lxU1n
wtO+L1zkSSU7D5cPJYR0b6ZgwA5DuVvNtFBk0SfDgogl9cwq0kRSMT20Vn2441yr
kvfyOOm29ZUQ7J2iAYH83/KcEUTPYF+IvgXyYRHOlBikmdKWp5xt/zmw3aIRp9Gt
PzSwA8QDMjzhwlPMHlp6d7TMuDZMJ2K2jb0KcLCMRMxYbUzVng74lFcD+7gS9CwF
VxI47RLKmpD6JPnIalj2Ou0H4QVmYOGCWO1MoykhAoSRtTMOlLxYBVIwGQJcye0G
PRYWDmNTl7KcHIi54iOrvklbtJDkBKpvQr3Mc0mmUkAQkum7lV7w4T95jQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA+jT8sBJ9SQ3wrEGtQnwIRdI8EPMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvRDZOUHl3RW4xSkRmQ3NRYTFDZkFoRjBqd1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg+cBAMF
ACoRaMAwDQYJKoZIhvcNAQELBQADggEBAHVl1/9fUB8/4pqfUUbu3psqswb5Yx24
ie24hdRIO6bo5XOSwn+cNCbtO5jjDJd5IlKmSAKND1iOH/nkTSidPCof8Hr7ibMW
gClgMKam4+Hwfyw8Ai76EymPou1OoTwwRbzTvZ48qeVj24OOY0N4k7gRa41AqLaD
HjT28Np1YX5wnQn0I83eimHtz8hP0CyiJ+ZiMqFd+fED1oqOS/fN9vaPJuKe3gR7
MRgdARwUzPD/3IrFI17hBzRiQdB8aJBd9/lNk3O3d4OZ8krdX1+e9cKVPEoTf4SK
mFMBzQIKR9NAJYcbTSC7j7Bz2B4zY+VnHwxHUzsHF0HjjvyBtsRyozU=
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:13:41 2025 by rpki-client