Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/kJzQKmXj-wSMDtYl7iZxW949ixc.roa
File: kJzQKmXj-wSMDtYl7iZxW949ixc.roa (raw, json)
Hash identifier: wYVoO7US65M4nQVqF0KDa3ikq1KkOjPtfB0wlEM3gSc=
Subject key identifier: 90:9C:D0:2A:65:E3:FB:04:8C:0E:D6:25:EE:26:71:5B:DE:3D:8B:17
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 019513C21A550EAB1240023AFE8F21976E90
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/kJzQKmXj-wSMDtYl7iZxW949ixc.roa
Signing time: Mon 17 Feb 2025 11:54:02 +0000
ROA not before: Mon 17 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0f:9c02::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:c2:1a:55:0e:ab:12:40:02:3a:fe:8f:21:97:6e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Feb 17 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=909cd02a65e3fb048c0ed625ee26715bde3d8b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:67:7a:0f:91:fb:75:2f:2f:bf:3c:ee:38:98:
5c:f9:c5:03:ee:0a:97:54:1a:69:76:1e:9e:3d:52:
45:37:a4:7b:73:61:94:97:3a:ab:f9:be:54:eb:68:
73:3d:84:21:5e:26:36:e2:2a:6a:ad:8b:39:4d:9b:
f4:5e:00:ec:de:81:97:36:2e:f3:9d:38:74:11:75:
3b:67:fa:03:ed:7f:de:38:c1:5e:e0:6e:df:d2:ec:
9f:f0:82:48:04:a9:f6:27:f6:dd:f6:30:4b:40:e2:
c3:cc:9a:c6:ad:00:bb:d3:3f:dc:d7:1d:14:86:e6:
9a:b2:f7:94:d6:69:1c:75:27:f4:fb:6d:61:2e:60:
c8:4a:9e:46:45:83:9f:28:2d:c7:5f:9c:b9:19:f2:
fe:db:bd:11:2e:26:1d:6c:7b:b5:9e:dd:de:f4:27:
21:c7:37:8a:5d:9d:3b:4c:c3:ec:a5:b0:8c:93:25:
63:6e:94:ed:73:f4:c9:71:16:c5:da:5f:d9:85:d2:
79:2d:63:d1:09:7e:ee:5a:a1:7b:2c:60:9e:1d:e3:
f8:21:32:95:a7:b7:5f:57:29:2c:a9:43:8d:ea:a7:
0b:f8:03:eb:9e:3e:4a:0f:c6:33:c5:9a:19:d4:37:
2c:d0:f1:93:5c:8b:ff:c4:83:40:ad:7b:e5:9d:6f:
fc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9C:D0:2A:65:E3:FB:04:8C:0E:D6:25:EE:26:71:5B:DE:3D:8B:17
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/kJzQKmXj-wSMDtYl7iZxW949ixc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c02::/32
Signature Algorithm: sha256WithRSAEncryption
00:2a:ee:4b:3d:6d:50:1d:be:92:a2:a8:a3:d8:b9:fc:57:b7:
0a:8c:1d:6c:c9:39:e1:4f:24:cc:1e:8a:1a:5c:26:a8:fa:1e:
df:ab:64:49:04:ad:d5:67:26:55:92:5c:12:97:89:5d:28:57:
c7:34:b1:4c:9d:bd:f8:3a:26:c5:7f:e6:42:ba:a9:94:bb:54:
b1:84:a2:2b:34:c0:f9:76:f0:58:59:77:e8:f3:33:b8:64:c6:
79:df:90:30:94:8f:2d:74:ee:61:a0:62:a4:11:7c:c8:1b:fd:
43:ee:ce:9d:f0:e6:0b:1d:de:b6:29:18:6c:22:85:8d:bd:61:
53:48:0a:86:e7:38:17:a8:ce:42:73:8c:28:f7:f4:da:e7:67:
56:35:b9:de:e4:f8:75:bd:1c:5d:c4:08:91:98:a8:27:f5:bb:
ee:e5:9b:4f:77:c6:b9:c7:67:20:7f:8c:b3:19:1d:ca:7a:4b:
60:e2:5c:c5:6f:9f:b0:4e:bd:11:9a:23:d0:37:96:8d:3a:70:
bd:2a:f3:01:2f:02:60:38:37:4d:0a:18:8e:d9:58:3b:6b:48:
0d:73:80:40:2a:62:cc:d7:30:38:a9:00:94:46:e3:88:ec:76:
bb:8c:f9:bc:9a:50:34:3d:a5:34:54:3a:9f:fa:cd:8a:e0:d2:
93:01:a7:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUTwhpVDqsSQAI6/o8hl26QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwMjE3MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDljZDAyYTY1ZTNmYjA0OGMwZWQ2MjVlZTI2NzE1YmRlM2Q4YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Gd6D5H7dS8vvzzuOJhc+cUD7gqX
VBppdh6ePVJFN6R7c2GUlzqr+b5U62hzPYQhXiY24ipqrYs5TZv0XgDs3oGXNi7z
nTh0EXU7Z/oD7X/eOMFe4G7f0uyf8IJIBKn2J/bd9jBLQOLDzJrGrQC70z/c1x0U
huaasveU1mkcdSf0+21hLmDISp5GRYOfKC3HX5y5GfL+270RLiYdbHu1nt3e9Cch
xzeKXZ07TMPspbCMkyVjbpTtc/TJcRbF2l/ZhdJ5LWPRCX7uWqF7LGCeHeP4ITKV
p7dfVyksqUON6qcL+APrnj5KD8YzxZoZ1Dcs0PGTXIv/xINArXvlnW/8bwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJCc0Cpl4/sEjA7WJe4mcVvePYsXMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEva0p6UUttWGotd1NNRHRZbDdpWnhXOTQ5aXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+cAjAN
BgkqhkiG9w0BAQsFAAOCAQEAACruSz1tUB2+kqKoo9i5/Fe3CowdbMk54U8kzB6K
GlwmqPoe36tkSQSt1WcmVZJcEpeJXShXxzSxTJ29+DomxX/mQrqplLtUsYSiKzTA
+XbwWFl36PMzuGTGed+QMJSPLXTuYaBipBF8yBv9Q+7OnfDmCx3etikYbCKFjb1h
U0gKhuc4F6jOQnOMKPf02udnVjW53uT4db0cXcQIkZioJ/W77uWbT3fGucdnIH+M
sxkdynpLYOJcxW+fsE69EZoj0DeWjTpwvSrzAS8CYDg3TQoYjtlYO2tIDXOAQCpi
zNcwOKkAlEbjiOx2u4z5vJpQND2lNFQ6n/rNiuDSkwGnTA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:15:17 2025 by rpki-client