Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/shkna1LEcphkEtl5qx44gSC4Vi8.roa
File: shkna1LEcphkEtl5qx44gSC4Vi8.roa (raw, json)
Hash identifier: Dbe9uOriZjfcmNaP4xiwV550BkzcjII20jOFPqd5zts=
Subject key identifier: B2:19:27:6B:52:C4:72:98:64:12:D9:79:AB:1E:38:81:20:B8:56:2F
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0195247947951A1308035FFCFD48ACAE6364
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/shkna1LEcphkEtl5qx44gSC4Vi8.roa
Signing time: Thu 20 Feb 2025 17:48:02 +0000
ROA not before: Thu 20 Feb 2025 17:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0f:9c07::/32 maxlen: 32
2a11:68c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:79:47:95:1a:13:08:03:5f:fc:fd:48:ac:ae:63:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Feb 20 17:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b219276b52c472986412d979ab1e388120b8562f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:bc:16:4d:15:dc:32:70:f4:1a:99:28:a7:
12:78:0d:51:46:33:e8:39:cc:e8:a4:49:5a:a9:d5:
12:76:b6:92:94:dc:f5:4e:15:87:b2:a5:45:07:ed:
27:1b:8c:e2:fd:3b:59:c3:a9:0e:7f:bf:99:d6:35:
d5:71:18:1f:ec:6e:1d:5d:27:86:96:a2:1c:26:b1:
f8:ef:c6:bd:36:db:1f:a5:11:a9:24:4d:34:8b:61:
ac:0c:d5:4f:c2:fe:5f:9a:68:30:21:55:7d:03:74:
96:19:31:68:a5:b8:11:35:a7:85:f2:65:b9:16:37:
ad:2d:36:b8:08:87:10:1f:0f:15:2a:2f:96:dc:8a:
45:f7:28:bb:5e:76:39:d0:63:77:ee:15:a1:08:a4:
cb:f7:86:02:b4:9a:44:2c:1b:c2:73:cb:58:2f:05:
e9:6c:d3:c2:26:70:29:35:ca:6d:b8:18:af:d3:e2:
06:b4:64:3b:fc:c1:4d:d6:c2:f1:1d:9c:84:f1:83:
99:b8:94:ae:85:3a:d9:74:4a:64:6b:ef:79:20:91:
9a:59:26:2e:a1:07:8b:3b:55:ee:95:c5:8b:c2:e3:
25:ae:b7:e1:59:52:55:7c:8c:bb:95:8b:ae:32:cd:
77:a3:f4:01:08:20:f5:73:55:dc:a6:a5:74:96:58:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:19:27:6B:52:C4:72:98:64:12:D9:79:AB:1E:38:81:20:B8:56:2F
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/shkna1LEcphkEtl5qx44gSC4Vi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c07::/32
2a11:68c2::/32
Signature Algorithm: sha256WithRSAEncryption
12:8f:40:9a:a8:d6:b9:f0:7d:19:43:de:7d:bc:42:04:90:6a:
79:b9:d1:3a:bf:ed:29:0e:9a:97:30:39:1d:79:3f:67:67:35:
e3:f4:c8:98:b0:2f:ad:1a:a4:8e:e7:ab:86:60:a4:1a:2b:f0:
c7:eb:13:71:bf:7b:ab:21:63:df:18:2b:37:b2:e6:20:cc:19:
0b:41:1e:57:c5:64:b3:dd:98:37:70:93:35:74:f7:27:e1:3b:
77:e3:9b:cb:da:14:80:23:53:7e:48:18:e4:d7:d6:84:fa:51:
9f:c6:d4:34:ce:3e:27:28:fd:58:5e:e9:a8:c7:37:81:7e:fe:
ab:20:8b:87:93:3f:3a:5e:ce:a9:fa:3a:54:0d:36:54:33:73:
4c:5c:ed:ee:fe:43:61:9c:3f:5d:a6:ff:1c:44:cd:67:6a:11:
75:ed:60:24:89:4c:5f:8d:e4:85:2d:53:e6:bc:e4:d1:3d:55:
82:55:d2:8c:0d:03:8d:da:9a:97:bf:c3:45:1e:ac:77:5a:60:
13:ba:a1:1f:10:85:a1:64:69:a6:e5:82:a3:7b:6f:8d:01:2a:
e3:61:5c:e6:5c:11:3a:0f:c1:58:67:0d:08:61:dd:10:dd:3e:
1c:81:19:f4:3c:b9:38:8b:2f:8f:10:b8:8a:a6:01:ad:6c:c2:
67:c5:df:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUkeUeVGhMIA1/8/UisrmNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwMjIwMTc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE5Mjc2YjUyYzQ3Mjk4NjQxMmQ5NzlhYjFlMzg4MTIwYjg1NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHK8Fk0V3DJw9BqZKKcSeA1RRjPo
OczopElaqdUSdraSlNz1ThWHsqVFB+0nG4zi/TtZw6kOf7+Z1jXVcRgf7G4dXSeG
lqIcJrH478a9NtsfpRGpJE00i2GsDNVPwv5fmmgwIVV9A3SWGTFopbgRNaeF8mW5
FjetLTa4CIcQHw8VKi+W3IpF9yi7XnY50GN37hWhCKTL94YCtJpELBvCc8tYLwXp
bNPCJnApNcptuBiv0+IGtGQ7/MFN1sLxHZyE8YOZuJSuhTrZdEpka+95IJGaWSYu
oQeLO1XulcWLwuMlrrfhWVJVfIy7lYuuMs13o/QBCCD1c1XcpqV0llhqYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLIZJ2tSxHKYZBLZeaseOIEguFYvMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvc2hrbmExTEVjcGhrRXRsNXF4NDRnU0M0Vmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg+cBwMF
ACoRaMIwDQYJKoZIhvcNAQELBQADggEBABKPQJqo1rnwfRlD3n28QgSQanm50Tq/
7SkOmpcwOR15P2dnNeP0yJiwL60apI7nq4ZgpBor8MfrE3G/e6shY98YKzey5iDM
GQtBHlfFZLPdmDdwkzV09yfhO3fjm8vaFIAjU35IGOTX1oT6UZ/G1DTOPico/Vhe
6ajHN4F+/qsgi4eTPzpezqn6OlQNNlQzc0xc7e7+Q2GcP12m/xxEzWdqEXXtYCSJ
TF+N5IUtU+a85NE9VYJV0owNA43ampe/w0UerHdaYBO6oR8QhaFkaablgqN7b40B
KuNhXOZcEToPwVhnDQhh3RDdPhyBGfQ8uTiLL48QuIqmAa1swmfF3wM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:42:40 2025 by rpki-client