Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/nJ2y_miXjmeBsGfJ86RyaRTQ5Hc.roa
File: nJ2y_miXjmeBsGfJ86RyaRTQ5Hc.roa (raw, json)
Hash identifier: iGZfNH7kh/SCNJOnwQ10tk93bjuovFDgyoW3pis1P1U=
Subject key identifier: 9C:9D:B2:FE:68:97:8E:67:81:B0:67:C9:F3:A4:72:69:14:D0:E4:77
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 01942445397062A09A3A9E6BCE00E677398E
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/nJ2y_miXjmeBsGfJ86RyaRTQ5Hc.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214709
IP address blocks: 2a14:3f87:9000::/38 maxlen: 38
Validation: Failed, certificate revoked on Mon 13 Jan 2025 22:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:39:70:62:a0:9a:3a:9e:6b:ce:00:e6:77:39:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c9db2fe68978e6781b067c9f3a4726914d0e477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:86:67:9c:48:02:e6:cf:98:31:27:35:80:ce:
cd:cf:3d:87:a7:9d:52:ba:40:07:f6:6e:a4:7e:55:
f3:32:59:29:72:91:7f:1b:db:5c:95:b8:cc:eb:de:
be:e5:2e:6b:c8:e6:84:45:27:da:5a:43:e4:fa:d8:
99:26:8c:3f:0e:72:ab:69:54:27:66:7e:9d:7f:59:
eb:bf:18:6c:06:67:10:f8:2e:b4:b3:6a:64:61:e2:
d8:23:41:3a:f5:ef:0a:c8:4a:69:32:a4:99:e3:08:
d7:f5:a0:6b:d1:ec:a0:9a:83:a4:29:f4:59:dd:4b:
3f:61:f1:e6:ec:fc:12:17:78:f3:bb:a9:1b:69:8c:
a8:63:15:e5:61:2d:88:29:55:61:f8:53:ba:ed:87:
e9:07:dd:da:c7:d4:b9:90:29:14:06:b8:21:31:1a:
ce:f8:54:86:cf:bb:6e:3b:1e:d8:25:db:8d:34:cc:
2c:07:a2:08:ce:c9:1a:be:ad:8f:58:43:22:29:02:
61:c5:91:95:ce:25:df:c2:c7:2c:4c:b7:5b:4d:18:
6e:52:9a:61:e5:9f:37:fb:83:86:e0:06:07:be:32:
44:73:32:9b:10:04:81:98:83:dc:86:c0:be:cb:8a:
84:64:6e:8c:13:93:f3:38:cc:33:36:90:8f:35:e6:
b3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9D:B2:FE:68:97:8E:67:81:B0:67:C9:F3:A4:72:69:14:D0:E4:77
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/nJ2y_miXjmeBsGfJ86RyaRTQ5Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:3f87:9000::/38
Signature Algorithm: sha256WithRSAEncryption
2e:88:a9:53:ae:03:95:7d:5f:f3:25:85:f5:74:6d:45:aa:0e:
78:7e:45:8b:9c:11:7d:df:ee:dd:5a:6e:a2:34:73:cb:b9:82:
09:58:ef:47:68:2c:b9:32:c9:13:61:a9:6a:1e:c4:33:e9:96:
4d:3f:81:0d:60:42:16:b7:74:d4:f1:bc:f8:14:e4:01:7e:10:
20:ff:93:6f:67:70:da:12:fd:10:60:42:a9:51:8b:02:64:60:
f9:d5:94:db:e8:17:01:5f:8b:76:18:87:2f:ba:3b:6e:96:b5:
fa:58:45:c7:bb:43:0f:86:c9:28:c9:02:c5:34:97:25:de:41:
da:02:33:f6:a2:b7:63:8e:fd:7f:9e:88:6a:b9:04:f2:0b:ad:
86:55:e1:70:0c:98:ee:b8:3e:ba:e5:16:c0:97:31:b4:0e:f8:
f9:26:c6:16:4f:3a:12:d6:e2:79:9e:6c:e9:5e:4b:a8:18:4c:
f8:ed:be:f4:de:37:cc:cf:47:a9:9c:bb:0e:a1:e7:3b:7c:6e:
28:1e:8a:cc:af:0c:8d:5f:a2:81:44:a0:1c:ec:77:64:70:fe:
40:1d:25:c5:92:ba:25:99:f7:11:24:16:cb:1c:26:4a:14:b3:
c0:0a:09:9d:92:65:c4:02:0c:44:cf:b7:dc:7e:8d:f4:64:84:
57:bf:0c:6e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRTlwYqCaOp5rzgDmdzmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzlkYjJmZTY4OTc4ZTY3ODFiMDY3YzlmM2E0NzI2OTE0ZDBlNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoZnnEgC5s+YMSc1gM7Nzz2Hp51S
ukAH9m6kflXzMlkpcpF/G9tclbjM696+5S5ryOaERSfaWkPk+tiZJow/DnKraVQn
Zn6df1nrvxhsBmcQ+C60s2pkYeLYI0E69e8KyEppMqSZ4wjX9aBr0eygmoOkKfRZ
3Us/YfHm7PwSF3jzu6kbaYyoYxXlYS2IKVVh+FO67YfpB93ax9S5kCkUBrghMRrO
+FSGz7tuOx7YJduNNMwsB6IIzskavq2PWEMiKQJhxZGVziXfwscsTLdbTRhuUpph
5Z83+4OG4AYHvjJEczKbEASBmIPchsC+y4qEZG6ME5PzOMwzNpCPNeaz+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJydsv5ol45ngbBnyfOkcmkU0OR3MB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvbkoyeV9taVhqbWVCc0dmSjg2UnlhUlRRNUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhQ/h5Aw
DQYJKoZIhvcNAQELBQADggEBAC6IqVOuA5V9X/MlhfV0bUWqDnh+RYucEX3f7t1a
bqI0c8u5gglY70doLLkyyRNhqWoexDPplk0/gQ1gQha3dNTxvPgU5AF+ECD/k29n
cNoS/RBgQqlRiwJkYPnVlNvoFwFfi3YYhy+6O26WtfpYRce7Qw+GySjJAsU0lyXe
QdoCM/ait2OO/X+eiGq5BPILrYZV4XAMmO64PrrlFsCXMbQO+PkmxhZPOhLW4nme
bOleS6gYTPjtvvTeN8zPR6mcuw6h5zt8bigeisyvDI1fooFEoBzsd2Rw/kAdJcWS
uiWZ9xEkFsscJkoUs8AKCZ2SZcQCDETPt9x+jfRkhFe/DG4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:51:30 2025 by rpki-client