Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KcHcQetzCZ_3y9dAbLNVEQMcLQo.roa
File: KcHcQetzCZ_3y9dAbLNVEQMcLQo.roa (raw, json)
Hash identifier: eNNcpVEM8t80L/Dr8U8KgUI9h9uX9k1lMchHYeGcouY=
Subject key identifier: 29:C1:DC:41:EB:73:09:9F:F7:CB:D7:40:6C:B3:55:11:03:1C:2D:0A
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019537CAF6026CB17EAEBD7F2BA6944E6956
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KcHcQetzCZ_3y9dAbLNVEQMcLQo.roa
Signing time: Mon 24 Feb 2025 11:50:02 +0000
ROA not before: Mon 24 Feb 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:6bc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:ca:f6:02:6c:b1:7e:ae:bd:7f:2b:a6:94:4e:69:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Feb 24 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29c1dc41eb73099ff7cbd7406cb35511031c2d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3b:50:e4:50:76:4a:c1:dd:76:5b:07:50:7f:
c1:66:dd:2a:10:ae:3d:bd:88:38:4f:c8:85:31:76:
e6:91:54:81:65:e9:d8:2e:05:c8:b3:d0:2a:85:ee:
19:b3:d0:4b:19:83:83:24:c7:c9:8b:de:f0:6e:94:
5b:6a:0d:d5:2f:e7:9f:94:57:30:08:02:f4:61:76:
21:e0:6a:7c:2b:b5:06:fe:f4:f6:bb:64:6c:aa:e6:
26:ff:61:49:72:09:3a:80:56:e3:63:58:19:1d:6f:
6c:f5:0e:9d:4b:4c:ae:3b:1a:b7:ca:3b:19:b4:35:
c5:d5:43:2c:30:24:35:22:c5:0d:bc:1f:3e:86:40:
bf:1b:5b:2f:81:5a:a9:ad:e7:fc:62:cb:0c:86:3d:
47:d5:8a:e7:a5:3c:32:c2:2f:b6:98:ed:d9:26:ae:
fb:1f:1b:6b:39:b8:d2:81:eb:35:b3:ec:3d:47:a4:
fb:41:5f:1a:d5:70:44:0b:5d:c5:ba:d1:74:a1:37:
9d:d1:26:6c:7d:79:7f:f4:0d:db:ef:72:aa:ca:cf:
49:f8:cb:fa:7a:e1:57:0b:6b:40:f7:72:33:5e:36:
71:a2:7d:1a:e4:e4:48:1c:9e:b0:7a:0b:2e:6d:9c:
2b:a9:88:1c:0b:f3:71:0b:cc:be:01:c9:ff:05:f3:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C1:DC:41:EB:73:09:9F:F7:CB:D7:40:6C:B3:55:11:03:1C:2D:0A
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KcHcQetzCZ_3y9dAbLNVEQMcLQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6bc7::/32
Signature Algorithm: sha256WithRSAEncryption
09:bd:00:03:e7:16:ff:84:ba:f4:75:37:ba:00:cc:22:18:70:
04:7b:6f:52:ce:c9:7c:b1:d1:95:e4:91:53:0e:a8:6f:ee:10:
d9:d0:27:19:0c:be:2c:4f:03:5b:64:9d:8a:15:db:e0:76:70:
e5:27:a7:4b:be:1c:90:89:73:81:a9:0c:45:76:5c:0f:b3:ee:
44:af:df:b7:b3:ed:30:ac:d7:03:10:37:37:1d:67:bf:3b:0e:
a2:20:d3:1f:99:fe:c5:a8:c4:4d:a8:eb:67:ce:6b:c1:61:03:
62:71:47:d4:5d:3a:24:c4:d2:b9:1b:e2:f6:59:1d:0a:2c:3f:
e2:be:49:33:7c:9a:36:e6:a2:7d:78:40:32:18:94:22:49:27:
d1:60:a9:6e:89:c3:72:e6:c2:8c:42:bd:58:c1:37:6d:50:1b:
7e:1a:2f:96:33:f1:26:00:ca:bc:c2:71:7e:2f:03:7f:dd:e8:
d7:a1:9a:e7:3c:51:f3:4a:45:4f:3e:cd:eb:61:c5:0c:f7:34:
5b:36:b1:c4:ed:b6:3c:f2:85:82:bb:73:52:ee:c3:ea:41:4a:
99:68:a7:59:8c:a8:5e:59:b3:a5:ab:99:10:c3:78:f5:dc:52:
4f:69:29:73:a9:fe:f5:77:44:5c:5e:bc:e1:60:37:84:ff:2a:
b3:76:5c:03
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZU3yvYCbLF+rr1/K6aUTmlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMjI0MTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMxZGM0MWViNzMwOTlmZjdjYmQ3NDA2Y2IzNTUxMTAzMWMyZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DtQ5FB2SsHddlsHUH/BZt0qEK49
vYg4T8iFMXbmkVSBZenYLgXIs9Aqhe4Zs9BLGYODJMfJi97wbpRbag3VL+eflFcw
CAL0YXYh4Gp8K7UG/vT2u2RsquYm/2FJcgk6gFbjY1gZHW9s9Q6dS0yuOxq3yjsZ
tDXF1UMsMCQ1IsUNvB8+hkC/G1svgVqpref8YssMhj1H1YrnpTwywi+2mO3ZJq77
HxtrObjSges1s+w9R6T7QV8a1XBEC13FutF0oTed0SZsfXl/9A3b73Kqys9J+Mv6
euFXC2tA93IzXjZxon0a5ORIHJ6wegsubZwrqYgcC/NxC8y+Acn/BfMcaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCnB3EHrcwmf98vXQGyzVREDHC0KMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvS2NIY1FldHpDWl8zeTlkQWJMTlZFUU1jTFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFrxzAN
BgkqhkiG9w0BAQsFAAOCAQEACb0AA+cW/4S69HU3ugDMIhhwBHtvUs7JfLHRleSR
Uw6ob+4Q2dAnGQy+LE8DW2SdihXb4HZw5SenS74ckIlzgakMRXZcD7PuRK/ft7Pt
MKzXAxA3Nx1nvzsOoiDTH5n+xajETajrZ85rwWEDYnFH1F06JMTSuRvi9lkdCiw/
4r5JM3yaNuaifXhAMhiUIkkn0WCpbonDcubCjEK9WME3bVAbfhovljPxJgDKvMJx
fi8Df93o16Ga5zxR80pFTz7N62HFDPc0WzaxxO22PPKFgrtzUu7D6kFKmWinWYyo
XlmzpauZEMN49dxST2kpc6n+9XdEXF684WA3hP8qs3ZcAw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:01:22 2025 by rpki-client