Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/dLctSR5WdIzGws8dlXwga1LaJjs.roa
File: dLctSR5WdIzGws8dlXwga1LaJjs.roa (raw, json)
Hash identifier: AA+g+CMgx5nvjrmIfJp0Bapiob5pUb3f06yoAPKIsrE=
Subject key identifier: 74:B7:2D:49:1E:56:74:8C:C6:C2:CF:1D:95:7C:20:6B:52:DA:26:3B
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01949207688F772FE52715BF8D54572C5E94
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/dLctSR5WdIzGws8dlXwga1LaJjs.roa
Signing time: Thu 23 Jan 2025 07:19:06 +0000
ROA not before: Thu 23 Jan 2025 07:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:9440::/32 maxlen: 32
2a09:9442::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 17:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:07:68:8f:77:2f:e5:27:15:bf:8d:54:57:2c:5e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 23 07:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74b72d491e56748cc6c2cf1d957c206b52da263b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a7:5f:13:30:9d:1f:04:5c:3d:f5:8c:26:0c:
ab:58:70:30:3e:2d:b9:ff:cb:d1:d4:84:81:29:5f:
dd:1e:cc:0c:ed:68:ec:90:42:92:79:0f:35:06:11:
e2:ad:4d:44:94:d1:8c:3b:30:8f:16:77:b3:9f:17:
f9:4e:53:5b:de:de:70:55:fe:04:4e:97:47:3e:a4:
70:d2:4d:e3:e9:4f:cf:78:43:de:f7:a7:51:30:40:
d8:3e:06:68:f9:12:18:46:45:9c:6d:54:0f:c8:83:
7b:32:e1:0d:05:70:fb:ba:80:20:05:eb:9b:cc:bb:
03:da:8e:38:9e:7d:db:ff:94:0e:a2:c7:29:b0:e0:
f5:f6:4d:43:27:2b:15:2e:4a:c9:e7:04:66:bc:d2:
57:80:99:3b:1f:76:65:7e:0f:1c:fe:b8:c3:d7:45:
ca:11:68:dc:b5:30:2b:f1:35:cd:ff:d4:5f:3d:e4:
0f:2e:da:47:34:61:a2:24:eb:42:29:e0:df:c7:12:
e7:42:10:01:e5:32:b2:2f:a7:62:9e:58:e9:9c:85:
46:37:5f:25:5d:74:7e:6b:67:94:68:97:73:f4:21:
04:42:3b:16:da:1c:88:e7:1e:77:5f:e2:0f:a2:e5:
46:d9:3c:84:66:c2:55:32:d3:ba:ed:80:23:3f:e3:
1d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B7:2D:49:1E:56:74:8C:C6:C2:CF:1D:95:7C:20:6B:52:DA:26:3B
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/dLctSR5WdIzGws8dlXwga1LaJjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9440::/32
2a09:9442::/32
Signature Algorithm: sha256WithRSAEncryption
37:f1:e4:d0:8b:84:00:50:3b:5e:10:d8:a1:1a:28:2e:e0:28:
00:ed:ae:2c:fe:d6:bd:1b:23:58:49:a0:b0:48:08:fc:3d:aa:
92:8c:eb:7a:0b:40:5a:5a:97:7b:d5:c8:13:b5:10:1f:cf:b9:
0f:b0:cd:6d:c7:a5:61:cf:d5:76:e1:e2:a0:67:6a:91:fa:08:
e7:9f:64:60:e8:34:53:9e:85:fc:4a:f2:f8:11:ee:78:2a:f7:
45:c4:ff:67:d4:62:27:3b:b2:b7:2f:3e:d2:66:cc:0e:fd:da:
bd:39:89:0c:b6:22:a1:80:fe:8d:a9:e0:2b:03:18:a6:e1:2a:
2f:73:33:30:e7:67:c3:cd:a3:76:8b:da:49:9c:88:38:3e:74:
64:de:24:aa:4f:08:df:41:40:86:79:82:54:e0:b9:ce:2d:56:
fb:a8:f4:3d:25:82:89:d0:03:69:1a:bd:34:ea:97:09:f8:9d:
6c:10:6a:0f:6f:09:31:d8:68:2e:ba:e9:6b:f0:84:88:50:ca:
22:ef:03:ae:33:8a:51:c8:cb:cb:69:45:1f:b6:e7:0a:d8:5b:
d7:26:19:dc:a6:c1:40:48:28:d4:2e:1a:ca:e9:d1:0e:53:19:
22:90:c9:d4:dc:93:4b:a4:94:77:3c:2e:f4:d0:af:9f:47:94:
46:a6:47:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSSB2iPdy/lJxW/jVRXLF6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMTIzMDcxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI3MmQ0OTFlNTY3NDhjYzZjMmNmMWQ5NTdjMjA2YjUyZGEyNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qdfEzCdHwRcPfWMJgyrWHAwPi25
/8vR1ISBKV/dHswM7WjskEKSeQ81BhHirU1ElNGMOzCPFneznxf5TlNb3t5wVf4E
TpdHPqRw0k3j6U/PeEPe96dRMEDYPgZo+RIYRkWcbVQPyIN7MuENBXD7uoAgBeub
zLsD2o44nn3b/5QOoscpsOD19k1DJysVLkrJ5wRmvNJXgJk7H3Zlfg8c/rjD10XK
EWjctTAr8TXN/9RfPeQPLtpHNGGiJOtCKeDfxxLnQhAB5TKyL6dinljpnIVGN18l
XXR+a2eUaJdz9CEEQjsW2hyI5x53X+IPouVG2TyEZsJVMtO67YAjP+Md7QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHS3LUkeVnSMxsLPHZV8IGtS2iY7MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvZExjdFNSNVdkSXpHd3M4ZGxYd2dhMUxhSmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmUQAMF
ACoJlEIwDQYJKoZIhvcNAQELBQADggEBADfx5NCLhABQO14Q2KEaKC7gKADtriz+
1r0bI1hJoLBICPw9qpKM63oLQFpal3vVyBO1EB/PuQ+wzW3HpWHP1Xbh4qBnapH6
COefZGDoNFOehfxK8vgR7ngq90XE/2fUYic7srcvPtJmzA792r05iQy2IqGA/o2p
4CsDGKbhKi9zMzDnZ8PNo3aL2kmciDg+dGTeJKpPCN9BQIZ5glTguc4tVvuo9D0l
gonQA2kavTTqlwn4nWwQag9vCTHYaC666WvwhIhQyiLvA64zilHIy8tpRR+25wrY
W9cmGdymwUBIKNQuGsrp0Q5TGSKQydTck0uklHc8LvTQr59HlEamR70=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:36 2025 by rpki-client