Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/9TUthn7ejeG64w7grptdSjUlXKE.roa
File: 9TUthn7ejeG64w7grptdSjUlXKE.roa (raw, json)
Hash identifier: 3zMhW3nOAp1r0OTqbhFRoTIwADRtT/jaE/n4cjhK3GE=
Subject key identifier: F5:35:2D:86:7E:DE:8D:E1:BA:E3:0E:E0:AE:9B:5D:4A:35:25:5C:A1
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019427B667D7BFF7EF5B1AF3EB365A544A8E
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/9TUthn7ejeG64w7grptdSjUlXKE.roa
Signing time: Thu 02 Jan 2025 15:50:53 +0000
ROA not before: Thu 02 Jan 2025 15:50:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0e:7f47::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 17:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:67:d7:bf:f7:ef:5b:1a:f3:eb:36:5a:54:4a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Jan 2 15:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5352d867ede8de1bae30ee0ae9b5d4a35255ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7c:61:7d:eb:50:de:7f:a0:82:7e:44:99:f7:
82:f8:ae:0d:71:1b:24:49:e8:f1:c6:4a:36:e5:f2:
61:60:33:46:6d:e8:5a:86:49:1d:0a:97:33:d5:0f:
f5:f2:6a:08:13:62:e2:68:a9:7e:30:c0:6b:14:7a:
4a:32:d4:43:d1:4a:ab:f6:f5:88:98:cf:56:35:78:
ac:ce:ce:b2:ba:e6:8e:89:cb:76:76:16:5e:eb:90:
0b:e1:b3:be:7a:d5:d0:fc:dc:57:08:79:f7:d3:b5:
e6:cd:ea:15:8a:78:f8:7f:18:70:2a:e0:12:65:16:
3e:11:cb:78:fa:01:fb:01:66:63:f7:43:82:24:c3:
c8:48:67:e1:75:85:73:4d:be:80:34:a0:54:16:dd:
04:b0:57:21:4a:f1:42:d0:d3:a4:67:ee:f5:83:42:
7d:03:aa:86:29:82:34:0c:08:c0:e4:0c:fe:46:91:
0e:3a:8c:a7:b8:ea:fe:d6:f1:1d:c6:b7:2b:df:f7:
4d:4b:30:78:31:fd:24:49:01:08:26:53:6b:b1:ac:
96:b3:79:a7:9d:ca:e7:bc:bf:2d:21:f0:fe:58:c0:
5d:c9:0d:13:b1:1e:72:ec:b6:82:25:df:68:83:04:
7b:e8:4c:e8:de:6e:97:d3:a3:d3:d6:c6:3c:11:ed:
8c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:35:2D:86:7E:DE:8D:E1:BA:E3:0E:E0:AE:9B:5D:4A:35:25:5C:A1
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/9TUthn7ejeG64w7grptdSjUlXKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f47::/32
Signature Algorithm: sha256WithRSAEncryption
bb:92:78:76:7c:e2:40:09:a5:18:92:59:4b:36:fe:23:2a:ec:
e6:b2:aa:ab:aa:c0:00:1c:32:7b:73:58:2a:1e:8c:aa:52:90:
40:43:84:30:e0:8f:a5:3f:d4:00:1c:73:c1:7a:ab:bd:be:3d:
b8:43:c5:b0:09:96:e1:7a:2c:08:be:13:b6:7a:c5:b1:17:ae:
5c:ec:67:5e:6e:ea:9d:f0:fb:31:4b:79:18:35:16:d9:39:0e:
cd:d7:e7:df:99:d1:7d:58:c9:43:3b:fd:ac:ec:13:a2:65:73:
2b:e0:d4:f6:12:43:d6:2e:77:f7:b1:41:29:43:d3:99:56:4b:
65:42:81:68:39:e8:84:0d:ed:b9:12:b9:95:8c:64:46:64:32:
85:a1:e7:56:b9:c2:3f:f6:ee:9b:8d:ca:13:7e:0b:f4:30:b7:
57:24:dc:71:64:6f:87:3a:b8:27:59:4f:9a:f6:c9:95:81:3c:
85:6e:39:fb:cd:96:ae:aa:a5:07:56:17:08:fc:96:ef:73:6a:
0d:bb:02:77:24:25:ea:bd:03:e4:6b:bd:2c:45:3f:97:9a:38:
23:02:27:24:45:ef:3b:c4:70:b3:a7:9d:22:5e:c1:da:08:3d:
a5:25:8a:2b:55:ce:6b:55:92:33:48:76:6b:65:b1:9f:50:41:
c1:33:f2:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntmfXv/fvWxrz6zZaVEqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMTAyMTU1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM1MmQ4NjdlZGU4ZGUxYmFlMzBlZTBhZTliNWQ0YTM1MjU1Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunxhfetQ3n+ggn5EmfeC+K4NcRsk
Sejxxko25fJhYDNGbehahkkdCpcz1Q/18moIE2LiaKl+MMBrFHpKMtRD0Uqr9vWI
mM9WNXiszs6yuuaOict2dhZe65AL4bO+etXQ/NxXCHn307XmzeoVinj4fxhwKuAS
ZRY+Ect4+gH7AWZj90OCJMPISGfhdYVzTb6ANKBUFt0EsFchSvFC0NOkZ+71g0J9
A6qGKYI0DAjA5Az+RpEOOoynuOr+1vEdxrcr3/dNSzB4Mf0kSQEIJlNrsayWs3mn
ncrnvL8tIfD+WMBdyQ0TsR5y7LaCJd9ogwR76Ezo3m6X06PT1sY8Ee2MuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPU1LYZ+3o3huuMO4K6bXUo1JVyhMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvOVRVdGhuN2VqZUc2NHc3Z3JwdGRTalVsWEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/RzAN
BgkqhkiG9w0BAQsFAAOCAQEAu5J4dnziQAmlGJJZSzb+Iyrs5rKqq6rAABwye3NY
Kh6MqlKQQEOEMOCPpT/UABxzwXqrvb49uEPFsAmW4XosCL4TtnrFsReuXOxnXm7q
nfD7MUt5GDUW2TkOzdfn35nRfVjJQzv9rOwTomVzK+DU9hJD1i5397FBKUPTmVZL
ZUKBaDnohA3tuRK5lYxkRmQyhaHnVrnCP/bum43KE34L9DC3VyTccWRvhzq4J1lP
mvbJlYE8hW45+82WrqqlB1YXCPyW73NqDbsCdyQl6r0D5Gu9LEU/l5o4IwInJEXv
O8Rws6edIl7B2gg9pSWKK1XOa1WSM0h2a2Wxn1BBwTPyYw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:08:38 2025 by rpki-client