Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/mdNMa3MmlrbqWtHhoDQQmvDkPg4.roa
File: mdNMa3MmlrbqWtHhoDQQmvDkPg4.roa (raw, json)
Hash identifier: avNXhB5QKZa4DcO2xZRp4g6IGCKnD1bkWZcUMuvImBk=
Subject key identifier: 99:D3:4C:6B:73:26:96:B6:EA:5A:D1:E1:A0:34:10:9A:F0:E4:3E:0E
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01956D19278AF6B36F796C4553A1B55137CA
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/mdNMa3MmlrbqWtHhoDQQmvDkPg4.roa
Signing time: Thu 06 Mar 2025 20:15:19 +0000
ROA not before: Thu 06 Mar 2025 20:15:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 2a12:3b42::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Mar 2025 17:41:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:19:27:8a:f6:b3:6f:79:6c:45:53:a1:b5:51:37:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Mar 6 20:15:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99d34c6b732696b6ea5ad1e1a034109af0e43e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1d:1d:40:68:1b:e4:3e:cf:e7:1b:09:2d:a8:
76:69:42:d9:5b:3d:01:4c:5b:12:b1:02:c8:65:82:
37:f8:ed:7d:d9:46:a5:07:0c:ee:97:fe:d7:20:26:
c4:8c:de:9a:9d:8d:d5:9f:e7:ee:c6:fc:67:6b:6c:
41:d3:12:8f:f3:40:e1:63:a0:69:14:6c:56:ba:60:
67:1f:64:4f:b9:a7:be:44:2f:af:77:8f:fc:b6:db:
8a:a7:a7:d7:d9:5c:3d:7e:5f:ce:10:60:ad:c0:44:
11:a4:65:03:7e:ee:4c:b5:b6:15:b1:cc:5d:47:75:
a9:1a:9c:c3:00:56:fd:09:ad:f3:fa:83:e4:28:c3:
3b:d5:f8:4e:b3:75:a1:04:09:81:33:9f:91:74:9b:
fd:dc:60:1d:61:9a:65:00:17:1a:df:fc:f4:ff:f3:
c0:24:76:23:8f:d4:17:31:ba:a7:87:40:f3:a8:24:
0d:1d:fb:52:ac:1f:9a:43:43:6f:5b:5e:b0:d1:19:
5e:86:b3:f5:a8:6f:3b:b5:95:59:c4:af:74:ea:04:
2c:b5:99:41:70:f3:23:8f:7e:75:68:e1:a8:b5:11:
c4:ee:7c:47:59:c4:89:20:00:4b:dc:db:65:d8:a3:
cb:03:20:80:3b:9e:45:40:e5:d9:a2:bf:43:c2:9c:
83:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D3:4C:6B:73:26:96:B6:EA:5A:D1:E1:A0:34:10:9A:F0:E4:3E:0E
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/mdNMa3MmlrbqWtHhoDQQmvDkPg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3b42::/32
Signature Algorithm: sha256WithRSAEncryption
23:13:e3:03:2d:b4:9c:e2:a5:74:c7:4b:e9:20:71:8c:ec:2f:
61:62:06:ee:27:56:02:e7:12:bb:5f:bc:bb:31:c0:86:6d:55:
eb:40:93:c6:86:e8:a5:b7:6e:59:aa:2f:8c:1e:a2:31:76:50:
a3:47:6a:9e:f0:71:95:e8:eb:8c:77:e0:f2:22:d5:a9:37:42:
17:7f:db:79:77:36:13:df:2c:29:a9:05:ca:4f:f9:c8:b4:a5:
be:d9:f2:bb:b3:7e:70:fd:da:95:87:ac:3d:a2:e8:0b:09:55:
8f:42:23:73:c3:0f:df:61:e3:00:e5:3b:22:e9:46:a9:d1:df:
1c:5f:ef:d3:9b:96:de:f0:a3:04:e5:06:dc:d6:c4:78:f8:84:
7b:bc:45:58:21:dc:44:59:5e:41:e1:52:f1:ab:88:05:68:21:
12:9f:d0:af:4a:af:4a:09:86:82:39:66:f3:cf:f5:70:d2:8d:
c4:9e:61:ab:06:d7:42:33:5b:87:f9:47:d9:00:89:53:80:00:
8b:8e:08:9d:e2:e8:20:aa:78:7b:d4:48:24:ff:e1:37:93:6d:
a7:28:cf:1f:73:0c:0d:e2:8f:30:49:bf:70:70:07:90:9d:0b:
23:04:eb:6f:d8:ad:85:8c:ad:95:41:ff:13:91:b7:ee:fd:ff:
23:71:7c:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVtGSeK9rNveWxFU6G1UTfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMzA2MjAxNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQzNGM2YjczMjY5NmI2ZWE1YWQxZTFhMDM0MTA5YWYwZTQzZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x0dQGgb5D7P5xsJLah2aULZWz0B
TFsSsQLIZYI3+O192UalBwzul/7XICbEjN6anY3Vn+fuxvxna2xB0xKP80DhY6Bp
FGxWumBnH2RPuae+RC+vd4/8ttuKp6fX2Vw9fl/OEGCtwEQRpGUDfu5MtbYVscxd
R3WpGpzDAFb9Ca3z+oPkKMM71fhOs3WhBAmBM5+RdJv93GAdYZplABca3/z0//PA
JHYjj9QXMbqnh0DzqCQNHftSrB+aQ0NvW16w0RlehrP1qG87tZVZxK906gQstZlB
cPMjj351aOGotRHE7nxHWcSJIABL3Ntl2KPLAyCAO55FQOXZor9DwpyDQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJnTTGtzJpa26lrR4aA0EJrw5D4OMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvbWROTWEzTW1scmJxV3RIaG9EUVFtdkRrUGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhI7QjAN
BgkqhkiG9w0BAQsFAAOCAQEAIxPjAy20nOKldMdL6SBxjOwvYWIG7idWAucSu1+8
uzHAhm1V60CTxobopbduWaovjB6iMXZQo0dqnvBxlejrjHfg8iLVqTdCF3/beXc2
E98sKakFyk/5yLSlvtnyu7N+cP3alYesPaLoCwlVj0Ijc8MP32HjAOU7IulGqdHf
HF/v05uW3vCjBOUG3NbEePiEe7xFWCHcRFleQeFS8auIBWghEp/Qr0qvSgmGgjlm
88/1cNKNxJ5hqwbXQjNbh/lH2QCJU4AAi44IneLoIKp4e9RIJP/hN5NtpyjPH3MM
DeKPMEm/cHAHkJ0LIwTrb9ithYytlUH/E5G37v3/I3F8cg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:08 2025 by rpki-client