Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/11c411-a775-4868-9d27-590f540c456d/1/ssGxCiecqdTjEP_DrGombSqxpww.roa
File: ssGxCiecqdTjEP_DrGombSqxpww.roa (raw, json)
Hash identifier: pe/QSYTgPFgbge/qo82UoRRFar8fYznNdqRi/KVa34g=
Subject key identifier: B2:C1:B1:0A:27:9C:A9:D4:E3:10:FF:C3:AC:6A:26:6D:2A:B1:A7:0C
Certificate issuer: /CN=bbf7bc6c7c93a3cfb1e25bbbefc4f207ae25bda5
Certificate serial: 01942748361FE6EA99EF3289E8B0C57E9E03
Authority key identifier: BB:F7:BC:6C:7C:93:A3:CF:B1:E2:5B:BB:EF:C4:F2:07:AE:25:BD:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_e8bHyTo8-x4lu778TyB64lvaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/11c411-a775-4868-9d27-590f540c456d/1/ssGxCiecqdTjEP_DrGombSqxpww.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199474
IP address blocks: 2a13:b180::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 10 Jan 2025 13:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:36:1f:e6:ea:99:ef:32:89:e8:b0:c5:7e:9e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbf7bc6c7c93a3cfb1e25bbbefc4f207ae25bda5
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2c1b10a279ca9d4e310ffc3ac6a266d2ab1a70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:5a:bc:45:4b:91:e5:ed:eb:68:88:79:47:
ce:5c:c1:b1:db:11:04:86:93:64:91:df:8d:7f:71:
fd:8a:a3:1c:2b:72:15:c2:0b:3b:fc:fc:56:2f:02:
75:fc:78:b9:ae:94:48:bd:f5:e3:19:f5:e9:e8:32:
1e:38:74:c2:30:f7:97:65:c6:17:0a:81:28:2e:dc:
f1:82:bd:fb:a6:08:8f:41:16:c0:3e:a2:29:a3:5c:
17:7b:e4:54:c6:b0:42:39:23:9b:3f:80:7e:ce:7b:
96:74:b8:06:5b:bb:a2:72:fb:3c:03:5c:61:66:92:
6a:0c:dd:d4:b5:76:97:9b:34:df:0a:1e:e8:8e:87:
44:6b:c3:c1:73:58:9d:de:a5:32:35:37:66:83:d5:
b8:b1:29:b0:a3:2f:27:96:fd:56:0c:28:50:0b:5b:
4f:9f:11:21:4a:e2:43:ef:f7:1f:aa:18:d3:9f:9e:
a5:61:3b:8c:d0:00:72:ba:9a:2e:2d:a5:6d:0e:21:
26:f6:43:df:9f:b7:c7:4d:5b:0e:e0:c0:07:64:fc:
42:db:fc:b5:05:ee:20:d6:7b:0d:85:4a:8e:a2:eb:
e2:ba:9e:d5:8f:d2:e9:90:a2:4d:67:bd:0e:cc:05:
39:02:80:b5:b9:5f:c4:cf:15:d9:ae:84:31:9d:dc:
68:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C1:B1:0A:27:9C:A9:D4:E3:10:FF:C3:AC:6A:26:6D:2A:B1:A7:0C
X509v3 Authority Key Identifier:
keyid:BB:F7:BC:6C:7C:93:A3:CF:B1:E2:5B:BB:EF:C4:F2:07:AE:25:BD:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_e8bHyTo8-x4lu778TyB64lvaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/11c411-a775-4868-9d27-590f540c456d/1/ssGxCiecqdTjEP_DrGombSqxpww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/11c411-a775-4868-9d27-590f540c456d/1/u_e8bHyTo8-x4lu778TyB64lvaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b180::/29
Signature Algorithm: sha256WithRSAEncryption
86:b8:b1:9c:76:f2:54:19:b4:c6:7a:50:eb:ec:cf:2b:08:bb:
d2:ce:97:86:75:e5:67:10:fa:9e:fb:92:73:e3:9b:63:3f:06:
08:cb:ab:9d:65:57:e4:6b:96:a5:ae:78:07:55:4a:d2:39:7d:
dc:e7:2e:22:73:f6:27:bd:4e:a2:93:4f:9d:58:c1:76:9a:18:
49:f9:43:d7:b7:00:59:fc:22:d4:d6:79:6b:ce:bd:7f:8c:49:
56:f7:86:3a:3b:f2:59:26:10:07:db:98:a8:73:be:36:e5:3c:
ca:12:a4:c0:dc:b3:9d:85:27:35:a3:30:73:b8:8e:26:8d:ed:
ef:8a:4b:5d:c2:f1:d7:a8:bd:28:27:52:c4:c0:e0:01:e4:4b:
07:a7:e9:bb:b8:38:53:68:36:1c:60:a9:b6:dc:26:b0:be:5b:
a2:80:b6:45:0a:4e:d9:8b:d8:f2:4a:14:1b:ce:9e:b3:fc:08:
b9:c7:79:82:9f:53:59:43:62:b3:e3:e6:9d:f7:2f:71:4e:13:
b4:5e:20:93:8a:31:14:4e:fc:34:30:e0:9e:65:08:38:67:34:
d6:b1:ef:4f:29:cd:dd:65:47:53:e4:a7:32:2a:08:f8:cc:52:
98:c9:6b:7d:07:1f:3e:0e:39:e4:82:f1:10:55:11:3a:97:b8:
1a:48:f6:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSDYf5uqZ7zKJ6LDFfp4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZjdiYzZjN2M5M2EzY2ZiMWUyNWJiYmVmYzRmMjA3YWUy
NWJkYTUwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmMxYjEwYTI3OWNhOWQ0ZTMxMGZmYzNhYzZhMjY2ZDJhYjFhNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQdavEVLkeXt62iIeUfOXMGx2xEE
hpNkkd+Nf3H9iqMcK3IVwgs7/PxWLwJ1/Hi5rpRIvfXjGfXp6DIeOHTCMPeXZcYX
CoEoLtzxgr37pgiPQRbAPqIpo1wXe+RUxrBCOSObP4B+znuWdLgGW7uicvs8A1xh
ZpJqDN3UtXaXmzTfCh7ojodEa8PBc1id3qUyNTdmg9W4sSmwoy8nlv1WDChQC1tP
nxEhSuJD7/cfqhjTn56lYTuM0AByupouLaVtDiEm9kPfn7fHTVsO4MAHZPxC2/y1
Be4g1nsNhUqOouviup7Vj9LpkKJNZ70OzAU5AoC1uV/EzxXZroQxndxorQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLLBsQonnKnU4xD/w6xqJm0qsacMMB8GA1UdIwQY
MBaAFLv3vGx8k6PPseJbu+/E8geuJb2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9lOGJIeVRvOC14NGx1Nzc4VHlCNjRsdmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xMWM0MTEtYTc3NS00ODY4LTlkMjct
NTkwZjU0MGM0NTZkLzEvc3NHeENpZWNxZFRqRVBfRHJHb21iU3F4cHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xMWM0MTEtYTc3NS00ODY4LTlkMjctNTkwZjU0MGM0NTZk
LzEvdV9lOGJIeVRvOC14NGx1Nzc4VHlCNjRsdmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOxgDAN
BgkqhkiG9w0BAQsFAAOCAQEAhrixnHbyVBm0xnpQ6+zPKwi70s6XhnXlZxD6nvuS
c+ObYz8GCMurnWVX5GuWpa54B1VK0jl93OcuInP2J71OopNPnVjBdpoYSflD17cA
Wfwi1NZ5a869f4xJVveGOjvyWSYQB9uYqHO+NuU8yhKkwNyznYUnNaMwc7iOJo3t
74pLXcLx16i9KCdSxMDgAeRLB6fpu7g4U2g2HGCpttwmsL5booC2RQpO2YvY8koU
G86es/wIucd5gp9TWUNis+PmnfcvcU4TtF4gk4oxFE78NDDgnmUIOGc01rHvTynN
3WVHU+SnMioI+MxSmMlrfQcfPg455ILxEFUROpe4Gkj2Yw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:48:38 2025 by rpki-client