Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/fN12OcyCjHI3ANnN9syTUVCDBv4.roa
File: fN12OcyCjHI3ANnN9syTUVCDBv4.roa (raw, json)
Hash identifier: Wo5l8OzC0nnRSA7NyDC2hCQ8QmfyhXiJRY26/wVQink=
Subject key identifier: 7C:DD:76:39:CC:82:8C:72:37:00:D9:CD:F6:CC:93:51:50:83:06:FE
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0194A8299D42D9AC572EFCA55EA31389C6BC
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/fN12OcyCjHI3ANnN9syTUVCDBv4.roa
Signing time: Mon 27 Jan 2025 14:28:06 +0000
ROA not before: Mon 27 Jan 2025 14:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9924
IP address blocks: 2.21.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 27 Mar 2025 09:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:29:9d:42:d9:ac:57:2e:fc:a5:5e:a3:13:89:c6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 27 14:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cdd7639cc828c723700d9cdf6cc9351508306fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:50:89:f9:53:23:f1:69:1f:a4:54:ef:ca:
c9:bd:57:f0:13:dd:07:12:44:fe:12:89:f2:3d:28:
78:70:4b:60:00:2d:95:75:d6:85:ce:16:1a:c9:5f:
88:7c:f2:6d:84:0a:89:5d:ca:ec:9c:c3:ab:fb:ca:
10:68:d5:08:d4:a5:a0:24:bf:30:03:86:06:af:77:
f8:4e:e6:c6:5e:41:63:a2:3c:c2:28:2c:6c:67:75:
7c:1b:bd:f0:d2:56:dd:47:02:7c:04:6e:f7:a9:88:
7d:d1:93:c2:37:c7:cf:2e:c5:21:ce:80:91:c6:a9:
07:33:cb:6a:b3:94:53:d7:73:f3:d4:77:9b:8c:71:
5b:8c:d5:b0:58:a7:35:f9:b4:36:29:a8:fd:42:5d:
31:16:69:4a:8f:fe:b1:6e:23:31:f7:45:a6:ab:b9:
f5:6d:c2:ce:72:1d:4f:87:88:54:3a:7d:56:a5:39:
82:de:da:18:f0:77:c5:11:a8:94:08:b0:8f:0d:b1:
ab:ed:6a:6f:51:a1:7a:01:ef:1a:1e:f0:9f:67:53:
6c:87:8d:63:44:6f:4e:5c:de:a0:3d:bc:28:70:29:
f2:0c:c7:1d:c5:83:e5:8c:f1:df:c1:02:a4:27:c4:
60:6c:f6:6b:b1:c7:81:09:d7:f4:7f:19:d9:01:5d:
bb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DD:76:39:CC:82:8C:72:37:00:D9:CD:F6:CC:93:51:50:83:06:FE
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/fN12OcyCjHI3ANnN9syTUVCDBv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.21.16.0/22
Signature Algorithm: sha256WithRSAEncryption
78:fe:df:3a:54:c2:3d:ec:9f:90:f3:77:05:1d:dc:83:8e:ab:
68:25:fd:c7:4b:45:ab:ed:4d:9f:99:7b:46:8f:d2:86:d1:b2:
6f:fb:1f:39:06:ff:a2:84:80:f2:b3:a7:3d:bf:34:7f:5b:05:
95:e8:d4:f4:45:52:53:0a:46:1f:a3:45:8c:15:9c:3c:d6:e2:
45:3c:66:55:42:13:89:5d:00:2a:47:76:3e:de:27:23:d9:99:
f5:2a:1c:f7:1e:ac:a0:02:f3:29:cf:38:ea:2e:4f:e6:6f:34:
43:d4:90:4e:56:e6:33:39:e1:43:12:0c:d7:b4:db:b4:02:6c:
ae:89:bb:65:af:72:fc:6b:17:db:28:48:b4:ff:d0:31:14:74:
32:67:a7:5a:65:ef:5f:47:69:5a:07:c0:7c:f3:c1:c7:38:2b:
f5:4b:0d:01:6a:21:5f:1f:92:21:9e:e4:8a:db:43:0d:8c:a9:
99:ae:62:44:3d:78:c1:e7:5a:fa:08:af:68:3c:71:3d:bb:ce:
54:13:c1:11:8c:59:33:28:11:c3:10:8a:2f:7d:4d:77:1e:e4:
33:c1:13:98:32:ce:59:d7:aa:30:7d:19:55:b4:29:d0:37:6c:
21:6b:7a:8b:18:fd:15:ff:7f:4e:c9:27:54:fe:5e:3d:06:a7:
25:3a:ad:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSoKZ1C2axXLvylXqMTica8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTI3MTQyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2RkNzYzOWNjODI4YzcyMzcwMGQ5Y2RmNmNjOTM1MTUwODMwNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfNQiflTI/FpH6RU78rJvVfwE90H
EkT+EonyPSh4cEtgAC2VddaFzhYayV+IfPJthAqJXcrsnMOr+8oQaNUI1KWgJL8w
A4YGr3f4TubGXkFjojzCKCxsZ3V8G73w0lbdRwJ8BG73qYh90ZPCN8fPLsUhzoCR
xqkHM8tqs5RT13Pz1HebjHFbjNWwWKc1+bQ2Kaj9Ql0xFmlKj/6xbiMx90Wmq7n1
bcLOch1Ph4hUOn1WpTmC3toY8HfFEaiUCLCPDbGr7WpvUaF6Ae8aHvCfZ1Nsh41j
RG9OXN6gPbwocCnyDMcdxYPljPHfwQKkJ8RgbPZrsceBCdf0fxnZAV27BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzddjnMgoxyNwDZzfbMk1FQgwb+MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZk4xMk9jeUNqSEkzQU5uTjlzeVRVVkNEQnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAhUQMA0G
CSqGSIb3DQEBCwUAA4IBAQB4/t86VMI97J+Q83cFHdyDjqtoJf3HS0Wr7U2fmXtG
j9KG0bJv+x85Bv+ihIDys6c9vzR/WwWV6NT0RVJTCkYfo0WMFZw81uJFPGZVQhOJ
XQAqR3Y+3icj2Zn1Khz3HqygAvMpzzjqLk/mbzRD1JBOVuYzOeFDEgzXtNu0Amyu
ibtlr3L8axfbKEi0/9AxFHQyZ6daZe9fR2laB8B888HHOCv1Sw0BaiFfH5IhnuSK
20MNjKmZrmJEPXjB51r6CK9oPHE9u85UE8ERjFkzKBHDEIovfU13HuQzwROYMs5Z
16owfRlVtCnQN2wha3qLGP0V/39OySdU/l49BqclOq1I
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:39:08 2025 by rpki-client