Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/9Q-NdJDCXQ1XmrEAE-lP2zBoayY.roa
File: 9Q-NdJDCXQ1XmrEAE-lP2zBoayY.roa (raw, json)
Hash identifier: +Im3xTBQVkvjhG+2ajd3TN9gQ/Fazje3kNWdcPVXyNc=
Subject key identifier: F5:0F:8D:74:90:C2:5D:0D:57:9A:B1:00:13:E9:4F:DB:30:68:6B:26
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01942445924F80A606E4DC09CE19660B8AA6
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/9Q-NdJDCXQ1XmrEAE-lP2zBoayY.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199018
IP address blocks: 2a05:4140:25::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Jan 2025 17:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:92:4f:80:a6:06:e4:dc:09:ce:19:66:0b:8a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f50f8d7490c25d0d579ab10013e94fdb30686b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6c:cd:b2:4a:ad:4f:03:6f:3d:40:ae:db:6b:
7b:99:e2:8d:1b:91:3e:ac:2f:3e:25:f7:b0:50:da:
43:73:4d:8a:83:dc:ef:c2:f1:f9:30:3b:41:fe:45:
16:94:65:ee:9f:9f:81:24:2d:e4:23:a2:78:21:2a:
97:34:9a:c5:6e:b4:67:a6:11:8e:32:c0:63:f0:a6:
ed:d2:0a:60:7f:c1:61:b1:99:b6:39:c6:cd:2b:5f:
e1:a0:72:d8:49:7d:68:90:9a:79:92:c8:25:15:e1:
0a:9d:73:f8:37:73:c1:9d:e2:27:a1:1d:d9:ea:a6:
29:73:37:ff:d4:0a:69:53:4a:6e:f8:8d:1a:6e:23:
f7:b6:bd:8e:9b:7b:77:8f:df:fe:1b:56:51:5b:77:
d2:aa:d5:6c:39:d8:13:61:96:7c:52:1a:49:b7:1b:
2e:f7:00:a4:4a:5e:65:b7:45:f0:ef:09:cd:5e:33:
99:d9:7e:57:15:f7:25:b0:05:23:3f:15:45:a8:82:
87:01:cc:68:b4:79:bb:a4:43:7a:a8:d3:65:fe:13:
0b:de:0f:c6:fb:44:36:14:3e:70:75:86:dc:69:be:
1b:20:fe:92:61:48:7d:9a:cc:ad:cd:e2:37:6e:2f:
cf:b8:2d:cf:a7:bb:83:9a:50:09:61:57:11:ff:a8:
4d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0F:8D:74:90:C2:5D:0D:57:9A:B1:00:13:E9:4F:DB:30:68:6B:26
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/9Q-NdJDCXQ1XmrEAE-lP2zBoayY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:25::/48
Signature Algorithm: sha256WithRSAEncryption
7e:80:ad:81:81:33:b9:d4:97:fa:b4:45:b3:8a:6f:30:96:50:
70:ef:13:d7:97:b6:d4:72:9a:a8:97:45:7c:be:e4:3e:43:89:
35:03:ba:0d:36:97:e8:f1:ff:2e:de:6f:f3:43:d6:5f:a8:f7:
04:64:6d:e9:36:0e:eb:35:e8:22:ed:a5:17:f5:2f:ea:01:bc:
63:5c:23:ca:e2:aa:89:63:dc:61:11:20:5b:b8:a9:bb:8e:7c:
7e:c5:28:14:0c:c4:a7:1d:21:2a:fa:8d:1c:75:64:dc:c8:dc:
d6:d0:a2:3d:fa:3a:45:45:c4:d0:68:e6:34:69:60:3c:9b:cd:
dd:73:b7:b4:4e:77:e9:ea:04:ed:31:be:7f:05:62:db:7e:84:
f1:b0:0f:2a:4b:6f:4d:62:0e:9b:6e:81:cd:90:d1:77:0f:1f:
dc:59:bb:9a:4e:8d:fe:85:53:57:69:ec:a3:1e:1d:a7:e3:90:
e7:b8:10:63:dc:cb:80:87:8d:bf:b2:28:4a:ff:16:41:40:00:
60:1c:9c:db:5a:5d:5d:c5:ec:a6:05:88:89:6d:bb:2a:78:c0:
5a:fb:87:3c:fc:ba:8c:a8:11:25:f6:8c:2b:22:63:66:bd:fb:
34:ed:45:df:fe:31:85:5a:f1:c5:d7:39:63:2a:c5:4b:10:72:
f1:58:93:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRZJPgKYG5NwJzhlmC4qmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBmOGQ3NDkwYzI1ZDBkNTc5YWIxMDAxM2U5NGZkYjMwNjg2YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWzNskqtTwNvPUCu22t7meKNG5E+
rC8+JfewUNpDc02Kg9zvwvH5MDtB/kUWlGXun5+BJC3kI6J4ISqXNJrFbrRnphGO
MsBj8Kbt0gpgf8FhsZm2OcbNK1/hoHLYSX1okJp5ksglFeEKnXP4N3PBneInoR3Z
6qYpczf/1AppU0pu+I0abiP3tr2Om3t3j9/+G1ZRW3fSqtVsOdgTYZZ8UhpJtxsu
9wCkSl5lt0Xw7wnNXjOZ2X5XFfclsAUjPxVFqIKHAcxotHm7pEN6qNNl/hML3g/G
+0Q2FD5wdYbcab4bIP6SYUh9msytzeI3bi/PuC3Pp7uDmlAJYVcR/6hNIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPUPjXSQwl0NV5qxABPpT9swaGsmMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvOVEtTmRKRENYUTFYbXJFQUUtbFAyekJvYXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVBQAAl
MA0GCSqGSIb3DQEBCwUAA4IBAQB+gK2BgTO51Jf6tEWzim8wllBw7xPXl7bUcpqo
l0V8vuQ+Q4k1A7oNNpfo8f8u3m/zQ9ZfqPcEZG3pNg7rNegi7aUX9S/qAbxjXCPK
4qqJY9xhESBbuKm7jnx+xSgUDMSnHSEq+o0cdWTcyNzW0KI9+jpFRcTQaOY0aWA8
m83dc7e0Tnfp6gTtMb5/BWLbfoTxsA8qS29NYg6bboHNkNF3Dx/cWbuaTo3+hVNX
aeyjHh2n45DnuBBj3MuAh42/sihK/xZBQABgHJzbWl1dxeymBYiJbbsqeMBa+4c8
/LqMqBEl9owrImNmvfs07UXf/jGFWvHF1zljKsVLEHLxWJOE
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:46:37 2025 by rpki-client