Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/fn9o-7nym2eUgv-OOnBIZmgYc0Y.roa
File: fn9o-7nym2eUgv-OOnBIZmgYc0Y.roa (raw, json)
Hash identifier: cwqaEd8z7/G3anvUD+WytjNORR+ulOHIoDcY8oon7xI=
Subject key identifier: 7E:7F:68:FB:B9:F2:9B:67:94:82:FF:8E:3A:70:48:66:68:18:73:46
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DB7E054FE2D8AC8E228669D738D3
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/fn9o-7nym2eUgv-OOnBIZmgYc0Y.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199186
IP address blocks: 2a0a:280:2c00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:db:7e:05:4f:e2:d8:ac:8e:22:86:69:d7:38:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e7f68fbb9f29b679482ff8e3a70486668187346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c7:e3:e8:72:39:87:ce:81:66:3c:b9:eb:96:
a2:3a:cc:35:af:d5:3d:db:28:55:74:9b:53:01:89:
2d:ba:79:59:48:53:83:42:c0:0b:43:fc:26:d9:3a:
14:bb:62:eb:bf:55:81:3b:d0:62:00:7c:67:39:48:
61:d6:78:23:6f:91:91:03:40:84:61:ff:80:c1:11:
09:e1:be:41:94:07:d3:9e:9b:a5:02:ae:55:47:ed:
16:a8:9a:78:14:02:bb:e1:f8:4b:35:6a:ec:6c:87:
ac:0a:f7:3d:bf:0a:81:75:59:74:73:09:5d:72:2b:
d2:fb:f6:c5:d9:16:c5:3b:15:fe:70:85:ca:7e:6e:
80:08:16:e9:72:81:ce:54:f2:09:7f:8f:fd:d2:42:
a7:e8:80:18:cb:92:84:79:95:d9:d8:e7:a2:cf:e8:
12:ba:8e:79:ec:79:27:76:96:72:7a:d6:ec:89:3d:
69:50:92:30:f8:f2:ba:4b:f3:70:60:0c:98:07:cc:
74:4b:9d:fa:ea:da:14:43:76:13:80:fb:4b:9f:24:
d3:1c:c1:1f:1f:ef:d0:18:f0:bd:f7:9a:fa:9e:be:
84:b5:dd:fa:86:ef:37:c4:4e:4e:9a:e0:fb:75:ca:
bb:d5:ef:18:16:87:63:1e:7d:fe:78:ea:c7:09:78:
7a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7F:68:FB:B9:F2:9B:67:94:82:FF:8E:3A:70:48:66:68:18:73:46
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/fn9o-7nym2eUgv-OOnBIZmgYc0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2c00::/40
Signature Algorithm: sha256WithRSAEncryption
15:43:d0:14:52:59:3d:e3:fd:be:a7:3b:a2:d6:1c:ca:4e:3f:
5a:11:5c:18:8c:cf:90:2d:ec:fc:0e:15:e7:71:02:28:78:84:
93:3f:74:1a:21:f0:14:84:a6:eb:b8:b1:f3:cf:0c:54:ef:88:
5f:45:fe:35:57:32:08:3d:2b:ce:29:1c:81:52:fd:61:7d:8f:
21:e2:44:16:9f:14:e0:ed:14:fe:ed:d0:9f:db:46:88:a3:0d:
67:58:bf:7a:60:78:a0:e2:11:34:53:37:6c:23:7f:1c:3e:5b:
47:d4:75:e2:71:b0:58:e8:54:84:e3:cf:35:41:77:2a:2d:29:
99:45:b8:a4:dc:26:fc:7d:0c:16:79:4f:06:93:96:69:94:9c:
54:19:32:87:2e:9a:7f:08:67:6d:ac:ad:ef:48:1c:d1:30:02:
7d:08:df:f5:ea:7d:2c:7d:9a:94:d1:ad:54:a5:41:93:3d:df:
f0:32:fa:f3:fb:e0:f9:33:c2:65:19:92:31:02:b2:77:38:1e:
89:7b:7b:6c:d2:25:55:ba:17:3f:99:6c:6c:1d:b1:64:57:d2:
e8:dc:25:47:30:3d:09:70:1b:3a:11:e0:a4:d3:5e:e8:b9:3f:
7e:9e:3e:5a:57:df:5a:b1:fa:de:28:d0:39:5d:39:7b:5f:9c:
ee:07:38:05
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIdt+BU/i2KyOIoZp1zjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdmNjhmYmI5ZjI5YjY3OTQ4MmZmOGUzYTcwNDg2NjY4MTg3MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMfj6HI5h86BZjy565aiOsw1r9U9
2yhVdJtTAYktunlZSFODQsALQ/wm2ToUu2Lrv1WBO9BiAHxnOUhh1ngjb5GRA0CE
Yf+AwREJ4b5BlAfTnpulAq5VR+0WqJp4FAK74fhLNWrsbIesCvc9vwqBdVl0cwld
civS+/bF2RbFOxX+cIXKfm6ACBbpcoHOVPIJf4/90kKn6IAYy5KEeZXZ2Oeiz+gS
uo557HkndpZyetbsiT1pUJIw+PK6S/NwYAyYB8x0S5366toUQ3YTgPtLnyTTHMEf
H+/QGPC995r6nr6Etd36hu83xE5OmuD7dcq71e8YFodjHn3+eOrHCXh6HQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH5/aPu58ptnlIL/jjpwSGZoGHNGMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvZm45by03bnltMmVVZ3YtT09uQklabWdZYzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCww
DQYJKoZIhvcNAQELBQADggEBABVD0BRSWT3j/b6nO6LWHMpOP1oRXBiMz5At7PwO
FedxAih4hJM/dBoh8BSEpuu4sfPPDFTviF9F/jVXMgg9K84pHIFS/WF9jyHiRBaf
FODtFP7t0J/bRoijDWdYv3pgeKDiETRTN2wjfxw+W0fUdeJxsFjoVITjzzVBdyot
KZlFuKTcJvx9DBZ5TwaTlmmUnFQZMocumn8IZ22sre9IHNEwAn0I3/XqfSx9mpTR
rVSlQZM93/Ay+vP74PkzwmUZkjECsnc4Hol7e2zSJVW6Fz+ZbGwdsWRX0ujcJUcw
PQlwGzoR4KTTXui5P36ePlpX31qx+t4o0DldOXtfnO4HOAU=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:38 2025 by rpki-client