Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IYeUhnaTqso96wys6i-MA2HHOYc.roa
File: IYeUhnaTqso96wys6i-MA2HHOYc.roa (raw, json)
Hash identifier: BqJ7w90AynSR8hSkG9aovkIvI2vpVQ4c/UaYI+A2MWY=
Subject key identifier: 21:87:94:86:76:93:AA:CA:3D:EB:0C:AC:EA:2F:8C:03:61:C7:39:87
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01957F72BB1F7178916D4113D6E1EDC67ED7
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IYeUhnaTqso96wys6i-MA2HHOYc.roa
Signing time: Mon 10 Mar 2025 09:46:20 +0000
ROA not before: Mon 10 Mar 2025 09:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:b385::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Mar 2025 18:39:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:72:bb:1f:71:78:91:6d:41:13:d6:e1:ed:c6:7e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 10 09:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218794867693aaca3deb0cacea2f8c0361c73987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e9:df:6e:a2:08:63:6b:20:57:e9:0d:8d:14:
72:37:3f:bf:a3:39:7e:c2:30:a3:d0:c3:db:b5:bc:
86:5e:de:c9:f3:29:a6:17:b1:54:6a:a9:ad:5b:8e:
ec:94:bd:e8:e1:4c:50:0f:6b:80:51:f0:d1:b7:59:
77:bf:82:96:c1:d1:cf:81:7c:4e:72:13:a7:4b:9e:
35:1b:7a:50:89:01:3e:4b:93:a5:86:8e:3c:ca:dc:
a4:ff:33:37:a2:e0:7e:01:1a:d8:66:69:c1:a3:d4:
16:fe:c2:3f:e2:2d:8a:62:94:a5:78:b7:48:04:01:
af:6f:3c:77:c7:fb:06:1a:c2:34:f5:17:77:f6:4a:
73:24:a6:0d:b8:fd:88:96:18:32:42:8a:3f:9f:9d:
f4:4f:68:4e:49:cb:3b:d0:ff:2d:09:85:f1:05:46:
74:5b:29:b1:f2:88:3c:b8:c7:08:6d:ec:0a:aa:fb:
66:bf:e4:ba:47:79:76:9b:84:b2:55:1c:47:91:a9:
ad:5c:1d:2f:4a:df:f8:28:a2:8b:8e:1a:ba:2b:12:
58:38:4c:77:0f:f3:e7:db:51:f7:7e:9b:d7:d4:e9:
35:45:49:dc:b9:f2:3c:48:3d:ea:ed:7e:dc:16:47:
7c:f8:a7:69:e5:55:af:4f:5c:55:94:3c:f5:45:03:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:87:94:86:76:93:AA:CA:3D:EB:0C:AC:EA:2F:8C:03:61:C7:39:87
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IYeUhnaTqso96wys6i-MA2HHOYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b385::/32
Signature Algorithm: sha256WithRSAEncryption
37:4b:bb:dc:f4:d1:6a:be:d1:e2:06:6c:e8:bf:a4:37:83:41:
14:f7:87:dd:72:03:b1:10:b7:49:a7:56:1c:b5:9f:94:4f:16:
c3:7a:e7:30:94:02:c9:c4:b1:4b:31:bc:34:7f:67:ef:7b:8c:
31:a4:9d:90:24:22:c1:5d:e9:ef:4a:68:98:b4:fb:1a:c1:a2:
b7:7d:3e:c8:c4:63:b9:a2:af:1e:b0:ce:07:5f:90:1b:33:6f:
be:d7:16:02:ee:8f:7c:56:60:0a:54:34:d1:2b:1d:4e:7b:b2:
a0:a5:a9:88:b9:84:ed:49:69:8d:23:97:8f:bb:de:41:04:6b:
14:50:fb:6a:b2:dd:51:c7:6d:4a:c8:a5:51:e2:2b:0b:a7:04:
dc:5f:91:fe:61:eb:77:9b:66:cc:74:1a:20:0a:3a:bf:b2:1a:
cf:81:66:c7:6d:2f:34:e9:77:41:f5:0d:8f:ed:1b:79:f0:f9:
c6:89:17:bf:7f:ed:00:18:28:1a:cd:44:f7:57:3f:a0:ed:7b:
09:79:c5:4b:ff:6f:80:9a:f3:5f:9e:d2:0e:68:0e:ea:7f:20:
fe:03:cf:7e:3a:e1:c1:68:4e:69:fc:e5:7d:e1:b7:1a:14:a5:
dd:0e:82:41:01:1e:5c:fc:2f:66:ea:f8:93:01:0b:2a:dd:15:
58:b8:98:ab
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZV/crsfcXiRbUET1uHtxn7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzEwMDk0NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg3OTQ4Njc2OTNhYWNhM2RlYjBjYWNlYTJmOGMwMzYxYzczOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4unfbqIIY2sgV+kNjRRyNz+/ozl+
wjCj0MPbtbyGXt7J8ymmF7FUaqmtW47slL3o4UxQD2uAUfDRt1l3v4KWwdHPgXxO
chOnS541G3pQiQE+S5Olho48ytyk/zM3ouB+ARrYZmnBo9QW/sI/4i2KYpSleLdI
BAGvbzx3x/sGGsI09Rd39kpzJKYNuP2IlhgyQoo/n530T2hOScs70P8tCYXxBUZ0
Wymx8og8uMcIbewKqvtmv+S6R3l2m4SyVRxHkamtXB0vSt/4KKKLjhq6KxJYOEx3
D/Pn21H3fpvX1Ok1RUncufI8SD3q7X7cFkd8+Kdp5VWvT1xVlDz1RQOZ2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCGHlIZ2k6rKPesMrOovjANhxzmHMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvSVllVWhuYVRxc285Nnd5czZpLU1BMkhIT1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgqzhTAN
BgkqhkiG9w0BAQsFAAOCAQEAN0u73PTRar7R4gZs6L+kN4NBFPeH3XIDsRC3SadW
HLWflE8Ww3rnMJQCycSxSzG8NH9n73uMMaSdkCQiwV3p70pomLT7GsGit30+yMRj
uaKvHrDOB1+QGzNvvtcWAu6PfFZgClQ00SsdTnuyoKWpiLmE7UlpjSOXj7veQQRr
FFD7arLdUcdtSsilUeIrC6cE3F+R/mHrd5tmzHQaIAo6v7Iaz4Fmx20vNOl3QfUN
j+0befD5xokXv3/tABgoGs1E91c/oO17CXnFS/9vgJrzX57SDmgO6n8g/gPPfjrh
wWhOafzlfeG3GhSl3Q6CQQEeXPwvZur4kwELKt0VWLiYqw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:03 2025 by rpki-client