Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SXQjaRcz_4wB-ECE3R7F4vb-kPA.roa
File: SXQjaRcz_4wB-ECE3R7F4vb-kPA.roa (raw, json)
Hash identifier: 39E5BtP0nR8qGRCUl621qfs5/LOeQHLryJHTbGW4e9k=
Subject key identifier: 49:74:23:69:17:33:FF:8C:01:F8:40:84:DD:1E:C5:E2:F6:FE:90:F0
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019422FB7A0C1F26A5C70DEAB6E7384786A1
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SXQjaRcz_4wB-ECE3R7F4vb-kPA.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a06:d645::/32 maxlen: 32
2a0a:b386::/32 maxlen: 32
2a0d:afc3::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 29 Jan 2025 17:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7a:0c:1f:26:a5:c7:0d:ea:b6:e7:38:47:86:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=497423691733ff8c01f84084dd1ec5e2f6fe90f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:79:48:f3:74:bd:d5:46:ec:b7:cf:06:54:
30:d1:e3:fa:d4:9c:66:05:c0:85:8e:29:ad:a3:f9:
b9:65:e7:a8:a5:31:18:f6:f0:26:94:48:02:ea:ea:
3f:7c:7e:f8:c7:eb:75:e4:64:5a:50:c7:ec:3d:2a:
20:9e:30:28:a8:df:92:40:b6:c4:00:dc:01:bc:f3:
74:4d:f3:39:48:46:70:29:b4:9d:30:09:18:e5:44:
a6:70:5b:dc:08:22:26:82:e4:98:42:27:a7:45:70:
f6:14:4f:4c:26:4a:f5:52:b9:c8:40:0d:be:71:aa:
cd:b0:a5:55:04:89:3b:17:36:ce:80:9e:16:38:4f:
a1:7c:61:ec:89:35:07:68:90:4c:7f:27:a6:bb:41:
58:bd:b1:5f:58:52:b4:a1:e4:a2:0d:9c:50:ba:71:
2b:be:ea:08:d8:ba:db:34:5c:f9:03:3b:dc:c7:41:
8b:69:77:26:4c:66:75:13:78:6a:e0:96:0c:16:92:
f4:79:49:9c:11:69:76:8d:0a:9d:3a:d0:dc:e2:b3:
56:a0:30:4e:da:a5:58:d2:2b:15:38:e7:e9:ca:d8:
0d:2e:f7:6c:23:d8:36:89:c7:da:c0:94:aa:45:5a:
3b:c9:b7:56:cb:be:bf:b4:84:ae:d2:09:f2:10:5e:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:74:23:69:17:33:FF:8C:01:F8:40:84:DD:1E:C5:E2:F6:FE:90:F0
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SXQjaRcz_4wB-ECE3R7F4vb-kPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d645::/32
2a0a:b386::/32
2a0d:afc3::/32
Signature Algorithm: sha256WithRSAEncryption
33:09:ce:ab:95:b0:62:bf:e2:1a:2d:78:2c:f8:ff:3e:33:99:
75:f1:30:69:f2:54:d3:8a:19:d4:b2:cf:ef:1a:3b:c0:f3:b9:
e3:80:32:be:72:b7:48:31:fe:37:97:6f:74:d9:8e:f3:13:ac:
17:9a:d9:0f:61:fe:7a:e3:9e:5c:d7:c5:46:ac:8a:8b:ad:2e:
03:7d:10:cd:7e:85:2e:5c:87:b0:64:ea:a0:2a:ea:fd:2d:a6:
56:68:49:a3:dc:53:c3:a9:db:11:21:9d:ce:af:24:d0:b4:58:
b1:2f:f2:c4:e3:ea:94:47:5a:d2:0d:91:af:50:6c:f8:90:6b:
2a:9c:88:7b:eb:18:e6:f9:7d:33:16:16:68:f1:e3:d4:98:78:
2f:ff:63:5f:c3:8b:cb:0b:91:c1:8c:bb:c4:66:bd:eb:62:58:
36:fa:fe:e7:4d:b1:a4:d2:00:60:0d:f8:78:65:59:e2:20:71:
4e:5a:24:c9:c2:d2:4c:ef:b6:aa:bd:04:e3:c5:46:f7:10:e0:
8c:26:5a:b0:95:d8:75:eb:f0:63:f1:64:0e:8c:db:54:c9:cd:
25:ab:e5:bb:d1:3c:41:b4:4f:a3:7f:3e:00:74:4c:fc:26:a2:
24:51:d5:ea:14:8f:f1:d9:5f:d6:d4:d3:8e:f2:74:08:12:d2:
7d:2c:00:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+3oMHyalxw3qtuc4R4ahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc0MjM2OTE3MzNmZjhjMDFmODQwODRkZDFlYzVlMmY2ZmU5MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN15SPN0vdVG7LfPBlQw0eP61Jxm
BcCFjimto/m5ZeeopTEY9vAmlEgC6uo/fH74x+t15GRaUMfsPSognjAoqN+SQLbE
ANwBvPN0TfM5SEZwKbSdMAkY5USmcFvcCCImguSYQienRXD2FE9MJkr1UrnIQA2+
carNsKVVBIk7FzbOgJ4WOE+hfGHsiTUHaJBMfyemu0FYvbFfWFK0oeSiDZxQunEr
vuoI2LrbNFz5Azvcx0GLaXcmTGZ1E3hq4JYMFpL0eUmcEWl2jQqdOtDc4rNWoDBO
2qVY0isVOOfpytgNLvdsI9g2icfawJSqRVo7ybdWy76/tISu0gnyEF7s0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEl0I2kXM/+MAfhAhN0exeL2/pDwMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvU1hRamFSY3pfNHdCLUVDRTNSN0Y0dmIta1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgbWRQMF
ACoKs4YDBQAqDa/DMA0GCSqGSIb3DQEBCwUAA4IBAQAzCc6rlbBiv+IaLXgs+P8+
M5l18TBp8lTTihnUss/vGjvA87njgDK+crdIMf43l2902Y7zE6wXmtkPYf56455c
18VGrIqLrS4DfRDNfoUuXIewZOqgKur9LaZWaEmj3FPDqdsRIZ3OryTQtFixL/LE
4+qUR1rSDZGvUGz4kGsqnIh76xjm+X0zFhZo8ePUmHgv/2Nfw4vLC5HBjLvEZr3r
Ylg2+v7nTbGk0gBgDfh4ZVniIHFOWiTJwtJM77aqvQTjxUb3EOCMJlqwldh16/Bj
8WQOjNtUyc0lq+W70TxBtE+jfz4AdEz8JqIkUdXqFI/x2V/W1NOO8nQIEtJ9LACh
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:44 2025 by rpki-client