Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dla0Hn1DT5AUVdeEusUaFvuuYas.roa
File: dla0Hn1DT5AUVdeEusUaFvuuYas.roa (raw, json)
Hash identifier: cWkqK8u3QveLR65//GtQL24W7eAXY/IBSg/morVa4b8=
Subject key identifier: 76:56:B4:1E:7D:43:4F:90:14:55:D7:84:BA:C5:1A:16:FB:AE:61:AB
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0195B9CC036566528219F6D2C34598403E74
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dla0Hn1DT5AUVdeEusUaFvuuYas.roa
Signing time: Fri 21 Mar 2025 17:41:49 +0000
ROA not before: Fri 21 Mar 2025 17:41:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:af82::/32 maxlen: 32
2a09:dd04::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Mar 2025 20:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:cc:03:65:66:52:82:19:f6:d2:c3:45:98:40:3e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 21 17:41:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7656b41e7d434f901455d784bac51a16fbae61ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3e:85:b4:65:31:d3:9f:ed:15:af:36:20:b2:
f7:f2:77:bc:9b:19:6f:b9:1b:d8:5b:d0:b6:34:9f:
dc:0c:c1:25:f8:28:e2:9c:ec:3c:52:91:b5:51:0d:
97:c1:21:30:ec:4d:f2:cf:c4:43:e6:4f:7b:bf:d7:
02:c9:5b:2d:d8:46:30:d1:f6:9d:6f:75:69:d1:8a:
b8:63:28:a6:d6:ef:f3:67:5e:a8:22:3c:98:6a:74:
cf:20:2e:db:ff:74:77:60:71:67:75:4f:e5:f5:0a:
74:cc:eb:20:e4:04:ed:07:e3:f6:88:a2:5b:d5:c5:
bf:ea:21:df:48:c8:4d:b5:4a:ca:fd:d8:98:7b:b0:
34:36:a0:11:74:93:98:8a:a9:2a:b1:4a:8a:99:e1:
92:83:8e:f4:e8:b4:c7:a5:ad:cc:f1:6f:97:20:5e:
31:fc:0e:bf:bd:01:9d:82:bc:f6:bf:17:88:a4:16:
1a:e6:b6:79:b2:e2:58:99:ab:45:6a:73:29:82:64:
0d:8c:d2:11:12:b4:c5:7f:02:90:e2:45:1e:e7:f9:
bf:8f:0b:67:7e:c3:d9:59:86:73:03:27:77:ca:06:
f6:44:b5:1a:b4:96:ce:ca:59:00:a2:74:41:41:8c:
a1:44:b4:a1:a5:e0:16:2b:ba:f3:30:80:09:9e:c3:
d9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:56:B4:1E:7D:43:4F:90:14:55:D7:84:BA:C5:1A:16:FB:AE:61:AB
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/dla0Hn1DT5AUVdeEusUaFvuuYas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:af82::/32
2a09:dd04::/32
2a09:e702::/32
Signature Algorithm: sha256WithRSAEncryption
d4:9d:4f:a2:52:29:3d:28:13:29:a9:da:2d:1d:8c:be:1d:ee:
87:d2:18:db:bc:18:01:96:e4:64:51:5b:49:32:b1:c2:ae:52:
fb:98:36:a9:fe:aa:97:65:7b:8c:de:46:9f:c6:1e:d5:62:64:
f5:3a:ab:2c:40:2b:ee:16:9b:23:98:df:2b:20:e1:94:0d:68:
f0:96:31:e9:87:09:a4:cb:34:f6:e3:fd:c9:42:27:f0:3e:e5:
02:cc:e8:0a:5e:27:c8:67:ee:fe:f3:a6:ff:95:df:1b:8b:de:
17:5a:03:90:47:92:ad:78:b7:76:07:4e:32:cd:85:17:ca:1e:
12:f3:e3:e0:f7:3d:d0:ce:fe:36:3d:ce:2b:ad:5d:af:a1:c3:
dc:f9:08:87:ee:7d:e4:1f:2c:9a:5c:bc:4b:c8:19:a6:35:54:
e7:69:93:c2:e3:e7:b0:f1:98:e0:85:33:7e:53:c0:86:76:bb:
4a:5e:87:cc:3c:df:34:f8:6f:df:82:c1:ab:b8:2f:f1:d8:28:
57:8f:84:b2:c0:68:da:07:b0:fb:ef:93:e2:07:f5:a9:2b:3e:
7c:f2:e1:a3:0d:6b:70:16:3d:e2:2b:e2:89:de:77:98:7d:a0:
1e:c7:eb:7d:6a:ff:ea:6e:04:77:0f:68:9c:26:fb:3f:ac:2c:
0a:d0:eb:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZW5zANlZlKCGfbSw0WYQD50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzIxMTc0MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU2YjQxZTdkNDM0ZjkwMTQ1NWQ3ODRiYWM1MWExNmZiYWU2MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD6FtGUx05/tFa82ILL38ne8mxlv
uRvYW9C2NJ/cDMEl+CjinOw8UpG1UQ2XwSEw7E3yz8RD5k97v9cCyVst2EYw0fad
b3Vp0Yq4Yyim1u/zZ16oIjyYanTPIC7b/3R3YHFndU/l9Qp0zOsg5ATtB+P2iKJb
1cW/6iHfSMhNtUrK/diYe7A0NqARdJOYiqkqsUqKmeGSg4706LTHpa3M8W+XIF4x
/A6/vQGdgrz2vxeIpBYa5rZ5suJYmatFanMpgmQNjNIRErTFfwKQ4kUe5/m/jwtn
fsPZWYZzAyd3ygb2RLUatJbOylkAonRBQYyhRLShpeAWK7rzMIAJnsPZMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHZWtB59Q0+QFFXXhLrFGhb7rmGrMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvZGxhMEhuMURUNUFVVmRlRXVzVWFGdnV1WWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgmvggMF
ACoJ3QQDBQAqCecCMA0GCSqGSIb3DQEBCwUAA4IBAQDUnU+iUik9KBMpqdotHYy+
He6H0hjbvBgBluRkUVtJMrHCrlL7mDap/qqXZXuM3kafxh7VYmT1OqssQCvuFpsj
mN8rIOGUDWjwljHphwmkyzT24/3JQifwPuUCzOgKXifIZ+7+86b/ld8bi94XWgOQ
R5KteLd2B04yzYUXyh4S8+Pg9z3Qzv42Pc4rrV2vocPc+QiH7n3kHyyaXLxLyBmm
NVTnaZPC4+ew8ZjghTN+U8CGdrtKXofMPN80+G/fgsGruC/x2ChXj4SywGjaB7D7
75PiB/WpKz588uGjDWtwFj3iK+KJ3neYfaAex+t9av/qbgR3D2icJvs/rCwK0Ou6
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:35:07 2025 by rpki-client