Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/k6V8BSUB-avjrii_rqWE89CZGHA.roa
File: k6V8BSUB-avjrii_rqWE89CZGHA.roa (raw, json)
Hash identifier: JvEcinA54hbYBbUtL+v2h9S5H11ThX4gLn432VcylYU=
Subject key identifier: 93:A5:7C:05:25:01:F9:AB:E3:AE:28:BF:AE:A5:84:F3:D0:99:18:70
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0195908C51DC151C31AEFCD02FA20502D2A9
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/k6V8BSUB-avjrii_rqWE89CZGHA.roa
Signing time: Thu 13 Mar 2025 17:27:49 +0000
ROA not before: Thu 13 Mar 2025 17:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:cf06::/32 maxlen: 32
2a09:dd05::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Mar 2025 12:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:8c:51:dc:15:1c:31:ae:fc:d0:2f:a2:05:02:d2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 13 17:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93a57c052501f9abe3ae28bfaea584f3d0991870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ef:d5:92:fb:14:7d:35:55:6d:2e:c5:d9:ed:
a1:72:6e:5d:b1:de:25:60:dd:c1:f8:3b:ad:97:05:
7c:44:a8:d1:f4:59:52:1d:c2:75:79:20:d0:ac:08:
ce:d9:d9:c1:02:36:9a:f6:39:97:9d:b4:9e:f2:08:
dd:a3:a7:cc:d8:c1:c1:6a:62:bb:25:2d:12:da:60:
86:da:8d:7b:47:d6:fe:32:7b:e0:d6:92:e8:86:a5:
7e:8b:87:f1:5f:06:33:46:93:73:5c:30:e5:29:3c:
b5:62:fe:2a:1f:a5:31:29:06:3d:7f:9b:25:c8:a0:
13:7d:cf:54:04:27:46:94:31:55:9d:76:75:99:2e:
60:69:a1:06:6d:6c:2e:4d:d4:83:f0:4d:24:db:cf:
76:15:03:21:d8:92:92:98:7f:79:2a:74:69:24:04:
7b:61:c8:ed:b5:8f:fd:0a:cb:9a:83:55:f2:af:b3:
84:b7:81:66:23:7d:be:a5:a0:56:d8:e1:47:81:6d:
24:5a:4b:9f:46:a3:06:23:ab:45:f9:bc:67:05:a6:
75:41:b9:29:09:b8:9e:b8:ff:71:b3:8b:d1:04:21:
35:b9:81:a9:67:b4:49:af:c0:f2:a8:62:00:72:59:
a8:93:6b:62:bb:79:b7:a4:7b:b3:5c:58:c4:37:f8:
50:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A5:7C:05:25:01:F9:AB:E3:AE:28:BF:AE:A5:84:F3:D0:99:18:70
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/k6V8BSUB-avjrii_rqWE89CZGHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:cf06::/32
2a09:dd05::/32
Signature Algorithm: sha256WithRSAEncryption
26:76:92:04:d5:0a:64:df:ae:f3:95:c3:4d:08:75:98:31:26:
47:22:c4:71:14:c0:80:24:76:8e:ef:29:0f:09:08:66:de:f2:
4d:40:65:52:0a:b6:75:48:0e:8f:18:cd:71:3a:11:1d:f2:74:
19:0a:7a:76:94:99:25:f0:07:3b:dc:3a:f0:e3:4e:a7:b0:c7:
65:13:3e:6d:3f:97:98:1c:12:46:68:f5:9c:c4:ba:42:94:c7:
f9:67:86:93:77:df:23:07:d9:06:f7:c1:05:31:42:b7:4d:be:
dd:cb:ac:a7:48:61:55:e7:c1:b5:6e:16:90:e4:b4:cb:b7:8e:
a1:1d:45:34:50:a1:7d:bd:5d:17:03:45:0f:32:7e:9b:98:fc:
69:bc:c8:5b:40:2f:f4:7a:4b:cd:4f:20:e1:23:5c:8c:fc:4b:
3f:73:4b:27:f6:ca:94:10:f7:36:7b:c5:00:4e:71:d5:6d:b8:
63:8d:d8:de:05:0d:c0:2b:a7:67:32:9a:ab:cd:3c:8c:7b:5f:
3b:47:d1:a3:db:9c:df:c0:3a:b8:29:66:09:ec:e0:c7:74:07:
af:7c:fe:69:71:d0:48:56:e4:33:70:d7:26:ec:14:39:27:f6:
0c:f3:20:ef:9a:1f:8b:4e:d1:91:2d:c3:4f:8f:b3:49:0a:74:
5d:93:0f:42
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZWQjFHcFRwxrvzQL6IFAtKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzEzMTcyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E1N2MwNTI1MDFmOWFiZTNhZTI4YmZhZWE1ODRmM2QwOTkxODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+/VkvsUfTVVbS7F2e2hcm5dsd4l
YN3B+DutlwV8RKjR9FlSHcJ1eSDQrAjO2dnBAjaa9jmXnbSe8gjdo6fM2MHBamK7
JS0S2mCG2o17R9b+Mnvg1pLohqV+i4fxXwYzRpNzXDDlKTy1Yv4qH6UxKQY9f5sl
yKATfc9UBCdGlDFVnXZ1mS5gaaEGbWwuTdSD8E0k2892FQMh2JKSmH95KnRpJAR7
YcjttY/9Csuag1Xyr7OEt4FmI32+paBW2OFHgW0kWkufRqMGI6tF+bxnBaZ1Qbkp
CbieuP9xs4vRBCE1uYGpZ7RJr8DyqGIAclmok2tiu3m3pHuzXFjEN/hQgwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJOlfAUlAfmr464ov66lhPPQmRhwMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvazZWOEJTVUItYXZqcmlpX3JxV0U4OUNaR0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgnPBgMF
ACoJ3QUwDQYJKoZIhvcNAQELBQADggEBACZ2kgTVCmTfrvOVw00IdZgxJkcixHEU
wIAkdo7vKQ8JCGbe8k1AZVIKtnVIDo8YzXE6ER3ydBkKenaUmSXwBzvcOvDjTqew
x2UTPm0/l5gcEkZo9ZzEukKUx/lnhpN33yMH2Qb3wQUxQrdNvt3LrKdIYVXnwbVu
FpDktMu3jqEdRTRQoX29XRcDRQ8yfpuY/Gm8yFtAL/R6S81PIOEjXIz8Sz9zSyf2
ypQQ9zZ7xQBOcdVtuGON2N4FDcArp2cymqvNPIx7XztH0aPbnN/AOrgpZgns4Md0
B698/mlx0EhW5DNw1ybsFDkn9gzzIO+aH4tO0ZEtw0+Ps0kKdF2TD0I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:22 2025 by rpki-client