Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/nrzQ9MrZgWGZB_Z1Q9nCLWwBNr0.roa
File: nrzQ9MrZgWGZB_Z1Q9nCLWwBNr0.roa (raw, json)
Hash identifier: WfLbYk3rCRE7pdywKRsQgg45tYLbZ6msJYQ4pX6ZKO4=
Subject key identifier: 9E:BC:D0:F4:CA:D9:81:61:99:07:F6:75:43:D9:C2:2D:6C:01:36:BD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019422FB74CF47DFBDD2AF0F6CB7E32CC81E
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/nrzQ9MrZgWGZB_Z1Q9nCLWwBNr0.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47464
IP address blocks: 2a09:bc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Feb 2025 16:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:74:cf:47:df:bd:d2:af:0f:6c:b7:e3:2c:c8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ebcd0f4cad981619907f67543d9c22d6c0136bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:dd:81:11:b3:cf:c1:90:c9:ae:1a:cc:2e:
7f:c8:8d:ee:ed:5f:22:ba:43:0f:73:40:60:24:0f:
0f:b4:61:f8:5f:84:ed:23:6a:78:1f:43:3f:39:c7:
a2:5f:3b:80:40:46:14:17:47:7a:21:49:ff:1f:16:
ee:a3:93:5e:7c:76:96:89:da:4f:26:d4:19:37:79:
d9:70:ef:a5:55:b0:e0:fc:be:9f:8c:99:4a:65:42:
3e:22:c5:8a:08:01:42:d9:fe:b6:93:c3:9b:78:99:
fc:ca:72:d2:fc:15:d2:6f:73:c0:9c:da:6f:ea:90:
9e:b6:4d:14:5a:f5:fa:35:3b:14:c6:12:c2:da:16:
6b:40:ca:91:47:6b:1d:23:74:20:ad:b1:36:ca:cf:
03:2e:23:32:c2:a3:b2:fd:43:84:47:bc:8b:96:ee:
04:04:a2:d6:43:c1:dd:77:f8:66:91:a5:fe:b3:aa:
25:84:bc:8a:0b:77:ea:9e:0b:71:20:d6:12:16:bd:
bd:c5:b2:e7:5d:89:6e:5a:88:14:14:02:c3:2b:84:
1f:5d:a8:5a:7f:eb:b4:0c:ee:9e:07:68:c0:52:6e:
4e:a1:0a:f5:a1:cc:c1:bc:8e:1e:02:da:2c:c4:60:
f9:9b:5d:61:6d:8f:be:78:00:32:73:34:e5:75:00:
54:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BC:D0:F4:CA:D9:81:61:99:07:F6:75:43:D9:C2:2D:6C:01:36:BD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/nrzQ9MrZgWGZB_Z1Q9nCLWwBNr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
44:e5:cf:db:8f:30:ee:db:54:a0:24:19:ee:d3:a6:74:c7:af:
65:c5:6b:f8:48:6b:a3:99:df:f7:cb:93:9b:d2:f0:d9:17:7a:
b5:81:54:d4:c3:60:a6:cd:b7:5b:53:1b:ac:38:43:e7:c4:6b:
6e:7b:f0:5e:66:7a:3c:57:ba:3f:98:d7:7e:b5:e6:97:39:b3:
6a:79:dd:24:4c:0d:d5:f4:3a:fd:e9:4c:a1:81:85:02:a4:7b:
49:62:0b:15:77:e4:84:ca:df:d4:89:ed:81:22:65:c0:f4:44:
35:8c:03:79:f9:88:87:a1:ef:f3:4e:0c:32:26:8e:ed:9f:8c:
5a:55:66:aa:e5:83:79:84:4e:96:3e:81:b7:f3:05:4d:2c:c2:
06:b0:48:12:58:1f:9f:19:e9:d6:ad:5d:d2:a1:c3:62:d3:73:
4f:ad:52:f1:5e:fb:53:61:6c:a9:26:21:e1:72:0e:77:b2:cc:
63:86:09:df:50:f4:9d:12:f1:c9:33:04:8e:f4:d4:58:c4:49:
eb:f9:64:2b:4c:36:af:7f:aa:9a:50:ac:35:3b:ce:c7:12:33:
ff:ee:f2:96:5c:a0:e5:22:df:f8:46:77:60:e8:d1:4d:a9:73:
3f:d5:d9:21:c5:67:05:c7:1d:90:d9:93:5f:ff:85:0c:e5:b3:
5d:88:8d:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+3TPR9+90q8PbLfjLMgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJjZDBmNGNhZDk4MTYxOTkwN2Y2NzU0M2Q5YzIyZDZjMDEzNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvXdgRGzz8GQya4azC5/yI3u7V8i
ukMPc0BgJA8PtGH4X4TtI2p4H0M/OceiXzuAQEYUF0d6IUn/Hxbuo5NefHaWidpP
JtQZN3nZcO+lVbDg/L6fjJlKZUI+IsWKCAFC2f62k8ObeJn8ynLS/BXSb3PAnNpv
6pCetk0UWvX6NTsUxhLC2hZrQMqRR2sdI3QgrbE2ys8DLiMywqOy/UOER7yLlu4E
BKLWQ8Hdd/hmkaX+s6olhLyKC3fqngtxINYSFr29xbLnXYluWogUFALDK4QfXaha
f+u0DO6eB2jAUm5OoQr1oczBvI4eAtosxGD5m11hbY++eAAyczTldQBUJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ680PTK2YFhmQf2dUPZwi1sATa9MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvbnJ6UTlNclpnV0daQl9aMVE5bkNMV3dCTnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgm8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAROXP248w7ttUoCQZ7tOmdMevZcVr+Ehro5nf98uT
m9Lw2Rd6tYFU1MNgps23W1MbrDhD58RrbnvwXmZ6PFe6P5jXfrXmlzmzanndJEwN
1fQ6/elMoYGFAqR7SWILFXfkhMrf1IntgSJlwPRENYwDefmIh6Hv804MMiaO7Z+M
WlVmquWDeYROlj6Bt/MFTSzCBrBIElgfnxnp1q1d0qHDYtNzT61S8V77U2FsqSYh
4XIOd7LMY4YJ31D0nRLxyTMEjvTUWMRJ6/lkK0w2r3+qmlCsNTvOxxIz/+7yllyg
5SLf+EZ3YOjRTalzP9XZIcVnBccdkNmTX/+FDOWzXYiNOw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:02 2025 by rpki-client