Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GGIbaa58eXGKXtyxwWsVwT75pP8.roa
File: GGIbaa58eXGKXtyxwWsVwT75pP8.roa (raw, json)
Hash identifier: 6k39doT01cBJRajr50BHs1xMf55DFRewLp+2iXrWR18=
Subject key identifier: 18:62:1B:69:AE:7C:79:71:8A:5E:DC:B1:C1:6B:15:C1:3E:F9:A4:FF
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01955D851D908C1BEDA7FEBDE504D011A83E
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GGIbaa58eXGKXtyxwWsVwT75pP8.roa
Signing time: Mon 03 Mar 2025 19:39:19 +0000
ROA not before: Mon 03 Mar 2025 19:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 2a09:6904::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 14 Mar 2025 17:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:85:1d:90:8c:1b:ed:a7:fe:bd:e5:04:d0:11:a8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Mar 3 19:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18621b69ae7c79718a5edcb1c16b15c13ef9a4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e1:54:2b:ef:5c:57:08:19:a0:d7:e1:6a:bf:
14:30:30:da:31:2e:71:f1:02:2a:d2:9c:32:3c:67:
91:9e:c0:a8:0d:38:fd:9c:09:46:34:a4:a6:66:1b:
60:47:2a:d5:b8:05:10:f0:b5:ef:bc:10:39:81:58:
0c:67:19:25:09:d2:58:a5:d5:d4:06:79:d2:06:00:
62:67:0b:cf:22:5b:b8:ad:6b:92:0a:fe:ce:7b:44:
36:3e:e1:ca:c2:6f:6f:12:41:6d:c8:81:42:56:0f:
b6:0c:fc:0c:29:ee:8d:a4:84:fe:b1:87:5f:00:49:
be:2e:f1:0f:e8:1e:77:39:25:8a:13:bf:63:9f:d3:
9b:ec:a8:d2:ac:7d:7b:7a:35:30:eb:e7:23:6b:e8:
83:be:ab:a1:8d:ce:06:87:2d:11:8f:7f:c0:76:d8:
49:4a:f7:53:94:0e:f1:6f:a3:db:eb:e8:52:cd:01:
43:8e:ad:8f:83:e6:2c:9f:10:85:09:1b:e3:21:6a:
30:0b:2d:6f:08:35:d6:d7:3f:ec:2b:f4:de:7c:13:
b3:a8:56:72:f2:7b:62:0e:cf:ec:b6:47:ac:3d:66:
df:44:e8:8f:5b:cf:f4:bb:1d:2d:24:f5:90:bc:f0:
16:dd:5c:a8:ec:cd:a8:00:c5:4b:7b:cb:3d:e5:be:
52:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:62:1B:69:AE:7C:79:71:8A:5E:DC:B1:C1:6B:15:C1:3E:F9:A4:FF
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/GGIbaa58eXGKXtyxwWsVwT75pP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6904::/32
Signature Algorithm: sha256WithRSAEncryption
77:fd:5b:0d:70:78:f1:6e:8c:36:88:50:87:e3:ab:8d:75:85:
65:b1:0a:2a:d1:fe:b2:6b:f9:ad:a7:e4:89:07:21:17:86:56:
ce:50:9c:88:fb:df:a7:24:b5:72:a3:2e:3b:31:e5:80:7a:75:
1c:08:2f:82:44:88:0a:c4:f2:e7:a8:24:43:41:37:92:7a:14:
62:ad:31:5d:2a:60:22:76:e8:fb:41:1f:d0:e6:ec:eb:05:81:
99:f9:62:be:80:82:2d:5f:b2:56:d1:16:6b:32:a6:d0:a6:f2:
d8:a7:d3:2c:2c:89:d8:4e:8f:48:2d:2c:40:36:b5:7b:84:fa:
76:ba:b5:56:1c:9b:52:8d:db:4d:29:cd:a0:fd:6e:a9:b2:b2:
56:2d:60:18:81:b2:8b:1c:5b:9b:6c:91:74:a2:4d:d3:d4:3e:
f8:af:f9:a0:b3:ba:03:c5:b3:b8:26:c1:bc:0a:69:d3:07:1e:
82:a3:0e:db:cc:2a:5c:7c:dd:36:7e:1f:5d:c1:4c:24:4f:db:
33:bf:3d:d3:26:65:91:73:d7:a4:6f:67:da:60:22:9f:32:16:
be:a7:6d:a1:22:fe:52:29:fa:5f:52:82:da:04:d0:28:b3:d0:
7a:e3:d7:8b:4d:63:68:a4:df:99:a7:13:0e:f7:e6:e7:e8:a1:
02:76:2d:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVdhR2QjBvtp/695QTQEag+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMzAzMTkzOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODYyMWI2OWFlN2M3OTcxOGE1ZWRjYjFjMTZiMTVjMTNlZjlhNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+FUK+9cVwgZoNfhar8UMDDaMS5x
8QIq0pwyPGeRnsCoDTj9nAlGNKSmZhtgRyrVuAUQ8LXvvBA5gVgMZxklCdJYpdXU
BnnSBgBiZwvPIlu4rWuSCv7Oe0Q2PuHKwm9vEkFtyIFCVg+2DPwMKe6NpIT+sYdf
AEm+LvEP6B53OSWKE79jn9Ob7KjSrH17ejUw6+cja+iDvquhjc4Ghy0Rj3/AdthJ
SvdTlA7xb6Pb6+hSzQFDjq2Pg+YsnxCFCRvjIWowCy1vCDXW1z/sK/TefBOzqFZy
8ntiDs/stkesPWbfROiPW8/0ux0tJPWQvPAW3Vyo7M2oAMVLe8s95b5S5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBhiG2mufHlxil7cscFrFcE++aT/MB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvR0dJYmFhNThlWEdLWHR5eHdXc1Z3VDc1cFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKglpBDAN
BgkqhkiG9w0BAQsFAAOCAQEAd/1bDXB48W6MNohQh+OrjXWFZbEKKtH+smv5rafk
iQchF4ZWzlCciPvfpyS1cqMuOzHlgHp1HAgvgkSICsTy56gkQ0E3knoUYq0xXSpg
Inbo+0Ef0Obs6wWBmflivoCCLV+yVtEWazKm0Kby2KfTLCyJ2E6PSC0sQDa1e4T6
drq1VhybUo3bTSnNoP1uqbKyVi1gGIGyixxbm2yRdKJN09Q++K/5oLO6A8WzuCbB
vApp0wcegqMO28wqXHzdNn4fXcFMJE/bM7890yZlkXPXpG9n2mAinzIWvqdtoSL+
Uin6X1KC2gTQKLPQeuPXi01jaKTfmacTDvfm5+ihAnYtcw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:30:09 2025 by rpki-client