Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ndWw4LQ0WX_wowLyJjsVhT5QZz0.roa
File: ndWw4LQ0WX_wowLyJjsVhT5QZz0.roa (raw, json)
Hash identifier: FQYzAjN/2oAkZylkjSsUc23TDuJx1VBVi6SlGRDFsXw=
Subject key identifier: 9D:D5:B0:E0:B4:34:59:7F:F0:A3:02:F2:26:3B:15:85:3E:50:67:3D
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01955D83497AF946501FC1E6AE91145B6290
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ndWw4LQ0WX_wowLyJjsVhT5QZz0.roa
Signing time: Mon 03 Mar 2025 19:37:19 +0000
ROA not before: Mon 03 Mar 2025 19:37:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a09:6907::/32 maxlen: 32
2a0d:b9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Mar 2025 17:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:83:49:7a:f9:46:50:1f:c1:e6:ae:91:14:5b:62:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Mar 3 19:37:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dd5b0e0b434597ff0a302f2263b15853e50673d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:b3:65:bc:4e:36:80:7a:0a:2e:95:11:86:
10:36:62:a6:a2:86:03:5e:b6:1b:bd:68:7b:c8:de:
a5:cd:40:19:cf:25:d2:90:a1:2b:5b:85:dd:88:42:
98:dc:18:3c:13:58:dd:6f:30:0c:4d:66:3a:12:b9:
56:93:30:64:db:98:49:fc:11:3f:03:2b:13:65:bb:
cc:60:f3:13:37:ef:ef:6c:b6:2e:16:12:29:7f:6f:
18:86:2d:bb:47:6d:75:20:7d:37:06:08:37:c2:ec:
3c:cf:c3:2e:ed:f4:35:f1:65:f1:aa:d9:d4:01:d9:
4d:ab:cb:ff:ad:a8:2c:92:a2:3f:a7:8c:28:59:cf:
b0:2c:1d:73:bf:47:cd:9c:02:f5:10:69:75:c7:8c:
b2:7e:7e:38:d1:41:38:0d:f1:87:ba:7e:fc:36:4a:
29:81:b1:3a:3f:37:fc:1d:68:61:69:ef:57:3b:81:
65:56:73:21:2c:1d:7e:d3:53:87:9b:0a:33:d3:d6:
38:36:4e:75:cf:40:7d:d2:49:b0:0a:02:c2:93:c0:
77:3c:f9:49:06:b6:a6:3d:45:f8:8d:cc:ee:ef:b4:
20:da:ff:98:74:94:f9:d7:f2:7b:c6:75:2d:80:5d:
13:50:b6:56:5c:cc:97:7a:06:44:b2:af:e0:32:9e:
60:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D5:B0:E0:B4:34:59:7F:F0:A3:02:F2:26:3B:15:85:3E:50:67:3D
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ndWw4LQ0WX_wowLyJjsVhT5QZz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6907::/32
2a0d:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:55:b9:fe:8a:37:ca:a7:86:df:77:1e:67:13:84:b9:a9:bd:
b6:a7:00:c0:36:b2:7c:63:65:e3:92:0b:b9:da:1f:ee:01:eb:
74:97:ea:c5:35:1b:3d:24:3e:26:e4:22:e8:ef:44:25:21:9e:
20:97:a0:04:01:88:7f:ec:33:b2:51:76:76:9b:7e:c1:60:2c:
03:a1:06:46:65:3b:a8:07:98:48:9e:df:5a:e3:f4:dd:4b:cd:
cb:2d:6d:9d:cc:2e:1d:f2:26:be:78:b0:43:a5:3d:a2:92:29:
d2:d1:6b:1a:cd:be:f3:bf:0a:43:02:d3:2f:1e:6c:34:79:9d:
0c:46:da:69:33:67:ca:4b:cc:23:a3:6d:04:d7:95:08:c1:37:
44:5a:07:cd:dd:ca:59:80:11:e5:6f:d3:14:80:fa:22:be:0f:
c4:4e:a0:88:9d:7b:54:74:f1:01:fa:58:a2:21:a3:27:52:e4:
0a:3f:36:a7:47:e9:2b:8c:5e:3d:ed:41:e5:14:40:cd:39:8b:
51:ef:0b:ce:f3:ff:da:f5:69:3d:c1:1d:1a:12:ac:09:c1:d2:
af:ab:e6:d9:3d:2a:76:4f:35:ea:29:d0:e7:11:10:f5:50:0e:
1b:17:52:6b:a2:e1:08:3f:41:b7:c1:ad:85:f2:b4:13:3f:2f:
fc:22:5b:a8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVdg0l6+UZQH8HmrpEUW2KQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMzAzMTkzNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ1YjBlMGI0MzQ1OTdmZjBhMzAyZjIyNjNiMTU4NTNlNTA2NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGqzZbxONoB6Ci6VEYYQNmKmooYD
XrYbvWh7yN6lzUAZzyXSkKErW4XdiEKY3Bg8E1jdbzAMTWY6ErlWkzBk25hJ/BE/
AysTZbvMYPMTN+/vbLYuFhIpf28Yhi27R211IH03Bgg3wuw8z8Mu7fQ18WXxqtnU
AdlNq8v/ragskqI/p4woWc+wLB1zv0fNnAL1EGl1x4yyfn440UE4DfGHun78Nkop
gbE6Pzf8HWhhae9XO4FlVnMhLB1+01OHmwoz09Y4Nk51z0B90kmwCgLCk8B3PPlJ
BramPUX4jczu77Qg2v+YdJT51/J7xnUtgF0TULZWXMyXegZEsq/gMp5g3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ3VsOC0NFl/8KMC8iY7FYU+UGc9MB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvbmRXdzRMUTBXWF93b3dMeUpqc1ZoVDVRWnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKglpBwMF
ACoNucAwDQYJKoZIhvcNAQELBQADggEBAC1Vuf6KN8qnht93HmcThLmpvbanAMA2
snxjZeOSC7naH+4B63SX6sU1Gz0kPibkIujvRCUhniCXoAQBiH/sM7JRdnabfsFg
LAOhBkZlO6gHmEie31rj9N1LzcstbZ3MLh3yJr54sEOlPaKSKdLRaxrNvvO/CkMC
0y8ebDR5nQxG2mkzZ8pLzCOjbQTXlQjBN0RaB83dylmAEeVv0xSA+iK+D8ROoIid
e1R08QH6WKIhoydS5Ao/NqdH6SuMXj3tQeUUQM05i1HvC87z/9r1aT3BHRoSrAnB
0q+r5tk9KnZPNeop0OcREPVQDhsXUmui4Qg/QbfBrYXytBM/L/wiW6g=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:22:30 2025 by rpki-client