Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/0n0og4NPxx8fVOh0p9iBj5BZzUI.roa
File: 0n0og4NPxx8fVOh0p9iBj5BZzUI.roa (raw, json)
Hash identifier: +i6bjt8K3f5cU0z7C0VsctYIzNK9SR4zdULVY3kPX38=
Subject key identifier: D2:7D:28:83:83:4F:C7:1F:1F:54:E8:74:A7:D8:81:8F:90:59:CD:42
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 019421B245DBF7488ADD6B8FC93EC70EB9B1
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/0n0og4NPxx8fVOh0p9iBj5BZzUI.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215147
IP address blocks: 2a07:2486:fc0::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:45:db:f7:48:8a:dd:6b:8f:c9:3e:c7:0e:b9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d27d2883834fc71f1f54e874a7d8818f9059cd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:b4:23:76:5b:0c:c6:8b:df:19:40:3d:e5:
6d:7f:dd:e0:e2:aa:c6:a6:8e:95:42:6c:e2:c5:bf:
7b:fb:2e:44:db:7c:94:ef:a6:71:ca:34:e0:61:e5:
59:17:78:2b:57:f8:ed:b3:fe:75:fc:84:3d:4f:0c:
2f:98:d7:25:e9:df:13:7d:58:b7:f4:64:86:45:be:
da:9c:e9:f0:25:48:43:2c:82:97:4e:9a:5f:22:d2:
5f:80:35:52:04:ce:1f:06:f9:34:0f:65:21:c7:68:
be:f8:ff:d8:b6:f6:6a:37:c1:0b:5e:61:d5:61:83:
b7:8a:33:28:84:8a:9b:b6:c4:53:af:bf:99:e5:bb:
57:a8:37:11:70:f0:ab:50:3b:2a:ea:f7:67:cd:10:
4a:32:f7:2f:bd:6d:15:ad:27:2e:e5:a2:05:07:14:
e3:a3:87:79:2a:b9:d2:e7:53:99:72:c5:cd:20:6f:
18:b7:ac:c6:ee:70:bd:b5:ab:27:8f:a8:ad:57:70:
55:d1:60:e5:11:24:e4:db:8e:be:2c:28:fc:35:63:
2e:50:c7:6a:49:88:2e:68:cd:24:bd:dd:90:da:f0:
b9:a0:2a:bb:df:36:8b:2b:f7:d4:19:2d:d1:da:b6:
87:d6:d8:36:1f:b9:6e:bd:d2:56:08:a6:23:cb:1a:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7D:28:83:83:4F:C7:1F:1F:54:E8:74:A7:D8:81:8F:90:59:CD:42
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/0n0og4NPxx8fVOh0p9iBj5BZzUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:fc0::/44
Signature Algorithm: sha256WithRSAEncryption
25:7b:ca:a0:ad:e6:d3:14:19:62:fc:94:68:db:44:4a:b2:51:
e6:a8:7c:dd:dc:5b:ee:db:a8:f7:fc:ed:80:06:41:2d:6a:6c:
6a:70:44:e4:0a:9c:d3:00:5a:27:42:da:96:3c:ab:23:c8:bf:
62:88:28:b3:b9:46:e0:82:10:e9:2a:81:23:14:6b:df:83:74:
d2:34:91:94:51:2f:c3:a3:d7:de:20:76:a9:d4:fa:59:72:76:
38:b1:e8:7a:d0:f4:e9:0e:68:09:dc:25:93:d3:52:f3:a5:53:
21:a4:8e:98:cc:06:f5:86:12:c5:8a:35:84:b8:f0:df:83:d5:
bf:13:66:17:bb:27:54:aa:97:cd:bc:69:fa:b2:08:05:c6:67:
d1:55:c7:c1:72:03:5e:0b:b7:76:d4:fa:48:23:20:10:07:03:
89:22:bf:f7:58:db:f0:c0:b6:50:f2:b5:b3:fe:e1:bb:3c:4f:
0b:fd:c4:c5:64:99:d4:58:f7:01:48:f5:56:c9:d7:89:f2:d6:
8b:d8:b0:ac:d2:fb:e4:3c:ff:be:27:97:a5:37:c4:82:3e:db:
c8:55:d1:26:47:af:68:c7:bc:a2:93:a4:37:bf:be:f8:78:26:
c1:6e:90:78:9a:58:3b:dc:08:f9:b2:a9:63:04:90:3c:ea:1a:
57:90:29:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhskXb90iK3WuPyT7HDrmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdkMjg4MzgzNGZjNzFmMWY1NGU4NzRhN2Q4ODE4ZjkwNTljZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDS0I3ZbDMaL3xlAPeVtf93g4qrG
po6VQmzixb97+y5E23yU76ZxyjTgYeVZF3grV/jts/51/IQ9TwwvmNcl6d8TfVi3
9GSGRb7anOnwJUhDLIKXTppfItJfgDVSBM4fBvk0D2Uhx2i++P/YtvZqN8ELXmHV
YYO3ijMohIqbtsRTr7+Z5btXqDcRcPCrUDsq6vdnzRBKMvcvvW0VrScu5aIFBxTj
o4d5KrnS51OZcsXNIG8Yt6zG7nC9tasnj6itV3BV0WDlESTk246+LCj8NWMuUMdq
SYguaM0kvd2Q2vC5oCq73zaLK/fUGS3R2raH1tg2H7luvdJWCKYjyxrUsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNJ9KIODT8cfH1TodKfYgY+QWc1CMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvMG4wb2c0TlB4eDhmVk9oMHA5aUJqNUJaelVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgckhg/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAle8qgrebTFBli/JRo20RKslHmqHzd3Fvu26j3
/O2ABkEtamxqcETkCpzTAFonQtqWPKsjyL9iiCizuUbgghDpKoEjFGvfg3TSNJGU
US/Do9feIHap1PpZcnY4seh60PTpDmgJ3CWT01LzpVMhpI6YzAb1hhLFijWEuPDf
g9W/E2YXuydUqpfNvGn6sggFxmfRVcfBcgNeC7d21PpIIyAQBwOJIr/3WNvwwLZQ
8rWz/uG7PE8L/cTFZJnUWPcBSPVWydeJ8taL2LCs0vvkPP++J5elN8SCPtvIVdEm
R69ox7yik6Q3v774eCbBbpB4mlg73Aj5sqljBJA86hpXkClM
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:11:23 2025 by rpki-client