Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/0SAJ9b5-mc8SgIj8y3jxYxY9W2o.roa
File: 0SAJ9b5-mc8SgIj8y3jxYxY9W2o.roa (raw, json)
Hash identifier: hb6HjG46a7iTfAmeqjNj3fPQSipoHPzOI+2am5pNOKk=
Subject key identifier: D1:20:09:F5:BE:7E:99:CF:12:80:88:FC:CB:78:F1:63:16:3D:5B:6A
Certificate issuer: /CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Certificate serial: 01953DF37FBFE3E0957C10038AB69C2EB281
Authority key identifier: 2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/0SAJ9b5-mc8SgIj8y3jxYxY9W2o.roa
Signing time: Tue 25 Feb 2025 16:32:02 +0000
ROA not before: Tue 25 Feb 2025 16:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a05:bd47:1234::/48 maxlen: 48
2a05:bd47:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Feb 2025 15:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:f3:7f:bf:e3:e0:95:7c:10:03:8a:b6:9c:2e:b2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e210bd2c7cbef20f224a47b32a157318888ec85
Validity
Not Before: Feb 25 16:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d12009f5be7e99cf128088fccb78f163163d5b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:92:dc:3c:2e:a0:ee:b6:5f:15:59:36:65:97:
37:32:39:a9:bc:6d:01:e7:1b:f4:d5:47:3f:ce:98:
69:b9:9c:8a:6a:b6:f3:68:ac:07:1d:df:8c:15:a6:
35:a1:fc:bd:5f:8a:8d:0a:f7:a3:d5:d1:71:bb:0e:
23:57:fd:9d:de:8b:91:09:a4:81:24:04:ef:fc:6f:
06:87:aa:e7:9b:09:9d:e5:9b:2c:97:84:f5:73:94:
09:1a:a5:45:ae:86:b7:8f:16:ea:cf:2c:98:b7:46:
3e:f0:8b:69:9b:b2:3b:8b:bc:eb:8e:3a:cc:db:43:
2d:21:58:18:35:c0:2f:7c:61:f2:62:19:8d:5d:14:
fe:f2:d4:29:a2:71:df:39:d4:3f:48:64:64:fe:48:
cf:d5:9f:cc:cc:ae:96:34:bc:31:63:89:ff:bf:b8:
62:1d:a9:29:6e:f2:f8:5a:c0:5f:2e:d8:89:1e:2b:
c6:41:32:3e:d7:48:7b:38:13:10:e3:66:59:b0:03:
91:ac:bf:36:37:00:fb:1c:f8:48:3a:73:6c:94:55:
bc:47:03:14:8b:a1:98:71:54:d6:ae:35:a3:56:b0:
0a:19:d0:2b:fa:b3:a0:8e:2f:e4:80:50:1c:0f:32:
12:8c:e9:52:e0:b8:7a:07:ae:cc:a6:b3:fb:3d:86:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:20:09:F5:BE:7E:99:CF:12:80:88:FC:CB:78:F1:63:16:3D:5B:6A
X509v3 Authority Key Identifier:
keyid:2E:21:0B:D2:C7:CB:EF:20:F2:24:A4:7B:32:A1:57:31:88:88:EC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiEL0sfL7yDyJKR7MqFXMYiI7IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/0SAJ9b5-mc8SgIj8y3jxYxY9W2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0a4fdc-a869-43b7-bbd0-bf90d0151b53/1/LiEL0sfL7yDyJKR7MqFXMYiI7IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:bd47:1234::/48
2a05:bd47:aaaa::/48
Signature Algorithm: sha256WithRSAEncryption
49:73:c3:da:77:f7:59:65:cc:20:37:7e:5e:81:95:a9:a2:90:
64:29:5f:3c:68:e4:2f:cf:24:21:8e:18:1e:f8:42:0c:e8:3e:
3e:5d:dc:fb:ee:65:16:f8:90:d6:08:bf:24:67:4c:4a:22:a9:
36:a2:8f:2a:27:d4:75:94:f1:12:78:bd:94:57:31:fe:82:ef:
fd:72:68:e3:c3:28:8b:20:22:9e:e5:4b:8f:5e:96:79:13:1f:
f2:0f:e2:10:8f:b2:ea:f7:7a:c2:52:06:4c:9e:98:ad:1f:61:
87:1d:fc:d2:55:52:81:e5:98:04:6a:c6:16:dc:df:e9:91:05:
90:26:cb:94:25:d0:46:fc:db:39:e5:0e:e3:ce:ce:13:39:7e:
9d:33:27:03:16:f6:75:07:25:72:6f:53:56:2b:e6:66:d0:e4:
89:c7:31:07:d3:8e:98:be:60:23:97:a4:02:97:46:38:a3:ba:
f9:26:70:0d:8c:99:b1:45:bd:fe:dd:0f:ac:4c:43:9d:ba:51:
ea:fc:ca:d9:88:21:4d:a8:9b:4c:6c:18:ac:bc:32:59:c2:65:
0b:3b:f3:de:ec:2c:81:63:65:6e:00:d9:cf:51:8b:26:1d:21:
ae:96:48:05:a3:9b:8b:d8:0f:a4:1b:41:d5:3d:7f:3b:e8:5a:
d7:a9:a2:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU983+/4+CVfBADiracLrKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjEwYmQyYzdjYmVmMjBmMjI0YTQ3YjMyYTE1NzMxODg4
OGVjODUwHhcNMjUwMjI1MTYzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTIwMDlmNWJlN2U5OWNmMTI4MDg4ZmNjYjc4ZjE2MzE2M2Q1YjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JLcPC6g7rZfFVk2ZZc3MjmpvG0B
5xv01Uc/zphpuZyKarbzaKwHHd+MFaY1ofy9X4qNCvej1dFxuw4jV/2d3ouRCaSB
JATv/G8Gh6rnmwmd5Zssl4T1c5QJGqVFroa3jxbqzyyYt0Y+8Itpm7I7i7zrjjrM
20MtIVgYNcAvfGHyYhmNXRT+8tQponHfOdQ/SGRk/kjP1Z/MzK6WNLwxY4n/v7hi
HakpbvL4WsBfLtiJHivGQTI+10h7OBMQ42ZZsAORrL82NwD7HPhIOnNslFW8RwMU
i6GYcVTWrjWjVrAKGdAr+rOgji/kgFAcDzISjOlS4Lh6B67MprP7PYa/+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNEgCfW+fpnPEoCI/Mt48WMWPVtqMB8GA1UdIwQY
MBaAFC4hC9LHy+8g8iSkezKhVzGIiOyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAt
YmY5MGQwMTUxYjUzLzEvMFNBSjliNS1tYzhTZ0lqOHkzanhZeFk5VzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wYTRmZGMtYTg2OS00M2I3LWJiZDAtYmY5MGQwMTUxYjUz
LzEvTGlFTDBzZkw3eUR5SktSN01xRlhNWWlJN0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgW9RxI0
AwcAKgW9R6qqMA0GCSqGSIb3DQEBCwUAA4IBAQBJc8Pad/dZZcwgN35egZWpopBk
KV88aOQvzyQhjhge+EIM6D4+Xdz77mUW+JDWCL8kZ0xKIqk2oo8qJ9R1lPESeL2U
VzH+gu/9cmjjwyiLICKe5UuPXpZ5Ex/yD+IQj7Lq93rCUgZMnpitH2GHHfzSVVKB
5ZgEasYW3N/pkQWQJsuUJdBG/Ns55Q7jzs4TOX6dMycDFvZ1ByVyb1NWK+Zm0OSJ
xzEH046YvmAjl6QCl0Y4o7r5JnANjJmxRb3+3Q+sTEOdulHq/MrZiCFNqJtMbBis
vDJZwmULO/Pe7CyBY2VuANnPUYsmHSGulkgFo5uL2A+kG0HVPX876FrXqaJR
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:34:37 2025 by rpki-client