Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/2tN_zYOF8Zr2EdSO60eeDgxccxE.roa
File: 2tN_zYOF8Zr2EdSO60eeDgxccxE.roa (raw, json)
Hash identifier: xLa/A9L43or9hlabtjj9POxiQ5ZJM58VnWS1LQrWITU=
Subject key identifier: DA:D3:7F:CD:83:85:F1:9A:F6:11:D4:8E:EB:47:9E:0E:0C:5C:73:11
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 019538535F32578D0D73854DBE8BCB557BDF
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/2tN_zYOF8Zr2EdSO60eeDgxccxE.roa
Signing time: Mon 24 Feb 2025 14:19:02 +0000
ROA not before: Mon 24 Feb 2025 14:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a00:dc80::/33 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 16:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:53:5f:32:57:8d:0d:73:85:4d:be:8b:cb:55:7b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Feb 24 14:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dad37fcd8385f19af611d48eeb479e0e0c5c7311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:2e:ae:69:d7:6e:5b:3a:93:12:dc:b2:35:
f8:4b:b6:58:23:a4:07:77:66:9d:42:79:94:a1:c6:
a4:cf:53:d0:bc:92:5f:72:46:9a:ff:53:af:53:73:
ca:91:cf:f1:e0:30:79:0c:75:20:e7:e8:0e:f2:d2:
cd:97:86:3d:30:3b:db:b6:e2:84:6d:e1:24:57:42:
32:4e:6b:e8:48:38:1d:33:23:25:e1:2a:38:df:8e:
65:54:db:e8:b8:77:af:04:bd:cf:dd:a6:7e:66:15:
4f:60:c5:0c:52:82:e7:0f:9c:e6:48:f0:17:ed:35:
47:d8:a5:45:84:53:2c:b8:df:b7:34:98:00:f4:48:
7f:ef:c7:37:85:39:9b:ab:38:00:c7:77:70:a6:d4:
32:90:fc:9c:07:d8:37:f6:f3:09:21:ba:62:47:ed:
98:fb:c3:5b:e5:45:0b:93:16:37:72:6b:f2:db:74:
03:74:36:54:66:72:15:fe:26:e7:40:1e:33:5e:45:
34:ba:2c:c6:d1:7e:d1:47:12:13:1b:74:7e:bf:cd:
67:a1:56:e1:99:ca:dc:7d:3b:51:82:b1:25:0c:6f:
3c:c0:5a:c9:c3:d5:80:b6:a6:bd:c5:c6:3c:ff:d2:
83:af:cc:af:d5:68:d7:ab:c9:6f:48:db:fe:cb:4e:
12:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D3:7F:CD:83:85:F1:9A:F6:11:D4:8E:EB:47:9E:0E:0C:5C:73:11
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/2tN_zYOF8Zr2EdSO60eeDgxccxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:dc80::/33
Signature Algorithm: sha256WithRSAEncryption
be:74:1f:be:68:98:6b:7f:58:85:1f:bc:83:a9:9b:90:65:35:
72:4d:a3:51:3b:b8:b8:df:72:03:88:35:25:c7:e8:91:dc:d9:
ab:37:76:45:8e:54:55:54:dd:d6:1c:99:d3:3d:44:05:69:60:
4b:1f:e0:47:6c:b5:e9:62:f0:67:a4:9c:ef:32:65:60:75:07:
bb:c4:23:cc:bb:88:bd:19:0a:b1:66:ea:01:23:04:9e:bd:ec:
84:e6:32:f9:dd:46:20:54:ec:b0:3a:86:f2:e8:d5:63:71:64:
c9:2b:19:61:65:d1:cd:15:2a:56:5a:a4:1c:d7:a3:b8:14:df:
be:1f:82:7e:a4:18:51:0d:b7:a5:07:b6:53:4a:6f:c8:6e:91:
6a:fe:10:d4:fa:f8:f0:36:49:10:f2:ca:d5:5f:cb:d3:5a:50:
ce:be:c5:3b:cf:15:79:39:23:6a:77:1f:66:55:c5:c9:69:c6:
82:8c:a5:be:27:8e:1e:10:c7:c3:8f:c6:6b:85:7a:d3:f3:9f:
07:7a:4a:c3:0f:c9:bb:42:98:16:4d:ad:58:aa:be:da:1c:7b:
af:58:71:35:cd:38:dd:3e:c0:64:d9:33:de:52:f4:d6:2b:b0:
5d:ae:55:9d:74:ef:18:c1:f8:37:d9:a7:f9:02:46:76:98:2a:
2c:66:7b:ca
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZU4U18yV40Nc4VNvovLVXvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjUwMjI0MTQxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQzN2ZjZDgzODVmMTlhZjYxMWQ0OGVlYjQ3OWUwZTBjNWM3MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvcurmnXbls6kxLcsjX4S7ZYI6QH
d2adQnmUocakz1PQvJJfckaa/1OvU3PKkc/x4DB5DHUg5+gO8tLNl4Y9MDvbtuKE
beEkV0IyTmvoSDgdMyMl4So4345lVNvouHevBL3P3aZ+ZhVPYMUMUoLnD5zmSPAX
7TVH2KVFhFMsuN+3NJgA9Eh/78c3hTmbqzgAx3dwptQykPycB9g39vMJIbpiR+2Y
+8Nb5UULkxY3cmvy23QDdDZUZnIV/ibnQB4zXkU0uizG0X7RRxITG3R+v81noVbh
mcrcfTtRgrElDG88wFrJw9WAtqa9xcY8/9KDr8yv1WjXq8lvSNv+y04SyQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNrTf82DhfGa9hHUjutHng4MXHMRMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvMnROX3pZT0Y4WnIyRWRTTzYwZWVEZ3hjY3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKgDcgAAw
DQYJKoZIhvcNAQELBQADggEBAL50H75omGt/WIUfvIOpm5BlNXJNo1E7uLjfcgOI
NSXH6JHc2as3dkWOVFVU3dYcmdM9RAVpYEsf4Edsteli8GeknO8yZWB1B7vEI8y7
iL0ZCrFm6gEjBJ697ITmMvndRiBU7LA6hvLo1WNxZMkrGWFl0c0VKlZapBzXo7gU
374fgn6kGFENt6UHtlNKb8hukWr+ENT6+PA2SRDyytVfy9NaUM6+xTvPFXk5I2p3
H2ZVxclpxoKMpb4njh4Qx8OPxmuFetPznwd6SsMPybtCmBZNrViqvtoce69YcTXN
ON0+wGTZM95S9NYrsF2uVZ107xjB+DfZp/kCRnaYKixme8o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:15:10 2025 by rpki-client