Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q9MmNEzCeNteBm4oCbxBr5XDG48.roa
File: Q9MmNEzCeNteBm4oCbxBr5XDG48.roa (raw, json)
Hash identifier: CrS4pJcFAjEiRlqafKo3od+tyGQC405XNv+KZmm57Zc=
Subject key identifier: 43:D3:26:34:4C:C2:78:DB:5E:06:6E:28:09:BC:41:AF:95:C3:1B:8F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C7D0F2386E4A69FA16B3D8FA5A8E9
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q9MmNEzCeNteBm4oCbxBr5XDG48.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216402
IP address blocks: 2a12:bec4:14a0::/44 maxlen: 44
Validation: Failed, certificate revoked on Sat 22 Feb 2025 21:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7d:0f:23:86:e4:a6:9f:a1:6b:3d:8f:a5:a8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43d326344cc278db5e066e2809bc41af95c31b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e1:9a:3d:ec:68:49:d4:ba:22:36:32:c5:c8:
9e:5d:cf:7f:15:21:0a:f5:0a:61:f3:4c:dd:73:14:
62:ba:cd:b0:b5:bd:43:1d:68:2e:59:58:9f:36:06:
3d:34:89:96:f4:7d:56:9b:dc:89:6f:55:7f:8f:29:
a0:34:b6:30:00:6b:d9:10:da:0d:60:b0:3c:e7:32:
43:d3:95:c1:22:1f:fc:50:12:1b:2d:8e:1e:13:ff:
8e:01:45:1d:0a:3a:a6:cc:a3:43:9b:40:7e:e7:b8:
97:51:e7:19:26:70:8f:4c:f4:69:d3:d9:80:41:ba:
9e:b1:d7:42:f2:83:25:2b:51:f2:67:e0:11:14:96:
93:17:2c:da:7c:08:9d:2f:0c:af:a3:2c:ac:1d:35:
54:97:8c:ed:2d:79:1d:e5:59:21:1e:49:af:f6:5f:
69:3d:85:44:45:1d:59:2d:1f:e5:f7:39:7a:bd:14:
da:79:fd:0e:9b:bf:62:c9:d2:08:2c:8c:4e:d1:f9:
29:7b:50:77:eb:9f:05:9d:f6:9f:cf:a0:b6:11:18:
07:d7:df:5c:d6:df:21:8c:d3:99:4d:6a:d3:ec:3b:
e5:04:3b:d8:c8:8e:b4:aa:85:85:73:33:83:89:98:
9f:69:6e:8b:24:9f:a1:8c:b4:de:b1:0d:38:fe:8f:
ab:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D3:26:34:4C:C2:78:DB:5E:06:6E:28:09:BC:41:AF:95:C3:1B:8F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Q9MmNEzCeNteBm4oCbxBr5XDG48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:14a0::/44
Signature Algorithm: sha256WithRSAEncryption
41:cb:52:d9:88:74:9d:97:b5:df:19:94:8c:64:88:ca:e9:cf:
ab:fa:4a:b7:a8:76:15:45:46:be:eb:24:c6:04:d3:25:60:51:
d7:93:bd:78:41:52:dc:15:6e:39:62:68:ec:64:98:b7:a9:59:
3a:1a:32:5b:f1:64:68:22:42:13:3d:ac:d4:b5:ab:eb:42:d1:
99:b1:f0:51:22:49:d4:bd:41:16:4e:3c:41:9f:32:16:e2:62:
41:c7:84:8f:0e:ae:d9:2b:54:62:78:d8:ca:92:ed:a6:be:8c:
0b:00:04:1d:d9:a8:3f:19:7a:54:b2:bb:e3:00:f3:7f:ea:de:
be:bc:95:5e:59:6e:da:f5:15:0b:c5:0e:8a:7d:f5:df:41:8b:
25:b2:d8:ba:64:8f:4f:a5:95:81:ed:9a:49:6d:06:19:b6:f1:
d6:6e:30:98:95:82:2c:f9:9d:5f:ca:3f:10:5b:c2:4c:a1:56:
78:b5:c8:4f:5a:39:b8:18:ff:a5:a4:5b:a0:89:bf:25:e7:80:
90:78:ed:3b:c6:00:f6:e6:9b:02:20:8b:5e:f2:b6:7a:d8:97:
7f:d1:71:5f:ff:e7:3a:01:9c:d9:fc:bc:cb:69:dc:10:9c:2d:
e2:3d:c7:c6:ca:72:9f:aa:fb:99:34:76:ca:83:4a:e6:35:f5:
a5:04:d5:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjH0PI4bkpp+haz2PpajpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QzMjYzNDRjYzI3OGRiNWUwNjZlMjgwOWJjNDFhZjk1YzMxYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eGaPexoSdS6IjYyxcieXc9/FSEK
9Qph80zdcxRius2wtb1DHWguWVifNgY9NImW9H1Wm9yJb1V/jymgNLYwAGvZENoN
YLA85zJD05XBIh/8UBIbLY4eE/+OAUUdCjqmzKNDm0B+57iXUecZJnCPTPRp09mA
QbqesddC8oMlK1HyZ+ARFJaTFyzafAidLwyvoyysHTVUl4ztLXkd5VkhHkmv9l9p
PYVERR1ZLR/l9zl6vRTaef0Om79iydIILIxO0fkpe1B3658Fnfafz6C2ERgH199c
1t8hjNOZTWrT7DvlBDvYyI60qoWFczODiZifaW6LJJ+hjLTesQ04/o+rUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEPTJjRMwnjbXgZuKAm8Qa+VwxuPMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUTlNbU5FekNlTnRlQm00b0NieEJyNVhERzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBSg
MA0GCSqGSIb3DQEBCwUAA4IBAQBBy1LZiHSdl7XfGZSMZIjK6c+r+kq3qHYVRUa+
6yTGBNMlYFHXk714QVLcFW45YmjsZJi3qVk6GjJb8WRoIkITPazUtavrQtGZsfBR
IknUvUEWTjxBnzIW4mJBx4SPDq7ZK1RieNjKku2mvowLAAQd2ag/GXpUsrvjAPN/
6t6+vJVeWW7a9RULxQ6KffXfQYslsti6ZI9PpZWB7ZpJbQYZtvHWbjCYlYIs+Z1f
yj8QW8JMoVZ4tchPWjm4GP+lpFugib8l54CQeO07xgD25psCIIte8rZ62Jd/0XFf
/+c6AZzZ/LzLadwQnC3iPcfGynKfqvuZNHbKg0rmNfWlBNXq
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:05:40 2025 by rpki-client