Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Z06qovwDfPJy8tYGGPrDFJ5yrOQ.roa
File: Z06qovwDfPJy8tYGGPrDFJ5yrOQ.roa (raw, json)
Hash identifier: 0dizlRtPclG6LlBUuM/abDtDOE8fs82yseQnu0blkXM=
Subject key identifier: 67:4E:AA:A2:FC:03:7C:F2:72:F2:D6:06:18:FA:C3:14:9E:72:AC:E4
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0194FBA020283B7AFB20A93282CFDA5F16A0
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Z06qovwDfPJy8tYGGPrDFJ5yrOQ.roa
Signing time: Wed 12 Feb 2025 19:26:02 +0000
ROA not before: Wed 12 Feb 2025 19:26:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 2a12:bec4:1651::/48 maxlen: 48
2a12:bec4:1750::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 11:51:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fb:a0:20:28:3b:7a:fb:20:a9:32:82:cf:da:5f:16:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 12 19:26:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=674eaaa2fc037cf272f2d60618fac3149e72ace4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:0f:dd:c4:11:dc:26:1e:7b:5f:47:83:08:
58:56:22:b8:8c:89:93:c6:ff:0f:8d:95:c0:46:f0:
ab:e5:6c:57:cf:a4:0f:a7:1f:08:1e:c8:64:ca:59:
f1:d6:3b:dd:fb:96:d1:0c:2e:5b:15:7b:33:d8:38:
7b:95:33:e4:c9:e6:77:c9:3b:ec:ac:49:66:c6:cd:
84:7c:22:cc:11:02:ea:67:6c:08:54:f8:be:79:f6:
69:1f:3c:d8:bc:46:a5:b0:4b:52:0c:75:2d:4e:59:
a0:0b:26:c0:73:68:6c:81:6e:58:84:c3:ca:4b:18:
9b:c7:da:df:5c:1b:4c:9d:2f:56:92:56:a4:89:90:
cd:37:c7:cb:bc:8c:d0:e1:48:13:a6:b7:23:48:08:
c0:52:02:cd:0f:dd:d5:1a:2f:a8:da:95:86:5d:71:
f6:ed:72:a3:aa:98:5f:b2:1e:24:8e:8d:42:32:c6:
9c:51:78:42:94:e4:46:94:46:f2:53:43:52:27:14:
94:31:31:22:6f:99:6e:d5:4f:c8:b8:c6:c1:5d:1c:
e3:35:47:39:25:0b:a7:ee:10:c9:5c:12:2d:ba:02:
3e:e2:2f:2b:ca:84:f9:de:14:29:4b:e1:99:33:82:
48:ca:8b:3d:f2:ad:6a:34:54:cb:2b:cd:89:03:9b:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4E:AA:A2:FC:03:7C:F2:72:F2:D6:06:18:FA:C3:14:9E:72:AC:E4
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Z06qovwDfPJy8tYGGPrDFJ5yrOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1651::/48
2a12:bec4:1750::/45
Signature Algorithm: sha256WithRSAEncryption
0b:1e:38:16:b2:de:bc:da:a8:ff:98:98:5b:14:5c:18:9a:60:
f6:52:08:15:58:91:b0:cc:1b:8a:6c:48:0c:7e:83:22:4e:eb:
4f:bb:0d:04:65:bb:47:6f:5e:d9:da:da:59:7e:04:3e:e2:d6:
fb:f5:13:a9:3a:86:ef:7c:67:8f:56:87:ff:b8:46:f9:45:fc:
7a:30:48:ad:8d:cd:43:27:e5:7c:80:43:3c:13:76:05:26:a1:
39:fc:1b:5d:ac:8c:c6:62:4f:a7:4c:da:6a:9e:36:94:c9:82:
e6:8c:df:24:2d:02:0e:5d:d8:93:11:0c:bb:df:a4:46:b9:bc:
1f:33:79:96:6d:eb:fb:33:17:8d:4b:7e:ea:ab:68:32:dd:77:
b0:51:48:a6:0d:1f:f8:ca:77:de:af:b7:6a:67:6d:e9:a4:d3:
ec:99:a6:4f:39:79:13:7e:66:46:5f:40:4d:13:bf:ab:65:ee:
c0:dc:2f:73:23:93:f5:0d:6b:cc:2c:0e:25:f6:0f:3b:f8:36:
25:0c:e0:4c:3a:b2:3e:eb:2e:34:46:cc:82:cc:9f:dc:43:ce:
cc:1a:8f:e3:45:45:3b:22:02:48:ef:b8:97:05:c0:eb:fa:c3:
6d:24:5e:32:7e:12:21:83:d8:7d:35:cf:fc:1a:e5:e3:c7:66:
9d:9b:f5:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZT7oCAoO3r7IKkygs/aXxagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMjEyMTkyNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRlYWFhMmZjMDM3Y2YyNzJmMmQ2MDYxOGZhYzMxNDllNzJhY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd4P3cQR3CYee19HgwhYViK4jImT
xv8PjZXARvCr5WxXz6QPpx8IHshkylnx1jvd+5bRDC5bFXsz2Dh7lTPkyeZ3yTvs
rElmxs2EfCLMEQLqZ2wIVPi+efZpHzzYvEalsEtSDHUtTlmgCybAc2hsgW5YhMPK
Sxibx9rfXBtMnS9WklakiZDNN8fLvIzQ4UgTprcjSAjAUgLND93VGi+o2pWGXXH2
7XKjqphfsh4kjo1CMsacUXhClORGlEbyU0NSJxSUMTEib5lu1U/IuMbBXRzjNUc5
JQun7hDJXBItugI+4i8ryoT53hQpS+GZM4JIyos98q1qNFTLK82JA5swowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGdOqqL8A3zycvLWBhj6wxSecqzkMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvWjA2cW92d0RmUEp5OHRZR0dQckRGSjV5ck9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhK+xBZR
AwcDKhK+xBdQMA0GCSqGSIb3DQEBCwUAA4IBAQALHjgWst682qj/mJhbFFwYmmD2
UggVWJGwzBuKbEgMfoMiTutPuw0EZbtHb17Z2tpZfgQ+4tb79ROpOobvfGePVof/
uEb5Rfx6MEitjc1DJ+V8gEM8E3YFJqE5/BtdrIzGYk+nTNpqnjaUyYLmjN8kLQIO
XdiTEQy736RGubwfM3mWbev7MxeNS37qq2gy3XewUUimDR/4ynfer7dqZ23ppNPs
maZPOXkTfmZGX0BNE7+rZe7A3C9zI5P1DWvMLA4l9g87+DYlDOBMOrI+6y40RsyC
zJ/cQ87MGo/jRUU7IgJI77iXBcDr+sNtJF4yfhIhg9h9Nc/8GuXjx2adm/WB
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:37:54 2025 by rpki-client