Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/9q57g_0RSDhIkMP4Rr-9YFsM2Qg.roa
File: 9q57g_0RSDhIkMP4Rr-9YFsM2Qg.roa (raw, json)
Hash identifier: XFngLW9t5zWNs/vXsuNQLGH1nWCYUQ+qOWG/LxCPCI4=
Subject key identifier: F6:AE:7B:83:FD:11:48:38:48:90:C3:F8:46:BF:BD:60:5B:0C:D9:08
Certificate issuer: /CN=246f9be783d73d95ab8aa54619e60f9011c04d67
Certificate serial: 019422FBFD9BAFAE9E63E8FE8FC53F1FD4BB
Authority key identifier: 24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/9q57g_0RSDhIkMP4Rr-9YFsM2Qg.roa
Signing time: Wed 01 Jan 2025 17:48:47 +0000
ROA not before: Wed 01 Jan 2025 17:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197937
IP address blocks: 2a13:83c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Jan 2025 20:36:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:fd:9b:af:ae:9e:63:e8:fe:8f:c5:3f:1f:d4:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=246f9be783d73d95ab8aa54619e60f9011c04d67
Validity
Not Before: Jan 1 17:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6ae7b83fd1148384890c3f846bfbd605b0cd908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:36:4f:e0:52:77:31:62:61:c5:df:ee:98:ac:
4d:e2:6f:8c:7a:25:2f:34:c8:25:24:69:b7:4f:14:
7d:2b:1f:6f:b8:a6:35:2e:ce:5f:57:ce:6c:77:7f:
66:25:c3:8c:10:30:3e:c2:d5:e3:19:f1:6e:6a:97:
25:f3:13:b2:d8:33:83:2d:50:50:00:85:34:74:2b:
2f:f2:54:78:30:fd:03:f2:17:df:07:cb:1e:15:47:
3e:c4:fc:04:ad:b7:44:65:ea:7e:dd:95:2c:34:1a:
41:69:74:25:ae:fc:31:ea:17:f0:50:cc:dd:fe:cd:
66:06:f7:be:37:2d:7c:5b:c9:83:09:09:cd:3a:ca:
3d:23:13:63:09:da:09:cc:3d:b2:43:71:55:55:e7:
a4:39:72:3f:96:64:65:29:4d:9b:27:59:55:fb:37:
38:23:b4:4b:14:43:b4:b4:6c:a9:ab:ed:76:e9:a2:
64:9f:5e:ec:5f:cc:cd:c3:68:de:db:14:a0:bf:28:
8b:d2:04:0c:18:d8:21:0a:2c:43:96:9f:13:04:10:
0a:1d:ee:9e:00:fe:14:8f:d3:de:3a:2e:0a:9f:a0:
c7:41:5a:81:76:f1:ae:8e:bc:02:1d:ca:63:dc:66:
d0:84:d5:9d:0e:66:a9:c6:04:bf:ae:ab:dd:3d:1c:
d9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:AE:7B:83:FD:11:48:38:48:90:C3:F8:46:BF:BD:60:5B:0C:D9:08
X509v3 Authority Key Identifier:
keyid:24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/9q57g_0RSDhIkMP4Rr-9YFsM2Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/JG-b54PXPZWriqVGGeYPkBHATWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:fa:7c:c5:9e:8d:dd:d8:84:53:f8:b8:b5:7e:2f:29:4b:aa:
98:90:44:78:87:27:62:3a:2f:58:34:28:bb:e4:a8:88:ea:85:
76:a8:61:ea:f7:18:8c:a7:d1:66:e4:2f:b9:0f:4f:cc:dd:0e:
e3:05:32:9f:ec:70:83:55:7b:13:21:0d:74:36:35:b4:aa:f7:
3a:58:17:cf:fb:0a:0d:76:da:5d:d6:d4:f5:24:a5:05:29:a2:
13:33:e7:1a:d3:2b:47:3b:22:93:7b:e5:11:94:ea:14:6d:e0:
7f:cc:a9:46:19:fa:4a:18:9a:3d:47:cf:c0:53:03:55:5b:e9:
54:92:8e:9d:7b:9b:db:cb:db:01:7b:89:e6:88:fd:49:e8:b0:
d9:d8:8f:0c:0d:2c:23:ee:6c:42:3e:62:aa:d9:aa:a4:65:51:
27:c6:f1:d8:bb:0e:00:66:04:25:56:ef:35:ec:9e:ad:0f:3a:
b0:c2:97:54:78:bc:b8:b3:c4:55:82:05:ae:ad:b8:42:09:d6:
34:70:7c:80:aa:bb:75:98:48:76:04:98:20:c4:01:5e:28:65:
3f:15:03:23:d7:e6:1e:83:6f:9c:58:68:c7:0f:c7:b5:79:8d:
d1:04:c4:f6:62:d7:cf:92:0e:d1:4d:1e:97:50:81:23:bb:7d:
42:58:6d:11
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+/2br66eY+j+j8U/H9S7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NmY5YmU3ODNkNzNkOTVhYjhhYTU0NjE5ZTYwZjkwMTFj
MDRkNjcwHhcNMjUwMTAxMTc0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmFlN2I4M2ZkMTE0ODM4NDg5MGMzZjg0NmJmYmQ2MDViMGNkOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TZP4FJ3MWJhxd/umKxN4m+MeiUv
NMglJGm3TxR9Kx9vuKY1Ls5fV85sd39mJcOMEDA+wtXjGfFuapcl8xOy2DODLVBQ
AIU0dCsv8lR4MP0D8hffB8seFUc+xPwErbdEZep+3ZUsNBpBaXQlrvwx6hfwUMzd
/s1mBve+Ny18W8mDCQnNOso9IxNjCdoJzD2yQ3FVVeekOXI/lmRlKU2bJ1lV+zc4
I7RLFEO0tGypq+126aJkn17sX8zNw2je2xSgvyiL0gQMGNghCixDlp8TBBAKHe6e
AP4Uj9PeOi4Kn6DHQVqBdvGujrwCHcpj3GbQhNWdDmapxgS/rqvdPRzZQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPaue4P9EUg4SJDD+Ea/vWBbDNkIMB8GA1UdIwQY
MBaAFCRvm+eD1z2Vq4qlRhnmD5ARwE1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWIt
Y2JiZDAxZjJiOTFjLzEvOXE1N2dfMFJTRGhJa01QNFJyLTlZRnNNMlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWItY2JiZDAxZjJiOTFj
LzEvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhODwDAN
BgkqhkiG9w0BAQsFAAOCAQEAjvp8xZ6N3diEU/i4tX4vKUuqmJBEeIcnYjovWDQo
u+SoiOqFdqhh6vcYjKfRZuQvuQ9PzN0O4wUyn+xwg1V7EyENdDY1tKr3OlgXz/sK
DXbaXdbU9SSlBSmiEzPnGtMrRzsik3vlEZTqFG3gf8ypRhn6ShiaPUfPwFMDVVvp
VJKOnXub28vbAXuJ5oj9Seiw2diPDA0sI+5sQj5iqtmqpGVRJ8bx2LsOAGYEJVbv
NeyerQ86sMKXVHi8uLPEVYIFrq24QgnWNHB8gKq7dZhIdgSYIMQBXihlPxUDI9fm
HoNvnFhoxw/HtXmN0QTE9mLXz5IO0U0el1CBI7t9QlhtEQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:26 2025 by rpki-client