Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/fI144UZAPthLjWHp6dbEkhw6zkE.roa
File: fI144UZAPthLjWHp6dbEkhw6zkE.roa (raw, json)
Hash identifier: ErHPL7B+CBS/bcCrghb+Q/gUvBEyQAUxTVsBAep0wDg=
Subject key identifier: 7C:8D:78:E1:46:40:3E:D8:4B:8D:61:E9:E9:D6:C4:92:1C:3A:CE:41
Certificate issuer: /CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Certificate serial: 0196D31721228556E73A1BA8752A9476CF35
Authority key identifier: 9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/fI144UZAPthLjWHp6dbEkhw6zkE.roa
Signing time: Thu 15 May 2025 08:37:10 +0000
ROA not before: Thu 15 May 2025 08:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44765
IP address blocks: 209.92.64.0/24 maxlen: 24
209.92.65.0/24 maxlen: 24
209.92.66.0/24 maxlen: 24
209.92.67.0/24 maxlen: 24
2a00:8e40::/32 maxlen: 48
2a00:8e40:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 May 2025 06:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:17:21:22:85:56:e7:3a:1b:a8:75:2a:94:76:cf:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Validity
Not Before: May 15 08:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c8d78e146403ed84b8d61e9e9d6c4921c3ace41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d7:22:6a:55:14:59:bc:ee:d4:f4:10:c9:50:
c1:f9:1d:b6:75:8d:90:5d:2f:3e:ce:35:52:80:12:
37:3a:27:d8:ac:7b:16:10:54:bd:77:e0:fb:fc:6a:
8c:44:87:6e:46:d6:86:33:cb:48:2e:2e:c9:f5:2e:
1f:0b:b7:74:02:e4:11:ff:bc:7d:c9:a4:3c:a7:bd:
32:cf:5f:e8:2d:02:c9:d7:2c:07:7d:c3:70:6b:ec:
3e:70:d3:3e:75:a8:5b:16:fb:b6:12:44:3f:14:a8:
4f:2a:75:fd:90:f8:0b:a3:eb:80:ef:7b:32:c2:b0:
52:be:b3:d8:ab:73:d3:ed:19:55:aa:50:58:ae:e0:
00:71:50:3e:67:32:ac:4e:3d:93:b7:fa:24:13:0e:
7e:b1:70:37:89:a8:f4:82:4e:95:31:89:b7:40:c8:
be:04:a9:26:0a:21:e3:f3:d8:59:d8:55:af:5d:9d:
0d:95:02:64:2b:26:66:2a:8e:86:5b:26:1e:ba:eb:
ff:82:1c:0d:88:75:e7:e3:18:bd:3f:e3:69:5d:19:
42:72:15:f7:85:11:ca:2e:03:41:54:df:49:59:3c:
96:89:05:4b:18:a3:c7:e0:f4:68:28:d8:a8:b9:47:
28:93:aa:3b:88:f2:81:8c:eb:25:f3:3e:fb:90:47:
00:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8D:78:E1:46:40:3E:D8:4B:8D:61:E9:E9:D6:C4:92:1C:3A:CE:41
X509v3 Authority Key Identifier:
keyid:9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/fI144UZAPthLjWHp6dbEkhw6zkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.92.64.0/22
IPv6:
2a00:8e40::/32
Signature Algorithm: sha256WithRSAEncryption
17:63:3e:88:b0:99:f0:92:49:27:da:5a:0d:c8:ed:61:4c:60:
b6:2e:7f:a6:2b:7b:d5:d3:67:ce:50:bf:f2:ce:3f:20:df:72:
6e:39:ee:2b:b0:a1:fe:2d:5b:17:38:f8:d3:a2:bc:3e:73:43:
03:17:56:0c:3f:02:98:0e:3b:37:99:c9:a1:ff:84:b8:5f:ae:
37:57:f1:01:1c:63:04:24:89:16:97:f0:8a:b7:3c:0d:57:9d:
bf:f1:33:57:60:24:1b:69:5c:1e:2c:72:26:4e:ca:0c:d4:21:
7a:73:3b:3d:9c:19:15:70:99:4e:1a:bd:fb:3c:f3:17:f3:d1:
ab:e6:7a:38:39:9e:30:ab:ec:15:1c:a0:51:c6:e1:3f:13:9f:
61:7a:31:a7:a5:08:53:9d:c5:3c:04:85:fc:7a:c5:30:7c:cf:
ba:c7:d8:4e:25:c1:fc:9a:8b:ad:6a:4b:38:c8:cb:eb:c5:55:
53:54:57:56:c4:62:24:07:5b:66:a1:5d:fd:57:dd:a8:f9:e8:
ec:94:d8:d3:47:77:df:22:d2:78:e1:b0:53:d7:8e:d2:42:0f:
f4:6e:e8:0e:d8:88:86:19:ea:a0:32:82:2f:94:98:51:0e:f0:
ca:92:f0:49:2f:34:f5:e5:99:f5:7c:0e:3b:67:42:fb:3c:27:
2b:6e:38:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZbTFyEihVbnOhuodSqUds81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDY3ZTUyYjRiNWIyNDEyZmVjMDE0OGRmYzZjYjFiMzRl
OTI3NGIwHhcNMjUwNTE1MDgzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzhkNzhlMTQ2NDAzZWQ4NGI4ZDYxZTllOWQ2YzQ5MjFjM2FjZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dcialUUWbzu1PQQyVDB+R22dY2Q
XS8+zjVSgBI3OifYrHsWEFS9d+D7/GqMRIduRtaGM8tILi7J9S4fC7d0AuQR/7x9
yaQ8p70yz1/oLQLJ1ywHfcNwa+w+cNM+dahbFvu2EkQ/FKhPKnX9kPgLo+uA73sy
wrBSvrPYq3PT7RlVqlBYruAAcVA+ZzKsTj2Tt/okEw5+sXA3iaj0gk6VMYm3QMi+
BKkmCiHj89hZ2FWvXZ0NlQJkKyZmKo6GWyYeuuv/ghwNiHXn4xi9P+NpXRlCchX3
hRHKLgNBVN9JWTyWiQVLGKPH4PRoKNiouUcok6o7iPKBjOsl8z77kEcABwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHyNeOFGQD7YS41h6enWxJIcOs5BMB8GA1UdIwQY
MBaAFJ8GflK0tbJBL+wBSN/Gyxs06SdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUt
MDJhMDliN2E0ZWI3LzEvZkkxNDRVWkFQdGhMaldIcDZkYkVraHc2emtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUtMDJhMDliN2E0ZWI3
LzEvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC0VxAMA0E
AgACMAcDBQAqAI5AMA0GCSqGSIb3DQEBCwUAA4IBAQAXYz6IsJnwkkkn2loNyO1h
TGC2Ln+mK3vV02fOUL/yzj8g33JuOe4rsKH+LVsXOPjTorw+c0MDF1YMPwKYDjs3
mcmh/4S4X643V/EBHGMEJIkWl/CKtzwNV52/8TNXYCQbaVweLHImTsoM1CF6czs9
nBkVcJlOGr37PPMX89Gr5no4OZ4wq+wVHKBRxuE/E59hejGnpQhTncU8BIX8esUw
fM+6x9hOJcH8moutaks4yMvrxVVTVFdWxGIkB1tmoV39V92o+ejslNjTR3ffItJ4
4bBT147SQg/0bugO2IiGGeqgMoIvlJhRDvDKkvBJLzT15Zn1fA47Z0L7PCcrbjh3
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:02:04 2025 by rpki-client