Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/r5U0GH_PPmbVV5gjAwOFt8MXkdY.roa
File: r5U0GH_PPmbVV5gjAwOFt8MXkdY.roa (raw, json)
Hash identifier: kl3A8DLaKZ+IUng8H2sU4FveB/v1f4pz0Z77zJRZUZU=
Subject key identifier: AF:95:34:18:7F:CF:3E:66:D5:57:98:23:03:03:85:B7:C3:17:91:D6
Certificate issuer: /CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Certificate serial: 0196D7D4336C0120FAD8C4295DFC33C7A82D
Authority key identifier: 9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/r5U0GH_PPmbVV5gjAwOFt8MXkdY.roa
Signing time: Fri 16 May 2025 06:42:10 +0000
ROA not before: Fri 16 May 2025 06:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44765
IP address blocks: 209.92.64.0/22 maxlen: 24
209.92.64.0/24 maxlen: 24
209.92.65.0/24 maxlen: 24
209.92.66.0/24 maxlen: 24
209.92.67.0/24 maxlen: 24
2a00:8e40::/32 maxlen: 48
2a00:8e40:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 May 2025 07:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d7:d4:33:6c:01:20:fa:d8:c4:29:5d:fc:33:c7:a8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f067e52b4b5b2412fec0148dfc6cb1b34e9274b
Validity
Not Before: May 16 06:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af9534187fcf3e66d5579823030385b7c31791d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:68:8d:80:93:5b:83:84:f3:b5:78:65:c8:65:
39:e7:60:8a:17:90:b5:19:52:ca:38:fb:08:e7:31:
53:f4:04:e4:ab:4f:0a:12:cb:d3:b0:07:28:18:3d:
a1:d5:9a:9b:54:15:d9:8b:e9:8b:67:0d:7e:0b:88:
66:d8:48:2c:88:0f:95:2d:4c:6f:dc:bb:54:31:95:
15:4f:14:a0:40:5c:57:03:3a:a8:2e:bc:42:6e:1b:
55:87:61:e1:c4:af:f8:ac:96:3a:e9:b1:6d:a7:5d:
fd:6c:17:b2:11:7f:fe:e5:4a:40:53:e3:75:46:bd:
86:75:d2:4e:5f:14:b8:e8:ad:0c:35:55:99:60:c0:
5b:cf:79:d8:f6:b2:fd:53:53:03:12:b2:30:63:96:
77:c1:4c:43:87:19:1c:a9:76:72:17:b0:70:6e:66:
1c:b1:cf:44:bc:3a:3f:b7:8e:01:cc:15:4c:41:e4:
d7:7c:16:74:7e:f3:db:e2:a4:11:e8:d2:a5:19:dc:
a8:d1:1a:62:99:81:d4:a8:fc:5e:44:18:ce:ee:9c:
1a:a5:3a:1d:e1:bc:63:df:0f:e7:1f:3e:6e:c5:7d:
6c:fe:96:0c:ac:f3:fb:19:33:d9:c0:3c:a2:2a:25:
63:5b:29:24:70:ad:e0:ef:f7:48:d1:1f:f3:19:dd:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:95:34:18:7F:CF:3E:66:D5:57:98:23:03:03:85:B7:C3:17:91:D6
X509v3 Authority Key Identifier:
keyid:9F:06:7E:52:B4:B5:B2:41:2F:EC:01:48:DF:C6:CB:1B:34:E9:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwZ-UrS1skEv7AFI38bLGzTpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/r5U0GH_PPmbVV5gjAwOFt8MXkdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0cd65c-e57d-412e-ba65-02a09b7a4eb7/1/nwZ-UrS1skEv7AFI38bLGzTpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.92.64.0/22
IPv6:
2a00:8e40::/32
Signature Algorithm: sha256WithRSAEncryption
28:cc:37:43:41:bd:5e:95:f7:4b:fd:b0:2d:53:45:0b:ce:38:
5d:98:58:94:68:e1:e1:dd:5a:8c:5d:fb:dd:18:87:ac:ac:71:
d2:d1:4c:6d:32:84:af:1b:a2:42:84:f0:62:80:ce:d6:14:39:
2d:2f:9d:22:cc:65:60:52:ea:9a:1c:7d:7f:8c:60:b7:47:85:
a5:60:aa:4a:98:d4:89:94:8c:68:6e:2d:a6:8f:f2:68:b4:c3:
66:d2:01:57:f8:a2:71:b3:d8:62:20:2f:bf:8b:78:fa:b5:50:
47:e0:40:4d:19:bf:c5:bd:dd:92:a0:82:03:6c:b4:12:8e:56:
5f:40:97:c2:9e:20:69:14:b3:aa:c2:fb:c7:4f:56:47:e3:1c:
a7:2d:2a:57:2b:6a:37:88:95:8a:34:c9:29:5e:17:2a:f1:72:
ba:88:d3:d5:6e:5c:a1:3f:c6:85:24:e5:3e:4c:ea:94:af:6b:
7c:40:4b:51:36:3f:c9:da:87:24:e0:d9:b5:da:be:65:46:ec:
4e:68:58:2b:ac:6e:98:f0:24:3b:b8:85:5e:34:51:f6:2b:2e:
1f:6e:c7:0a:e1:78:70:00:7a:b3:59:40:3b:2e:52:9e:9e:91:
10:c4:99:1a:9b:f0:0d:86:e2:97:70:f6:f9:35:b8:51:d7:99:
3e:3c:70:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZbX1DNsASD62MQpXfwzx6gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDY3ZTUyYjRiNWIyNDEyZmVjMDE0OGRmYzZjYjFiMzRl
OTI3NGIwHhcNMjUwNTE2MDY0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk1MzQxODdmY2YzZTY2ZDU1Nzk4MjMwMzAzODViN2MzMTc5MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomiNgJNbg4TztXhlyGU552CKF5C1
GVLKOPsI5zFT9ATkq08KEsvTsAcoGD2h1ZqbVBXZi+mLZw1+C4hm2EgsiA+VLUxv
3LtUMZUVTxSgQFxXAzqoLrxCbhtVh2HhxK/4rJY66bFtp139bBeyEX/+5UpAU+N1
Rr2GddJOXxS46K0MNVWZYMBbz3nY9rL9U1MDErIwY5Z3wUxDhxkcqXZyF7BwbmYc
sc9EvDo/t44BzBVMQeTXfBZ0fvPb4qQR6NKlGdyo0RpimYHUqPxeRBjO7pwapTod
4bxj3w/nHz5uxX1s/pYMrPP7GTPZwDyiKiVjWykkcK3g7/dI0R/zGd1XawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+VNBh/zz5m1VeYIwMDhbfDF5HWMB8GA1UdIwQY
MBaAFJ8GflK0tbJBL+wBSN/Gyxs06SdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUt
MDJhMDliN2E0ZWI3LzEvcjVVMEdIX1BQbWJWVjVnakF3T0Z0OE1Ya2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wY2Q2NWMtZTU3ZC00MTJlLWJhNjUtMDJhMDliN2E0ZWI3
LzEvbndaLVVyUzFza0V2N0FGSTM4YkxHelRwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC0VxAMA0E
AgACMAcDBQAqAI5AMA0GCSqGSIb3DQEBCwUAA4IBAQAozDdDQb1elfdL/bAtU0UL
zjhdmFiUaOHh3VqMXfvdGIesrHHS0UxtMoSvG6JChPBigM7WFDktL50izGVgUuqa
HH1/jGC3R4WlYKpKmNSJlIxobi2mj/JotMNm0gFX+KJxs9hiIC+/i3j6tVBH4EBN
Gb/Fvd2SoIIDbLQSjlZfQJfCniBpFLOqwvvHT1ZH4xynLSpXK2o3iJWKNMkpXhcq
8XK6iNPVblyhP8aFJOU+TOqUr2t8QEtRNj/J2ock4Nm12r5lRuxOaFgrrG6Y8CQ7
uIVeNFH2Ky4fbscK4XhwAHqzWUA7LlKenpEQxJkam/ANhuKXcPb5NbhR15k+PHAP
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:48:39 2025 by rpki-client