Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/8wZs7vhHDw6ZlJ-sRKPEkOY-gLM.roa
File: 8wZs7vhHDw6ZlJ-sRKPEkOY-gLM.roa (raw, json)
Hash identifier: gEIXMLIQGnnL+jo0jGw18Zq9sLmauY2lIJu4QpvYpvY=
Subject key identifier: F3:06:6C:EE:F8:47:0F:0E:99:94:9F:AC:44:A3:C4:90:E6:3E:80:B3
Certificate issuer: /CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Certificate serial: 01958F55F427A14CC44A4BBEC5F80ED4380D
Authority key identifier: D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/8wZs7vhHDw6ZlJ-sRKPEkOY-gLM.roa
Signing time: Thu 13 Mar 2025 11:48:49 +0000
ROA not before: Thu 13 Mar 2025 11:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63150
IP address blocks: 2a14:7dc0:200::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 12:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:55:f4:27:a1:4c:c4:4a:4b:be:c5:f8:0e:d4:38:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Validity
Not Before: Mar 13 11:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3066ceef8470f0e99949fac44a3c490e63e80b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a8:27:5a:93:04:e2:1a:e4:e4:cc:d9:6f:b9:
21:88:1c:ec:1d:fb:08:45:b8:f0:ad:36:58:9b:ac:
4f:c1:2f:f4:3e:93:ff:17:f1:1c:9b:b5:89:a1:93:
03:a0:1a:8b:2b:5c:e5:f0:08:b1:95:97:03:c5:43:
3d:05:4a:20:ae:2d:37:66:f5:bc:82:8f:73:75:d7:
8d:19:a9:25:b7:b5:3b:b4:65:39:fe:ef:ff:25:a3:
6a:9c:89:43:dd:a8:7e:a8:ba:c4:d1:47:8f:92:5a:
1a:55:7d:e3:73:95:8a:84:d7:72:ca:9f:49:5c:5e:
5c:6c:5a:9e:3a:12:3f:d9:0a:ed:91:dd:39:ab:66:
60:71:ff:2e:c9:fa:a1:77:5d:a5:01:eb:c4:89:43:
58:b3:3f:01:a2:25:d8:8e:0a:88:fd:25:49:5e:96:
e5:be:b6:04:9c:34:96:33:c0:04:e3:65:4c:a6:a4:
de:d6:2d:54:b6:75:f0:3c:ec:93:97:04:0f:48:16:
a2:55:b7:6a:99:ec:34:33:6f:45:75:6b:7c:6a:0d:
f9:b9:fd:e7:7b:1d:ab:fc:ac:d9:12:09:b2:ba:90:
83:1c:d1:34:55:d6:1b:f1:9f:2e:f4:18:23:32:4d:
44:16:ee:96:83:84:ed:b4:47:e7:72:03:a6:e0:a8:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:06:6C:EE:F8:47:0F:0E:99:94:9F:AC:44:A3:C4:90:E6:3E:80:B3
X509v3 Authority Key Identifier:
keyid:D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/8wZs7vhHDw6ZlJ-sRKPEkOY-gLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7dc0:200::/40
Signature Algorithm: sha256WithRSAEncryption
2c:9e:3b:38:9f:84:e9:0b:8f:8e:ce:43:b7:8c:bb:d5:66:c8:
51:f4:b9:42:5a:18:dd:87:6b:63:0f:6a:89:45:54:08:ac:e1:
17:8d:c1:b5:b4:bb:68:81:95:c2:a9:d3:7d:97:9e:f2:dc:b3:
66:d9:55:e7:b4:e0:24:95:f3:fb:17:8d:ae:90:1c:44:f2:ea:
93:d3:0f:f9:33:bd:1a:c7:b9:67:01:8f:21:c3:af:1b:70:8d:
4a:48:bc:a6:91:0b:aa:54:ad:46:ce:2a:68:68:7a:6f:9d:7f:
db:68:e0:47:e1:a6:c4:f5:a1:91:35:0b:49:98:39:15:17:74:
a4:52:b9:83:e5:a2:3e:66:6c:2b:e7:d0:2c:f0:12:b4:03:e0:
fa:73:fb:c9:29:da:d3:af:1a:1a:9e:69:2d:3a:03:fe:c4:0b:
f3:f9:2c:79:a4:99:9f:63:ae:ae:4c:c5:da:d5:d6:79:10:88:
e0:bf:d3:67:8a:bd:f5:d7:22:c1:f5:bc:41:a5:89:e7:03:77:
98:0f:02:b1:96:6e:a4:e1:38:4c:6f:45:ae:65:b3:38:8a:af:
a4:57:fb:c6:53:4d:dd:61:5a:ed:c0:76:5f:0d:20:12:5e:5d:
7f:ae:82:12:5f:c2:b4:8c:51:6c:e2:89:d8:4c:a2:92:d9:06:
f2:93:b5:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZWPVfQnoUzESku+xfgO1DgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDNjYTJjMjMxYWZkZjNiMDM1NWM3N2E3Y2JiMjI2Zjgx
Yjc0ZGUwHhcNMjUwMzEzMTE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA2NmNlZWY4NDcwZjBlOTk5NDlmYWM0NGEzYzQ5MGU2M2U4MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6gnWpME4hrk5MzZb7khiBzsHfsI
RbjwrTZYm6xPwS/0PpP/F/Ecm7WJoZMDoBqLK1zl8AixlZcDxUM9BUogri03ZvW8
go9zddeNGaklt7U7tGU5/u//JaNqnIlD3ah+qLrE0UePkloaVX3jc5WKhNdyyp9J
XF5cbFqeOhI/2Qrtkd05q2Zgcf8uyfqhd12lAevEiUNYsz8BoiXYjgqI/SVJXpbl
vrYEnDSWM8AE42VMpqTe1i1UtnXwPOyTlwQPSBaiVbdqmew0M29FdWt8ag35uf3n
ex2r/KzZEgmyupCDHNE0VdYb8Z8u9BgjMk1EFu6Wg4TttEfncgOm4KgmUQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPMGbO74Rw8OmZSfrESjxJDmPoCzMB8GA1UdIwQY
MBaAFNjTyiwjGv3zsDVcd6fLsib4G3TeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTkt
OTkxMjhiZjZhODQxLzEvOHdaczd2aEhEdzZabEotc1JLUEVrT1ktZ0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTktOTkxMjhiZjZhODQx
LzEvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR9wAIw
DQYJKoZIhvcNAQELBQADggEBACyeOzifhOkLj47OQ7eMu9VmyFH0uUJaGN2Ha2MP
aolFVAis4ReNwbW0u2iBlcKp032XnvLcs2bZVee04CSV8/sXja6QHETy6pPTD/kz
vRrHuWcBjyHDrxtwjUpIvKaRC6pUrUbOKmhoem+df9to4EfhpsT1oZE1C0mYORUX
dKRSuYPloj5mbCvn0CzwErQD4Ppz+8kp2tOvGhqeaS06A/7EC/P5LHmkmZ9jrq5M
xdrV1nkQiOC/02eKvfXXIsH1vEGliecDd5gPArGWbqThOExvRa5lsziKr6RX+8ZT
Td1hWu3Adl8NIBJeXX+ughJfwrSMUWziidhMopLZBvKTtfA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:24:55 2025 by rpki-client