Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/TT2ha3zrCpBx0VYRR42VBf3RRnA.roa
File: TT2ha3zrCpBx0VYRR42VBf3RRnA.roa (raw, json)
Hash identifier: FGqdko2J/d5UheobPhMK7CipaP6730rlV5PpJMwZ+KU=
Subject key identifier: 4D:3D:A1:6B:7C:EB:0A:90:71:D1:56:11:47:8D:95:05:FD:D1:46:70
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01942143ECDCA7D8B5FB8A273CD55BD1F91D
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/TT2ha3zrCpBx0VYRR42VBf3RRnA.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214586
IP address blocks: 2a05:9080:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 11:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ec:dc:a7:d8:b5:fb:8a:27:3c:d5:5b:d1:f9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d3da16b7ceb0a9071d15611478d9505fdd14670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:94:ae:e3:f7:5f:e1:62:e3:80:a7:ac:8b:6f:
64:47:53:98:be:d7:3d:74:72:80:ee:c8:4e:00:08:
5c:8f:d0:6d:31:d3:51:9e:d0:21:36:79:4c:94:91:
67:b8:80:a2:00:69:78:61:1f:57:01:78:f5:c8:df:
8f:91:b8:c7:93:74:01:3f:7f:89:f3:83:0e:02:3e:
b1:4c:9b:4b:d0:e8:34:15:54:8e:fe:f7:a5:7b:49:
6d:a4:c9:ee:b5:c2:5c:0b:4f:76:8f:3f:f4:41:29:
0a:91:e5:cd:4f:de:4d:2a:f7:f8:10:8f:c5:54:ea:
0f:32:ef:90:ca:74:39:6c:ed:d1:3e:10:56:de:20:
b5:e1:f8:78:7c:ad:d3:69:5c:30:09:27:05:91:99:
ba:17:5f:c1:cf:f5:7f:82:bc:f1:99:90:d7:65:46:
a3:d5:70:ab:fd:9d:f3:00:40:a4:e8:3d:95:0a:2d:
0a:30:7a:bb:7c:98:b4:cc:c5:7a:4c:57:e5:46:66:
84:dc:d1:76:9f:c6:e8:74:84:15:1b:b5:99:c5:9f:
8a:a1:1b:ec:92:ad:31:99:7f:63:63:2a:53:af:b6:
05:11:0a:8f:16:e7:af:9f:80:cc:9e:27:15:16:eb:
1e:fd:07:14:96:60:bc:e3:18:c4:2f:5f:ba:06:ad:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:3D:A1:6B:7C:EB:0A:90:71:D1:56:11:47:8D:95:05:FD:D1:46:70
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/TT2ha3zrCpBx0VYRR42VBf3RRnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080:9::/48
Signature Algorithm: sha256WithRSAEncryption
6c:cd:26:94:2f:b3:b6:db:68:d5:16:12:67:96:3a:96:2d:e7:
50:6d:ec:2f:1e:f0:c5:b1:ad:82:4b:1a:ec:62:c6:7c:ef:7a:
16:c0:a1:69:30:79:a4:ab:21:5f:12:77:a9:b1:ed:5f:21:89:
f5:55:a1:6b:11:14:8b:8e:e6:e7:ff:33:bc:05:cc:72:6a:f0:
a1:49:c1:7c:b9:20:14:71:36:c5:11:cc:94:de:a2:5e:82:b9:
cb:8b:e9:3d:b5:25:01:a6:6e:f8:9e:5f:b5:60:a8:ea:24:41:
71:65:b7:e4:3b:5f:eb:da:77:46:19:2d:15:54:07:fe:6b:bc:
3e:d8:1d:dc:82:91:98:44:87:4e:a0:59:c3:ba:0f:f9:df:74:
0f:ee:db:65:a4:a5:48:d8:c0:c9:17:55:de:08:dd:de:6b:48:
13:3a:5e:67:dc:5a:dd:ea:74:77:35:13:4b:ed:6e:fd:fa:ce:
30:b0:18:51:f5:55:b2:b4:88:bd:53:0c:af:4f:df:2b:ff:bc:
5f:37:67:c9:89:ab:4a:e9:b3:a9:4b:c9:85:94:7d:28:b9:5e:
d7:ae:f9:b2:d0:8b:a6:c9:48:50:ab:af:7d:05:9e:90:af:1d:
38:67:e3:6b:50:ce:59:e1:0b:40:a5:eb:ce:e6:5c:38:d5:ce:
15:37:b4:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ+zcp9i1+4onPNVb0fkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDNkYTE2YjdjZWIwYTkwNzFkMTU2MTE0NzhkOTUwNWZkZDE0NjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5Su4/df4WLjgKesi29kR1OYvtc9
dHKA7shOAAhcj9BtMdNRntAhNnlMlJFnuICiAGl4YR9XAXj1yN+PkbjHk3QBP3+J
84MOAj6xTJtL0Og0FVSO/vele0ltpMnutcJcC092jz/0QSkKkeXNT95NKvf4EI/F
VOoPMu+QynQ5bO3RPhBW3iC14fh4fK3TaVwwCScFkZm6F1/Bz/V/grzxmZDXZUaj
1XCr/Z3zAECk6D2VCi0KMHq7fJi0zMV6TFflRmaE3NF2n8bodIQVG7WZxZ+KoRvs
kq0xmX9jYypTr7YFEQqPFuevn4DMnicVFuse/QcUlmC84xjEL1+6Bq3vHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE09oWt86wqQcdFWEUeNlQX90UZwMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvVFQyaGEzenJDcEJ4MFZZUlI0MlZCZjNSUm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBszSaUL7O222jVFhJnljqWLedQbewvHvDFsa2C
SxrsYsZ873oWwKFpMHmkqyFfEnepse1fIYn1VaFrERSLjubn/zO8BcxyavChScF8
uSAUcTbFEcyU3qJegrnLi+k9tSUBpm74nl+1YKjqJEFxZbfkO1/r2ndGGS0VVAf+
a7w+2B3cgpGYRIdOoFnDug/533QP7ttlpKVI2MDJF1XeCN3ea0gTOl5n3Frd6nR3
NRNL7W79+s4wsBhR9VWytIi9UwyvT98r/7xfN2fJiatK6bOpS8mFlH0ouV7Xrvmy
0IumyUhQq699BZ6Qrx04Z+NrUM5Z4QtApevO5lw41c4VN7Qb
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:07 2025 by rpki-client