Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/yUAsltS6QCNK3GR8vbjGz-zApKU.roa
File: yUAsltS6QCNK3GR8vbjGz-zApKU.roa (raw, json)
Hash identifier: YawroC9RMTA66kjwdxCU4BxpKRg9MGyGwdElgSuhcFo=
Subject key identifier: C9:40:2C:96:D4:BA:40:23:4A:DC:64:7C:BD:B8:C6:CF:EC:C0:A4:A5
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 0195247947E2AED9632A3B95258B677C37B3
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/yUAsltS6QCNK3GR8vbjGz-zApKU.roa
Signing time: Thu 20 Feb 2025 17:48:02 +0000
ROA not before: Thu 20 Feb 2025 17:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:7682::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:cd02::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Mar 2025 19:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:79:47:e2:ae:d9:63:2a:3b:95:25:8b:67:7c:37:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Feb 20 17:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9402c96d4ba40234adc647cbdb8c6cfecc0a4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:43:56:99:68:c7:4a:c9:74:98:bf:2e:07:53:
e4:9e:f6:d8:5c:2a:07:cb:d2:c7:e8:3d:b7:bd:48:
d0:d2:b8:04:68:50:7e:a5:0f:22:6a:66:52:58:44:
c5:53:a4:84:02:2d:93:be:df:09:45:4d:7e:8e:a7:
37:8e:df:d2:ac:f5:12:8f:53:d5:c1:5f:e2:da:f7:
99:89:c8:06:04:30:d6:5c:d3:07:98:06:27:52:9d:
da:e0:bc:99:52:c6:f4:86:8b:4e:54:16:5b:f9:bd:
5e:6a:b1:d9:68:c6:85:f5:90:71:a8:1a:f6:90:d7:
bb:b9:11:06:40:ea:94:a3:fb:f2:d2:7e:a2:98:5e:
12:ef:62:72:03:64:19:2b:df:b1:d3:fe:8a:3b:ce:
27:82:ae:67:bf:f9:67:45:4e:ee:5b:46:64:7f:fe:
00:bc:0b:37:32:76:fb:60:92:be:75:e9:ee:80:52:
72:dc:cf:ad:e8:64:dc:e3:36:8d:b4:96:5b:a0:77:
56:ca:51:b1:e2:3e:0c:20:72:bc:2e:e6:c9:f0:49:
6b:91:1a:ad:1f:64:1b:34:e8:07:ee:f5:75:da:1a:
b0:71:e5:39:4b:d7:30:a8:86:3b:f8:8e:39:67:2c:
ac:43:0a:f7:94:c5:67:1b:99:46:43:fd:a9:fe:20:
cf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:40:2C:96:D4:BA:40:23:4A:DC:64:7C:BD:B8:C6:CF:EC:C0:A4:A5
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/yUAsltS6QCNK3GR8vbjGz-zApKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7682::/32
2a11:b785::/32
2a11:cd02::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
59:e1:d5:52:a9:bc:b5:d6:60:0b:07:4f:d0:4b:94:be:c0:71:
2c:58:ad:df:34:51:e0:3c:c9:7c:98:de:18:8a:0e:6a:9f:18:
59:22:25:c2:4d:a5:f8:64:a9:02:a9:3d:97:fc:4c:7a:3f:66:
da:f1:ca:44:a0:cb:cf:a6:1b:a4:4d:75:10:e7:66:b2:f1:55:
62:85:21:a4:b6:71:71:21:a0:ab:49:81:54:2f:24:60:78:db:
7f:4e:56:2b:cb:cf:81:35:8b:f8:06:82:e4:79:d8:e1:98:12:
15:d4:4f:ff:15:4e:ac:94:46:fc:31:96:01:8c:31:de:60:a9:
9f:3a:09:03:9a:72:ae:b9:26:b9:ea:48:db:f7:35:f4:26:a1:
f7:c2:76:e1:61:d1:78:63:a2:f4:b1:d9:9e:5e:61:65:ae:85:
03:88:5a:5a:d4:4f:8a:e0:cd:02:1a:78:f2:39:b4:37:ec:bb:
66:1a:54:e2:71:2f:f5:d8:6a:3b:6f:3d:3a:f9:72:35:55:c8:
4c:13:35:e1:88:5d:35:5a:d8:15:3b:60:db:be:ec:ff:be:34:
f6:40:1e:43:f6:6b:53:5c:e0:08:bb:4a:a1:e5:3c:c2:f0:c8:
cb:31:7b:2e:6c:4d:80:cf:1c:2c:9e:ae:1a:9f:26:77:31:6f:
9e:54:47:d2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZUkeUfirtljKjuVJYtnfDezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMjIwMTc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQwMmM5NmQ0YmE0MDIzNGFkYzY0N2NiZGI4YzZjZmVjYzBhNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUNWmWjHSsl0mL8uB1PknvbYXCoH
y9LH6D23vUjQ0rgEaFB+pQ8iamZSWETFU6SEAi2Tvt8JRU1+jqc3jt/SrPUSj1PV
wV/i2veZicgGBDDWXNMHmAYnUp3a4LyZUsb0hotOVBZb+b1earHZaMaF9ZBxqBr2
kNe7uREGQOqUo/vy0n6imF4S72JyA2QZK9+x0/6KO84ngq5nv/lnRU7uW0Zkf/4A
vAs3Mnb7YJK+denugFJy3M+t6GTc4zaNtJZboHdWylGx4j4MIHK8LubJ8ElrkRqt
H2QbNOgH7vV12hqwceU5S9cwqIY7+I45ZyysQwr3lMVnG5lGQ/2p/iDPRwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMlALJbUukAjStxkfL24xs/swKSlMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEveVVBc2x0UzZRQ05LM0dSOHZiakd6LXpBcEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhF2ggMF
ACoRt4UDBQAqEc0CAwUAKhJMBjANBgkqhkiG9w0BAQsFAAOCAQEAWeHVUqm8tdZg
CwdP0EuUvsBxLFit3zRR4DzJfJjeGIoOap8YWSIlwk2l+GSpAqk9l/xMej9m2vHK
RKDLz6YbpE11EOdmsvFVYoUhpLZxcSGgq0mBVC8kYHjbf05WK8vPgTWL+AaC5HnY
4ZgSFdRP/xVOrJRG/DGWAYwx3mCpnzoJA5pyrrkmuepI2/c19Cah98J24WHReGOi
9LHZnl5hZa6FA4haWtRPiuDNAhp48jm0N+y7ZhpU4nEv9dhqO289OvlyNVXITBM1
4YhdNVrYFTtg277s/7409kAeQ/ZrU1zgCLtKoeU8wvDIyzF7LmxNgM8cLJ6uGp8m
dzFvnlRH0g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:39:16 2025 by rpki-client