Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/A-xkYYCaH3j9-YqwMWPYBnk9fn8.roa
File: A-xkYYCaH3j9-YqwMWPYBnk9fn8.roa (raw, json)
Hash identifier: MRFohih1Zmm4pqFqkZp2EM3eZUTdXYFtMCJHIGeh7Bc=
Subject key identifier: 03:EC:64:61:80:9A:1F:78:FD:F9:8A:B0:31:63:D8:06:79:3D:7E:7F
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0195A41A6C8139DC621799765B5E9FA29F5D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/A-xkYYCaH3j9-YqwMWPYBnk9fn8.roa
Signing time: Mon 17 Mar 2025 12:35:49 +0000
ROA not before: Mon 17 Mar 2025 12:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:af82::/32 maxlen: 32
2a09:cf06::/32 maxlen: 32
2a09:dd04::/32 maxlen: 32
2a09:dd05::/32 maxlen: 32
2a09:e702::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Mar 2025 17:41:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:1a:6c:81:39:dc:62:17:99:76:5b:5e:9f:a2:9f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 17 12:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03ec6461809a1f78fdf98ab03163d806793d7e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:2b:ab:49:06:36:1d:52:d5:72:46:89:24:
7e:36:0c:43:a6:05:4d:79:4e:a3:60:bc:54:8b:c9:
53:ef:b9:e6:83:24:18:f6:86:d6:a0:45:4f:73:2b:
3c:cb:ce:79:65:74:74:45:08:c9:3d:0b:ef:44:cb:
8d:9a:84:70:79:20:6c:38:09:91:c8:f8:e9:7e:f3:
db:85:dd:32:59:9e:97:e8:06:08:ff:ac:ad:d5:07:
dd:f5:f3:df:ab:22:0a:50:40:28:ba:37:fb:59:85:
8b:49:d7:75:e1:8b:d6:02:f7:8d:fd:26:7a:a3:a0:
3f:44:40:dd:36:55:c0:9c:fe:18:e0:dd:77:c9:f0:
28:5c:79:01:bf:40:a1:d4:46:04:24:ad:58:bf:42:
1a:ea:5d:c1:f0:a9:e9:f8:32:6a:8e:56:66:7e:f2:
8c:dc:ed:8b:d0:8a:84:a0:80:6a:e9:a0:74:6d:d6:
0a:4e:7e:ac:56:97:c0:cc:cf:ee:26:6c:f5:e6:e0:
e1:da:fc:58:23:7a:99:42:00:92:e0:3e:56:30:29:
5a:81:76:4e:10:33:6e:9e:95:8e:69:34:a4:a1:b1:
64:fb:cd:6d:b9:a0:83:8c:28:4b:18:72:5c:f8:1b:
a7:96:af:91:25:3e:a0:1a:1c:54:56:d5:60:14:e9:
04:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EC:64:61:80:9A:1F:78:FD:F9:8A:B0:31:63:D8:06:79:3D:7E:7F
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/A-xkYYCaH3j9-YqwMWPYBnk9fn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:af82::/32
2a09:cf06::/32
2a09:dd04::/31
2a09:e702::/32
Signature Algorithm: sha256WithRSAEncryption
d0:ab:3b:e0:f2:11:9d:b9:52:c0:64:7b:0b:73:f7:e9:be:a7:
ac:58:e2:37:e2:5a:b2:13:ce:f9:df:b7:2f:62:d7:5a:8b:a0:
cd:52:4f:97:93:40:e1:50:d3:75:70:ff:c7:0b:98:3f:aa:28:
32:ad:97:70:6e:0e:f3:2d:84:89:92:4d:14:24:8e:ee:34:8a:
7b:99:a6:73:7f:ff:ee:63:da:dc:6e:e2:f7:95:55:1d:15:82:
8c:40:ba:e3:1c:fd:24:70:ed:24:93:49:fc:af:74:b9:da:53:
ac:1e:21:47:55:c8:81:a6:5f:d8:cc:bb:1b:80:89:09:2b:51:
e0:9f:2b:1d:0c:9f:91:40:dc:9f:e5:9c:3b:1b:61:11:9b:ef:
69:5c:04:82:09:23:9d:c7:ca:f0:c5:47:f2:8c:48:a3:c2:dd:
bd:a9:75:ba:00:06:6e:97:b7:ef:c3:37:17:ac:e8:5b:1f:18:
3c:18:46:12:f8:66:bd:76:b6:47:9b:09:4b:c6:de:d0:00:6c:
84:f3:1d:24:b6:5a:c9:f3:de:d0:74:d0:7a:d6:e4:46:f0:e1:
a7:11:82:bd:56:c5:71:df:07:2f:65:80:a4:c8:0a:ff:51:0c:
fc:3f:d3:1f:07:05:47:42:62:0f:5f:8d:89:ec:b1:b1:ee:09:
68:aa:84:33
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZWkGmyBOdxiF5l2W16fop9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMzE3MTIzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2VjNjQ2MTgwOWExZjc4ZmRmOThhYjAzMTYzZDgwNjc5M2Q3ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyErq0kGNh1S1XJGiSR+NgxDpgVN
eU6jYLxUi8lT77nmgyQY9obWoEVPcys8y855ZXR0RQjJPQvvRMuNmoRweSBsOAmR
yPjpfvPbhd0yWZ6X6AYI/6yt1Qfd9fPfqyIKUEAoujf7WYWLSdd14YvWAveN/SZ6
o6A/REDdNlXAnP4Y4N13yfAoXHkBv0Ch1EYEJK1Yv0Ia6l3B8Knp+DJqjlZmfvKM
3O2L0IqEoIBq6aB0bdYKTn6sVpfAzM/uJmz15uDh2vxYI3qZQgCS4D5WMClagXZO
EDNunpWOaTSkobFk+81tuaCDjChLGHJc+Bunlq+RJT6gGhxUVtVgFOkEMQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAPsZGGAmh94/fmKsDFj2AZ5PX5/MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQS14a1lZQ2FIM2o5LVlxd01XUFlCbms5Zm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgmvggMF
ACoJzwYDBQEqCd0EAwUAKgnnAjANBgkqhkiG9w0BAQsFAAOCAQEA0Ks74PIRnblS
wGR7C3P36b6nrFjiN+JashPO+d+3L2LXWougzVJPl5NA4VDTdXD/xwuYP6ooMq2X
cG4O8y2EiZJNFCSO7jSKe5mmc3//7mPa3G7i95VVHRWCjEC64xz9JHDtJJNJ/K90
udpTrB4hR1XIgaZf2My7G4CJCStR4J8rHQyfkUDcn+WcOxthEZvvaVwEggkjncfK
8MVH8oxIo8Ldval1ugAGbpe378M3F6zoWx8YPBhGEvhmvXa2R5sJS8be0ABshPMd
JLZayfPe0HTQetbkRvDhpxGCvVbFcd8HL2WApMgK/1EM/D/THwcFR0JiD1+Nieyx
se4JaKqEMw==
-----END CERTIFICATE-----
Generated at Sat May 10 19:50:08 2025 by rpki-client