Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/iHjyQRzCvEb0P7ufn1tXV4t6WJA.roa
File: iHjyQRzCvEb0P7ufn1tXV4t6WJA.roa (raw, json)
Hash identifier: H0DbiRu3VUfSPqZ4tWAVkgnosn9PZGaNljbmjGHBItk=
Subject key identifier: 88:78:F2:41:1C:C2:BC:46:F4:3F:BB:9F:9F:5B:57:57:8B:7A:58:90
Certificate issuer: /CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Certificate serial: 0196B10E70A950BFE6E1BFDDD65614C93231
Authority key identifier: 3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/iHjyQRzCvEb0P7ufn1tXV4t6WJA.roa
Signing time: Thu 08 May 2025 18:00:35 +0000
ROA not before: Thu 08 May 2025 18:00:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208684
IP address blocks: 2a0b:2640::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 10 May 2025 08:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:0e:70:a9:50:bf:e6:e1:bf:dd:d6:56:14:c9:32:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Validity
Not Before: May 8 18:00:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8878f2411cc2bc46f43fbb9f9f5b57578b7a5890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:59:4e:90:c4:f6:12:7b:ea:42:12:1c:07:
da:dd:8a:5b:be:f0:8b:ad:33:0b:8c:ca:dc:a1:98:
71:67:59:8d:a9:31:b6:75:84:46:d9:d2:ab:12:c2:
d2:09:45:73:df:52:35:7b:8e:62:f7:c4:cf:8e:d0:
db:b2:ad:e1:9f:aa:7a:05:de:04:42:eb:48:81:88:
7c:9d:7c:a7:d1:44:b1:09:aa:f3:4b:74:21:2e:58:
27:04:c4:14:c0:5f:ce:fc:67:ed:a0:5f:16:d6:9e:
47:90:9f:bc:c4:6d:6e:12:9b:7a:28:24:0d:c3:f1:
c9:27:0d:d2:62:ac:c9:f0:b8:7d:9e:7b:4c:94:4e:
d5:8c:1a:34:21:98:6d:4e:1a:d5:16:2f:66:49:9b:
ea:bd:b4:84:b4:fb:bc:ca:a7:09:e6:8e:f7:09:27:
85:d5:3e:cb:27:23:cf:a2:06:8c:6a:ad:ff:8f:ce:
80:da:57:5c:f2:d1:c4:bd:65:bb:0b:30:3c:58:6b:
ad:7e:43:0f:5f:69:54:3c:c6:b6:b3:02:c6:22:81:
f6:7b:2a:6d:f9:11:bf:0d:6f:b9:71:40:be:d8:24:
1f:e3:de:b6:30:82:44:32:b8:6e:98:f1:2f:d5:60:
60:17:20:b2:a3:3c:6c:a8:b3:e0:19:65:13:1e:36:
55:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:78:F2:41:1C:C2:BC:46:F4:3F:BB:9F:9F:5B:57:57:8B:7A:58:90
X509v3 Authority Key Identifier:
keyid:3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/iHjyQRzCvEb0P7ufn1tXV4t6WJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2640::/29
Signature Algorithm: sha256WithRSAEncryption
8f:be:d2:92:ec:20:16:8b:44:db:06:3d:4a:b5:82:9b:75:23:
7c:75:86:72:a2:78:77:6a:62:08:20:af:ce:45:4e:28:86:04:
00:8e:ca:b6:4d:f6:2a:cb:59:d4:82:ef:37:42:a2:d7:88:fe:
ea:1e:2c:eb:04:8e:33:7d:76:da:35:ee:c3:9d:f2:c8:22:fc:
e9:9d:e1:b0:9c:d5:a1:79:46:67:65:d6:3d:d5:56:d3:e9:bd:
86:39:6d:1e:19:42:a3:4b:bc:4e:6d:5d:c3:d1:8b:24:bc:e5:
0c:e1:72:3c:47:e1:cf:a5:16:84:a6:d1:f2:20:ec:f1:38:91:
08:9c:0b:f8:55:23:36:ac:97:71:5d:e0:e4:d7:4a:e4:cc:ed:
a8:dc:b1:e2:39:28:1e:20:41:60:56:08:c2:9b:26:c2:5e:3e:
24:66:d1:28:5f:4a:17:83:b1:30:e0:62:18:ec:f3:87:6e:a0:
da:36:fb:5c:af:ff:a5:89:7c:4a:fc:d1:7f:80:30:90:3a:6a:
78:c2:b5:64:7a:48:4f:da:db:75:5f:2d:e1:30:4a:d0:04:b1:
fd:79:2b:01:76:98:d3:36:0a:48:59:6b:3f:e7:1e:21:27:69:
72:db:19:13:89:c5:5c:0f:59:b6:36:c9:90:48:34:95:81:ac:
66:f8:12:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZaxDnCpUL/m4b/d1lYUyTIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDdmNzU3NTc0MTNjY2MxNzJkM2QxYjgyNmZhZTVhZTkz
ODVhMWIwHhcNMjUwNTA4MTgwMDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc4ZjI0MTFjYzJiYzQ2ZjQzZmJiOWY5ZjViNTc1NzhiN2E1ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDJZTpDE9hJ76kISHAfa3YpbvvCL
rTMLjMrcoZhxZ1mNqTG2dYRG2dKrEsLSCUVz31I1e45i98TPjtDbsq3hn6p6Bd4E
QutIgYh8nXyn0USxCarzS3QhLlgnBMQUwF/O/GftoF8W1p5HkJ+8xG1uEpt6KCQN
w/HJJw3SYqzJ8Lh9nntMlE7VjBo0IZhtThrVFi9mSZvqvbSEtPu8yqcJ5o73CSeF
1T7LJyPPogaMaq3/j86A2ldc8tHEvWW7CzA8WGutfkMPX2lUPMa2swLGIoH2eypt
+RG/DW+5cUC+2CQf4962MIJEMrhumPEv1WBgFyCyozxsqLPgGWUTHjZVAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIh48kEcwrxG9D+7n59bV1eLeliQMB8GA1UdIwQY
MBaAFD9H91dXQTzMFy09G4JvrlrpOFobMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQt
ZTE1NWFjYzZiODRlLzEvaUhqeVFSekN2RWIwUDd1Zm4xdFhWNHQ2V0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQtZTE1NWFjYzZiODRl
LzEvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgsmQDAN
BgkqhkiG9w0BAQsFAAOCAQEAj77SkuwgFotE2wY9SrWCm3UjfHWGcqJ4d2piCCCv
zkVOKIYEAI7Ktk32KstZ1ILvN0Ki14j+6h4s6wSOM3122jXuw53yyCL86Z3hsJzV
oXlGZ2XWPdVW0+m9hjltHhlCo0u8Tm1dw9GLJLzlDOFyPEfhz6UWhKbR8iDs8TiR
CJwL+FUjNqyXcV3g5NdK5MztqNyx4jkoHiBBYFYIwpsmwl4+JGbRKF9KF4OxMOBi
GOzzh26g2jb7XK//pYl8SvzRf4AwkDpqeMK1ZHpIT9rbdV8t4TBK0ASx/XkrAXaY
0zYKSFlrP+ceISdpctsZE4nFXA9ZtjbJkEg0lYGsZvgSeA==
-----END CERTIFICATE-----
Generated at Sun May 11 10:09:23 2025 by rpki-client