Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Dq1ZqGhWtN4GCuXma82tQTiNkm4.roa
File: Dq1ZqGhWtN4GCuXma82tQTiNkm4.roa (raw, json)
Hash identifier: gfhmbVetp6hfJi8UyFOFAZ6ovDUrrHnVlbfrEN4xnFI=
Subject key identifier: 0E:AD:59:A8:68:56:B4:DE:06:0A:E5:E6:6B:CD:AD:41:38:8D:92:6E
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019528D1A6929424D9B774284A025C2C31AC
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Dq1ZqGhWtN4GCuXma82tQTiNkm4.roa
Signing time: Fri 21 Feb 2025 14:03:03 +0000
ROA not before: Fri 21 Feb 2025 14:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34927
IP address blocks: 2a12:bec4:1830::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 21 Feb 2025 19:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:d1:a6:92:94:24:d9:b7:74:28:4a:02:5c:2c:31:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 21 14:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ead59a86856b4de060ae5e66bcdad41388d926e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:22:09:d2:59:c3:d9:22:58:25:dc:31:ac:c8:
6c:ff:24:a2:bd:23:2d:72:4d:97:c7:bc:b6:09:d3:
07:0d:dc:f4:fd:5e:98:ad:6e:47:d1:ea:d2:61:3d:
34:d8:c8:b9:04:4b:ae:ff:85:47:93:a0:dd:1b:e5:
3c:3c:17:7f:1c:64:03:86:04:f3:df:b0:0f:d1:ac:
b0:ea:14:32:c8:1a:2d:0a:cb:f3:41:6e:78:fc:97:
15:38:c8:c6:5e:ab:c2:23:82:c9:36:b5:10:7a:b9:
58:37:67:eb:e8:98:9a:01:31:c8:e7:41:05:e9:5f:
d3:d0:d2:e2:1e:22:0d:a8:b8:ec:05:37:ab:f5:76:
a3:a5:b2:b4:f0:f5:1a:56:fe:a2:3f:4a:02:2c:a9:
50:2e:f4:79:60:c0:df:a7:28:1c:5f:9f:9a:3a:9a:
e6:3a:8b:08:47:5b:28:e2:9d:52:f3:89:95:6c:49:
74:f7:ee:7e:33:d8:2a:61:d3:18:53:9f:c8:3e:28:
44:80:6c:c9:9b:41:e6:ae:d3:c6:7e:98:f8:3f:22:
29:d9:af:df:64:fa:86:2d:d6:38:72:5f:ef:7a:af:
4f:7e:53:25:8c:5c:9d:f3:3f:5d:42:2d:b2:ba:b0:
51:6e:4a:db:e2:3d:fb:1a:d2:db:51:cc:72:26:80:
c7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AD:59:A8:68:56:B4:DE:06:0A:E5:E6:6B:CD:AD:41:38:8D:92:6E
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Dq1ZqGhWtN4GCuXma82tQTiNkm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1830::/44
Signature Algorithm: sha256WithRSAEncryption
5c:55:9b:35:c5:60:b0:61:b7:65:58:6c:d6:be:78:fd:32:c5:
53:eb:c1:1c:a3:72:14:3c:57:d5:0f:8b:d7:6d:62:31:98:d2:
fd:2b:7e:30:91:cc:52:52:fc:48:98:3c:9e:a2:cc:67:86:14:
5b:1e:63:ba:77:14:b0:c5:e4:69:5d:e3:84:11:80:2e:30:b7:
eb:9c:bf:e5:e4:f9:81:4d:c0:c1:b2:e3:52:39:36:1a:28:0b:
f6:e7:14:6b:eb:c7:db:92:ab:8a:5f:fe:9d:e5:d1:d8:af:68:
fb:cd:22:7d:74:ac:f3:9b:c0:b2:f4:28:76:b9:a7:44:20:2c:
bc:37:ec:ef:3c:10:af:5b:1c:93:ae:bc:b9:2a:76:d5:cb:2b:
2c:f5:50:37:c5:b3:f2:fb:1d:0d:7e:f4:a1:77:3e:bf:0f:32:
68:bf:47:25:b4:f6:3d:27:b5:c3:13:19:d3:2c:2f:60:21:fd:
52:64:bd:81:aa:e9:9e:c6:ae:6a:12:0b:69:00:42:6c:90:c8:
15:a6:18:5f:93:0f:f2:f4:68:eb:ee:e2:bc:40:c5:7b:42:a2:
fa:04:37:c2:50:04:16:65:02:75:9f:a5:b2:bf:17:8c:a4:ad:
13:c9:f3:55:b1:00:52:7c:34:93:88:ff:54:72:35:97:41:f6:
fd:86:7c:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZUo0aaSlCTZt3QoSgJcLDGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMjIxMTQwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFkNTlhODY4NTZiNGRlMDYwYWU1ZTY2YmNkYWQ0MTM4OGQ5MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliIJ0lnD2SJYJdwxrMhs/ySivSMt
ck2Xx7y2CdMHDdz0/V6YrW5H0erSYT002Mi5BEuu/4VHk6DdG+U8PBd/HGQDhgTz
37AP0ayw6hQyyBotCsvzQW54/JcVOMjGXqvCI4LJNrUQerlYN2fr6JiaATHI50EF
6V/T0NLiHiINqLjsBTer9XajpbK08PUaVv6iP0oCLKlQLvR5YMDfpygcX5+aOprm
OosIR1so4p1S84mVbEl09+5+M9gqYdMYU5/IPihEgGzJm0HmrtPGfpj4PyIp2a/f
ZPqGLdY4cl/veq9PflMljFyd8z9dQi2yurBRbkrb4j37GtLbUcxyJoDHfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA6tWahoVrTeBgrl5mvNrUE4jZJuMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvRHExWnFHaFd0TjRHQ3VYbWE4MnRRVGlOa200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBgw
MA0GCSqGSIb3DQEBCwUAA4IBAQBcVZs1xWCwYbdlWGzWvnj9MsVT68Eco3IUPFfV
D4vXbWIxmNL9K34wkcxSUvxImDyeosxnhhRbHmO6dxSwxeRpXeOEEYAuMLfrnL/l
5PmBTcDBsuNSOTYaKAv25xRr68fbkquKX/6d5dHYr2j7zSJ9dKzzm8Cy9Ch2uadE
ICy8N+zvPBCvWxyTrry5KnbVyyss9VA3xbPy+x0NfvShdz6/DzJov0cltPY9J7XD
ExnTLC9gIf1SZL2Bqumexq5qEgtpAEJskMgVphhfkw/y9Gjr7uK8QMV7QqL6BDfC
UAQWZQJ1n6WyvxeMpK0TyfNVsQBSfDSTiP9UcjWXQfb9hnx9
-----END CERTIFICATE-----
Generated at Thu May 15 12:11:48 2025 by rpki-client