Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Dgg9E0__4ZFNyF4WEGXrYwy0Tsw.roa
File: Dgg9E0__4ZFNyF4WEGXrYwy0Tsw.roa (raw, json)
Hash identifier: UwcPEQmqTSoMzRHLzEC80kb0MvGxRtEkKae7uOGqN+w=
Subject key identifier: 0E:08:3D:13:4F:FF:E1:91:4D:C8:5E:16:10:65:EB:63:0C:B4:4E:CC
Certificate issuer: /CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Certificate serial: 01967B75F6864D8968C106A363599C903CE8
Authority key identifier: D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Dgg9E0__4ZFNyF4WEGXrYwy0Tsw.roa
Signing time: Mon 28 Apr 2025 08:14:10 +0000
ROA not before: Mon 28 Apr 2025 08:14:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209699
IP address blocks: 2a14:7dc0:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Apr 2025 08:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:75:f6:86:4d:89:68:c1:06:a3:63:59:9c:90:3c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d3ca2c231afdf3b0355c77a7cbb226f81b74de
Validity
Not Before: Apr 28 08:14:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e083d134fffe1914dc85e161065eb630cb44ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:d8:dd:de:76:56:4a:70:f4:c9:97:1f:7e:
d7:ba:ba:c7:09:1e:3a:36:9e:37:61:c8:e9:f6:ba:
c2:29:e0:21:af:5f:19:c7:6d:44:52:f6:b5:a8:56:
0b:11:61:0f:46:0c:b5:c3:26:98:1c:2e:e7:77:24:
0a:e1:37:d7:6c:b2:d0:63:46:53:09:be:4e:a6:19:
4a:29:16:8b:8f:79:af:a2:12:69:a4:86:38:99:69:
2b:b2:05:39:74:33:6b:ea:2b:50:2c:66:15:0e:9e:
8d:75:66:48:01:90:a7:b8:eb:2b:c4:68:88:08:d0:
90:40:bf:1d:41:23:ea:19:2b:72:cf:d2:4f:cb:82:
66:87:36:c5:e4:21:ab:e7:c7:8e:b2:50:eb:73:36:
18:f9:73:c4:3e:51:ee:e6:3a:f1:8c:39:21:6e:cf:
6c:48:60:4f:d0:ca:6b:77:91:4f:07:87:bb:39:2d:
d9:46:d1:40:37:c8:f6:b9:e0:b8:c5:80:76:0a:b8:
75:d7:d2:36:bd:00:0e:56:91:61:98:a4:0b:31:0e:
ee:16:af:12:0e:44:99:cc:5b:04:96:11:33:93:2a:
37:9d:50:ee:e3:76:49:db:4d:20:10:c9:19:45:f8:
3b:b0:ea:f1:d6:de:b6:00:65:09:57:1e:a8:1f:5b:
8a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:08:3D:13:4F:FF:E1:91:4D:C8:5E:16:10:65:EB:63:0C:B4:4E:CC
X509v3 Authority Key Identifier:
keyid:D8:D3:CA:2C:23:1A:FD:F3:B0:35:5C:77:A7:CB:B2:26:F8:1B:74:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NPKLCMa_fOwNVx3p8uyJvgbdN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/Dgg9E0__4ZFNyF4WEGXrYwy0Tsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3c076b-aea1-4a33-a9e9-99128bf6a841/1/2NPKLCMa_fOwNVx3p8uyJvgbdN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7dc0:100::/40
Signature Algorithm: sha256WithRSAEncryption
cd:b4:49:a1:7c:58:a6:96:a7:69:f6:d9:a3:88:dc:f9:6f:56:
ad:84:14:4d:8b:a6:70:f3:2d:f5:7b:fa:f8:b7:a1:67:fc:e7:
08:e5:17:01:dc:e1:df:7c:03:e2:d9:be:7f:71:4b:99:a5:89:
8f:71:50:66:a7:c4:8d:ad:e0:39:d3:6d:2b:82:31:c5:c8:2e:
ac:3c:74:0d:55:46:b0:0c:a3:eb:01:dc:a8:f2:86:b3:12:5e:
13:93:d5:e1:1e:96:6a:94:4a:1c:3a:29:14:cd:1e:41:8c:51:
4a:c6:bf:ee:79:07:aa:ab:27:09:79:68:f1:20:1f:52:0b:b2:
6d:05:ba:c1:5b:b0:55:49:bd:26:12:7a:35:2e:7e:a7:32:67:
15:51:e4:07:5f:81:cf:4f:d5:06:fd:03:de:b2:9e:86:f5:f9:
8a:cd:36:9a:c7:19:c6:7b:60:dd:28:05:7e:8d:9c:00:ae:80:
de:74:fb:d3:41:b1:fe:9f:67:c1:49:e8:bf:2b:e2:b9:8a:40:
ab:7e:70:16:48:0f:06:5d:b4:25:95:36:86:70:97:19:80:af:
a2:08:f0:6c:ab:56:8c:c3:9e:51:8d:e4:f5:88:be:82:28:a3:
8d:8b:fb:1f:68:6a:38:b1:79:3c:5f:bc:c3:41:a8:b4:6f:af:
bd:fd:e1:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZZ7dfaGTYlowQajY1mckDzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDNjYTJjMjMxYWZkZjNiMDM1NWM3N2E3Y2JiMjI2Zjgx
Yjc0ZGUwHhcNMjUwNDI4MDgxNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA4M2QxMzRmZmZlMTkxNGRjODVlMTYxMDY1ZWI2MzBjYjQ0ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2nY3d52Vkpw9MmXH37XurrHCR46
Np43Ycjp9rrCKeAhr18Zx21EUva1qFYLEWEPRgy1wyaYHC7ndyQK4TfXbLLQY0ZT
Cb5OphlKKRaLj3mvohJppIY4mWkrsgU5dDNr6itQLGYVDp6NdWZIAZCnuOsrxGiI
CNCQQL8dQSPqGStyz9JPy4JmhzbF5CGr58eOslDrczYY+XPEPlHu5jrxjDkhbs9s
SGBP0Mprd5FPB4e7OS3ZRtFAN8j2ueC4xYB2Crh119I2vQAOVpFhmKQLMQ7uFq8S
DkSZzFsElhEzkyo3nVDu43ZJ200gEMkZRfg7sOrx1t62AGUJVx6oH1uKdQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA4IPRNP/+GRTcheFhBl62MMtE7MMB8GA1UdIwQY
MBaAFNjTyiwjGv3zsDVcd6fLsib4G3TeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTkt
OTkxMjhiZjZhODQxLzEvRGdnOUUwX180WkZOeUY0V0VHWHJZd3kwVHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8zYzA3NmItYWVhMS00YTMzLWE5ZTktOTkxMjhiZjZhODQx
LzEvMk5QS0xDTWFfZk93TlZ4M3A4dXlKdmdiZE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR9wAEw
DQYJKoZIhvcNAQELBQADggEBAM20SaF8WKaWp2n22aOI3PlvVq2EFE2LpnDzLfV7
+vi3oWf85wjlFwHc4d98A+LZvn9xS5mliY9xUGanxI2t4DnTbSuCMcXILqw8dA1V
RrAMo+sB3KjyhrMSXhOT1eEelmqUShw6KRTNHkGMUUrGv+55B6qrJwl5aPEgH1IL
sm0FusFbsFVJvSYSejUufqcyZxVR5Adfgc9P1Qb9A96ynob1+YrNNprHGcZ7YN0o
BX6NnACugN50+9NBsf6fZ8FJ6L8r4rmKQKt+cBZIDwZdtCWVNoZwlxmAr6II8Gyr
VozDnlGN5PWIvoIoo42L+x9oajixeTxfvMNBqLRvr7394fA=
-----END CERTIFICATE-----
Generated at Thu May 15 13:22:18 2025 by rpki-client