Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/x4sSlVooENg-vPh6vZE2TaYqhKo.roa
File: x4sSlVooENg-vPh6vZE2TaYqhKo.roa (raw, json)
Hash identifier: nWOHHm4rNFTfMHwE/R4fLJzPshMn7zzeK83lQO6ONak=
Subject key identifier: C7:8B:12:95:5A:28:10:D8:3E:BC:F8:7A:BD:91:36:4D:A6:2A:84:AA
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019611966042962F3996D9119E035363ED49
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/x4sSlVooENg-vPh6vZE2TaYqhKo.roa
Signing time: Mon 07 Apr 2025 18:49:49 +0000
ROA not before: Mon 07 Apr 2025 18:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0e:7f47::/32 maxlen: 32
2a11:c101::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Apr 2025 17:22:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:96:60:42:96:2f:39:96:d9:11:9e:03:53:63:ed:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 7 18:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c78b12955a2810d83ebcf87abd91364da62a84aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:78:ff:02:ed:02:b2:fb:73:e5:b5:6a:a0:82:
42:48:96:cf:5f:7b:b2:88:31:37:9a:84:4b:31:8d:
9b:cb:f2:5a:e7:b0:bc:cb:b0:04:c0:14:e2:9b:29:
b8:39:85:30:9c:94:5a:d1:6d:eb:7a:b5:4f:a4:74:
c8:2a:a6:61:30:c8:33:c3:c8:16:00:e4:8d:2b:7f:
ad:67:f2:51:34:c9:07:ec:e9:99:ad:74:de:d5:bc:
a5:19:e0:3e:e3:92:28:58:a3:e6:e6:80:ca:ee:20:
25:13:3a:58:fc:52:bb:2d:f7:6e:bd:5d:41:67:b1:
bf:cf:1b:64:b5:7c:f8:84:3d:2f:fd:57:57:00:b9:
82:6d:46:16:25:f6:e8:2e:47:46:49:9e:91:32:f3:
03:2a:e4:fa:0b:fe:7b:07:2d:11:02:8d:81:b5:4f:
38:fd:0d:17:85:fe:a9:78:e9:0e:36:3d:2f:5b:88:
65:00:48:ad:08:fc:0e:87:b0:1b:2f:29:3a:f4:b8:
fc:a4:aa:91:ec:bc:fc:ed:94:9f:22:65:6e:2e:04:
fc:1a:e2:1b:23:f2:ba:86:19:80:f8:ce:73:52:46:
83:fc:ff:d8:ad:09:23:e3:6d:96:aa:89:d4:84:30:
ba:5d:38:a9:03:c8:68:db:88:09:a4:b5:37:b2:e0:
7f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8B:12:95:5A:28:10:D8:3E:BC:F8:7A:BD:91:36:4D:A6:2A:84:AA
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/x4sSlVooENg-vPh6vZE2TaYqhKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f47::/32
2a11:c101::/32
Signature Algorithm: sha256WithRSAEncryption
a6:36:77:eb:45:5c:a8:b6:24:17:5d:bf:e0:2f:ba:bd:69:15:
a4:83:1d:45:2d:b9:46:fe:a2:7f:fe:6c:f5:7f:b8:19:1f:a8:
ca:3a:af:c8:d9:43:60:a3:b5:f0:d2:e9:62:89:26:ba:dc:db:
7e:6c:5f:0e:0d:ea:7d:ff:66:11:9c:3f:29:86:fa:da:ef:03:
3e:41:68:71:12:d0:ba:ff:43:0c:2f:9a:34:4a:27:5d:ef:08:
53:5c:09:9c:ce:98:cf:c8:f0:e6:12:04:df:84:fc:ee:05:2e:
15:73:4c:71:da:bf:16:35:be:90:ca:82:f9:54:37:af:ef:ab:
16:96:e4:01:18:02:10:81:d4:65:c4:a2:76:f6:cf:ad:4e:d2:
fa:f9:5e:d4:87:50:27:bb:ad:20:8e:49:ef:b0:ac:d7:85:e4:
95:e0:8a:8b:e5:5a:91:de:86:2d:ab:1a:75:c4:80:46:66:a6:
d9:b5:5c:a9:b3:11:e8:4c:dc:4b:0d:64:1e:fc:aa:ae:d7:1d:
e8:83:b3:e5:49:7d:86:4f:f4:9f:36:07:f6:68:47:a2:19:52:
74:1c:77:91:59:3f:b2:fb:c9:9d:72:ff:6b:cb:7d:d2:14:06:
69:62:82:cd:e2:ad:1b:27:6a:ad:1b:dd:34:46:54:6c:bf:de:
f8:9a:29:20
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYRlmBCli85ltkRngNTY+1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDA3MTg0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhiMTI5NTVhMjgxMGQ4M2ViY2Y4N2FiZDkxMzY0ZGE2MmE4NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnj/Au0Csvtz5bVqoIJCSJbPX3uy
iDE3moRLMY2by/Ja57C8y7AEwBTimym4OYUwnJRa0W3rerVPpHTIKqZhMMgzw8gW
AOSNK3+tZ/JRNMkH7OmZrXTe1bylGeA+45IoWKPm5oDK7iAlEzpY/FK7LfduvV1B
Z7G/zxtktXz4hD0v/VdXALmCbUYWJfboLkdGSZ6RMvMDKuT6C/57By0RAo2BtU84
/Q0Xhf6peOkONj0vW4hlAEitCPwOh7AbLyk69Lj8pKqR7Lz87ZSfImVuLgT8GuIb
I/K6hhmA+M5zUkaD/P/YrQkj422WqonUhDC6XTipA8ho24gJpLU3suB/sQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMeLEpVaKBDYPrz4er2RNk2mKoSqMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEveDRzU2xWb29FTmctdlBoNnZaRTJUYVlxaEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/RwMF
ACoRwQEwDQYJKoZIhvcNAQELBQADggEBAKY2d+tFXKi2JBddv+Avur1pFaSDHUUt
uUb+on/+bPV/uBkfqMo6r8jZQ2CjtfDS6WKJJrrc235sXw4N6n3/ZhGcPymG+trv
Az5BaHES0Lr/QwwvmjRKJ13vCFNcCZzOmM/I8OYSBN+E/O4FLhVzTHHavxY1vpDK
gvlUN6/vqxaW5AEYAhCB1GXEonb2z61O0vr5XtSHUCe7rSCOSe+wrNeF5JXgiovl
WpHehi2rGnXEgEZmptm1XKmzEehM3EsNZB78qq7XHeiDs+VJfYZP9J82B/ZoR6IZ
UnQcd5FZP7L7yZ1y/2vLfdIUBmligs3irRsnaq0b3TRGVGy/3viaKSA=
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:29:13 2025 by rpki-client