Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/__CNZomveD-OUyZVP4vKGsWcEas.roa
File: __CNZomveD-OUyZVP4vKGsWcEas.roa (raw, json)
Hash identifier: orz2X09ptOCQYCQmF5MN31nb7nU0mhS4+WrEctEQfII=
Subject key identifier: FF:F0:8D:66:89:AF:78:3F:8E:53:26:55:3F:8B:CA:1A:C5:9C:11:AB
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01938BEC7661C070A7F518B38B59989121A9
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/__CNZomveD-OUyZVP4vKGsWcEas.roa
Signing time: Tue 03 Dec 2024 09:49:09 +0000
ROA not before: Tue 03 Dec 2024 09:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a06:d643::/32 maxlen: 32
2a09:e305::/32 maxlen: 32
2a09:ef03::/32 maxlen: 32
2a0a:b380::/32 maxlen: 32
2a0d:95c4::/32 maxlen: 32
2a0f:3107::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:ec:76:61:c0:70:a7:f5:18:b3:8b:59:98:91:21:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Dec 3 09:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fff08d6689af783f8e5326553f8bca1ac59c11ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:95:60:e5:38:93:59:6b:8b:60:e1:78:d6:84:
db:4b:c5:39:5a:a0:1f:46:d1:29:64:22:da:a7:46:
f4:73:18:fc:1a:d0:52:90:3c:93:cd:3b:22:c4:1d:
68:a6:c2:be:82:21:3e:01:18:18:0a:53:9c:65:5f:
4e:0e:7b:ee:f4:bf:ab:f9:ae:7c:da:e0:fd:22:d3:
39:73:1c:58:e0:ae:8e:1d:8f:51:f3:3b:52:1c:2e:
4c:b9:6d:93:30:f0:0f:2d:9c:9a:33:31:6b:89:71:
fa:18:51:f4:20:d1:64:f5:1c:ca:44:a4:c3:a6:bc:
96:a2:b6:03:52:09:98:b6:bf:d5:01:3f:c1:5b:63:
c1:70:03:19:f2:b4:6b:92:fb:1d:67:53:56:4a:6c:
8e:93:0a:c1:56:e8:4f:7d:e2:06:5c:18:16:58:4c:
61:e7:62:41:6f:3d:27:81:9a:a5:41:bd:83:23:b4:
85:91:e4:d2:3f:15:65:54:9d:82:6b:e3:e5:73:6b:
6e:2e:c6:f5:6c:ed:24:e1:65:f6:14:6e:7f:ba:bb:
9e:31:5d:60:6d:9a:c6:22:7c:ae:8c:0c:d9:22:94:
48:56:48:ca:33:e6:dc:12:46:04:4f:80:d4:e2:d1:
43:e7:32:7c:8e:1f:f1:08:11:4d:f4:bf:b2:85:2f:
a9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F0:8D:66:89:AF:78:3F:8E:53:26:55:3F:8B:CA:1A:C5:9C:11:AB
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/__CNZomveD-OUyZVP4vKGsWcEas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d643::/32
2a09:e305::/32
2a09:ef03::/32
2a0a:b380::/32
2a0d:95c4::/32
2a0f:3107::/32
Signature Algorithm: sha256WithRSAEncryption
0f:fd:c1:f6:6d:ef:ec:e4:e7:5b:bf:dd:a1:53:cc:4c:2e:73:
82:89:3e:62:3f:95:1c:bd:3b:01:9d:bb:da:fc:a1:e4:e2:64:
2b:dd:11:f9:21:58:ee:53:97:f0:21:bb:ac:0a:16:a7:5b:bd:
cf:59:e7:a0:df:75:34:d8:f1:f0:db:77:e6:1f:4a:ff:59:91:
18:e2:06:8e:ed:ac:89:5d:59:d0:54:f3:6b:cc:34:9d:37:74:
d9:ad:46:7f:2a:69:22:b1:5b:fb:6f:3e:aa:dd:c8:38:0b:db:
10:3b:b5:9e:9b:e8:bb:0a:eb:68:47:15:ce:26:a2:f5:98:d5:
b8:9d:2f:7d:51:ff:ad:46:49:5b:bc:16:c8:32:3c:6f:39:08:
27:10:5b:f7:d1:6c:40:be:bd:8a:5f:1e:fd:f5:c7:7c:a1:c9:
12:f5:2b:5e:fd:4e:ba:e9:62:b2:a3:13:7f:c6:59:1d:e5:1f:
18:87:41:86:61:ba:f7:a2:c5:68:4a:95:94:45:2c:f9:7f:6a:
27:41:14:6b:6a:6a:1f:6d:12:94:99:bf:11:dd:2b:d8:05:99:
5c:0d:1c:b7:17:52:3a:36:b0:cd:86:45:49:00:b6:c4:22:27:
bf:4a:07:f7:fb:12:91:a9:d2:04:af:bd:1e:85:89:9c:db:90:
a6:df:03:9b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZOL7HZhwHCn9Rizi1mYkSGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMjAzMDk0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmYwOGQ2Njg5YWY3ODNmOGU1MzI2NTUzZjhiY2ExYWM1OWMxMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35Vg5TiTWWuLYOF41oTbS8U5WqAf
RtEpZCLap0b0cxj8GtBSkDyTzTsixB1opsK+giE+ARgYClOcZV9ODnvu9L+r+a58
2uD9ItM5cxxY4K6OHY9R8ztSHC5MuW2TMPAPLZyaMzFriXH6GFH0INFk9RzKRKTD
pryWorYDUgmYtr/VAT/BW2PBcAMZ8rRrkvsdZ1NWSmyOkwrBVuhPfeIGXBgWWExh
52JBbz0ngZqlQb2DI7SFkeTSPxVlVJ2Ca+Plc2tuLsb1bO0k4WX2FG5/urueMV1g
bZrGInyujAzZIpRIVkjKM+bcEkYET4DU4tFD5zJ8jh/xCBFN9L+yhS+pnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP/wjWaJr3g/jlMmVT+LyhrFnBGrMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvX19DTlpvbXZlRC1PVXlaVlA0dktHc1djRWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgbWQwMF
ACoJ4wUDBQAqCe8DAwUAKgqzgAMFACoNlcQDBQAqDzEHMA0GCSqGSIb3DQEBCwUA
A4IBAQAP/cH2be/s5Odbv92hU8xMLnOCiT5iP5UcvTsBnbva/KHk4mQr3RH5IVju
U5fwIbusChanW73PWeeg33U02PHw23fmH0r/WZEY4gaO7ayJXVnQVPNrzDSdN3TZ
rUZ/KmkisVv7bz6q3cg4C9sQO7Wem+i7CutoRxXOJqL1mNW4nS99Uf+tRklbvBbI
MjxvOQgnEFv30WxAvr2KXx799cd8ockS9Ste/U666WKyoxN/xlkd5R8Yh0GGYbr3
osVoSpWURSz5f2onQRRramofbRKUmb8R3SvYBZlcDRy3F1I6NrDNhkVJALbEIie/
Sgf3+xKRqdIEr70ehYmc25Cm3wOb
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:55:24 2025 by rpki-client