Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/D17YZnPDq4kw3HdbJC14dNb-WP0.roa
File: D17YZnPDq4kw3HdbJC14dNb-WP0.roa (raw, json)
Hash identifier: M4bxxsJz9HX0MKL5A9B5ktrCq8WyuFKaA/rDgXRo2aI=
Subject key identifier: 0F:5E:D8:66:73:C3:AB:89:30:DC:77:5B:24:2D:78:74:D6:FE:58:FD
Certificate issuer: /CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Certificate serial: 01942746D136D432C65650229C3497AC5EE2
Authority key identifier: F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/D17YZnPDq4kw3HdbJC14dNb-WP0.roa
Signing time: Thu 02 Jan 2025 13:49:00 +0000
ROA not before: Thu 02 Jan 2025 13:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214673
IP address blocks: 2a11:4880::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Jan 2025 16:33:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:d1:36:d4:32:c6:56:50:22:9c:34:97:ac:5e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Validity
Not Before: Jan 2 13:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5ed86673c3ab8930dc775b242d7874d6fe58fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:c6:d7:5d:39:21:57:3f:d5:4f:39:cd:34:
15:c8:98:7c:17:f1:97:d2:6e:24:76:bf:25:bb:2a:
c5:3b:9d:d4:83:88:bb:ad:69:6e:f5:16:0b:26:e2:
62:b1:31:6e:c9:1c:37:11:61:c6:3d:f1:75:68:3c:
68:94:4a:88:b8:3e:39:7d:d7:ca:e1:b8:ef:dc:c5:
cf:0e:58:88:07:47:34:5c:bb:ca:fb:e6:c9:ac:67:
48:fe:38:96:2e:06:16:ed:28:9f:7b:e1:15:6f:d2:
5f:46:1a:8f:48:53:5b:26:ce:97:c9:80:b1:ef:52:
9b:22:07:70:7d:61:bc:10:f4:a9:65:f5:e9:7d:58:
f6:d8:58:a2:75:6f:b4:32:68:2b:02:5a:bf:d3:66:
b6:79:93:d2:09:82:16:39:9e:f9:25:8c:13:fc:3a:
24:a1:d0:71:ab:3b:cf:db:7b:c9:28:f2:d1:c7:c3:
52:83:df:37:04:63:26:44:ca:0c:bd:8e:40:9f:60:
34:cb:67:d7:0a:44:4c:14:a6:09:89:76:20:b8:41:
bf:71:ab:6b:4f:dd:42:a5:53:3a:6b:71:dc:cd:66:
6d:f7:e2:03:80:01:cb:53:60:69:78:2a:f5:00:c5:
ec:c8:0f:eb:df:23:4a:7b:81:29:f2:95:f0:6b:0a:
be:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5E:D8:66:73:C3:AB:89:30:DC:77:5B:24:2D:78:74:D6:FE:58:FD
X509v3 Authority Key Identifier:
keyid:F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/D17YZnPDq4kw3HdbJC14dNb-WP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/8NnLvv3mEuYeDND_C4cZYcv3l-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4880::/32
Signature Algorithm: sha256WithRSAEncryption
0c:12:e0:6e:75:5a:fa:78:71:10:63:7f:d9:b9:62:0b:07:39:
2b:79:9b:eb:ab:70:e9:a4:e4:b8:3b:62:0e:0d:fc:b6:54:59:
43:01:a6:dd:77:9e:ae:27:2a:41:27:56:cc:6f:8f:e7:07:df:
59:5d:3d:2d:8d:2e:69:09:37:f9:f2:b6:46:02:91:9c:ef:60:
20:31:37:be:70:ab:5b:5c:47:73:7e:a1:e7:b1:ff:7c:c2:e4:
36:7b:2a:b6:f1:13:ff:92:27:b1:45:e2:ec:ef:ce:53:cd:5b:
86:3c:ed:5e:85:2c:11:8f:2c:f6:b2:61:79:3a:08:58:d2:95:
4d:8f:9b:31:7c:f8:98:35:68:e8:98:33:6d:3e:bc:0d:15:22:
9f:60:38:d3:c9:af:bc:ec:4d:ce:94:42:12:fb:a3:89:b1:b1:
68:c6:33:c7:e6:e1:56:d0:fd:fa:c3:35:3c:24:e9:d2:45:d4:
b3:e3:5f:70:28:02:dd:b8:04:f3:7d:8b:a5:a9:40:1b:e6:f9:
11:c4:e3:22:88:0b:7a:8c:ba:6e:c0:68:89:ee:78:34:98:7c:
6a:39:7e:91:3b:6c:86:92:df:42:f4:ca:91:fc:95:60:f6:61:
72:57:2e:6e:d7:ec:fb:2b:b2:b8:9e:9d:3f:b8:0e:4c:a6:e7:
b6:8c:5f:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnRtE21DLGVlAinDSXrF7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDljYmJlZmRlNjEyZTYxZTBjZDBmZjBiODcxOTYxY2Jm
Nzk3ZTMwHhcNMjUwMTAyMTM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjVlZDg2NjczYzNhYjg5MzBkYzc3NWIyNDJkNzg3NGQ2ZmU1OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNbG1105IVc/1U85zTQVyJh8F/GX
0m4kdr8luyrFO53Ug4i7rWlu9RYLJuJisTFuyRw3EWHGPfF1aDxolEqIuD45fdfK
4bjv3MXPDliIB0c0XLvK++bJrGdI/jiWLgYW7Sife+EVb9JfRhqPSFNbJs6XyYCx
71KbIgdwfWG8EPSpZfXpfVj22FiidW+0MmgrAlq/02a2eZPSCYIWOZ75JYwT/Dok
odBxqzvP23vJKPLRx8NSg983BGMmRMoMvY5An2A0y2fXCkRMFKYJiXYguEG/catr
T91CpVM6a3HczWZt9+IDgAHLU2BpeCr1AMXsyA/r3yNKe4Ep8pXwawq+DQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA9e2GZzw6uJMNx3WyQteHTW/lj9MB8GA1UdIwQY
MBaAFPDZy7795hLmHgzQ/wuHGWHL95fjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQt
ZjkyOTE1YTk2OGJjLzEvRDE3WVpuUERxNGt3M0hkYkpDMTRkTmItV1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQtZjkyOTE1YTk2OGJj
LzEvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFIgDAN
BgkqhkiG9w0BAQsFAAOCAQEADBLgbnVa+nhxEGN/2bliCwc5K3mb66tw6aTkuDti
Dg38tlRZQwGm3XeericqQSdWzG+P5wffWV09LY0uaQk3+fK2RgKRnO9gIDE3vnCr
W1xHc36h57H/fMLkNnsqtvET/5InsUXi7O/OU81bhjztXoUsEY8s9rJheToIWNKV
TY+bMXz4mDVo6JgzbT68DRUin2A408mvvOxNzpRCEvujibGxaMYzx+bhVtD9+sM1
PCTp0kXUs+NfcCgC3bgE832LpalAG+b5EcTjIogLeoy6bsBoie54NJh8ajl+kTts
hpLfQvTKkfyVYPZhclcubtfs+yuyuJ6dP7gOTKbntoxfmg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:06:03 2025 by rpki-client