Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/zRUeWa0cHwYSeCulaQD7CwglfcA.roa
File: zRUeWa0cHwYSeCulaQD7CwglfcA.roa (raw, json)
Hash identifier: n64Z0LZHJ6IaidXI5aCAz7/vA6SxDaNJnSQHAtoQauA=
Subject key identifier: CD:15:1E:59:AD:1C:1F:06:12:78:2B:A5:69:00:FB:0B:08:25:7D:C0
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 019421445A474EB5CB019E4787F374650030
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/zRUeWa0cHwYSeCulaQD7CwglfcA.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215366
IP address blocks: 2a09:7ac1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Feb 2025 14:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5a:47:4e:b5:cb:01:9e:47:87:f3:74:65:00:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd151e59ad1c1f0612782ba56900fb0b08257dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:83:fd:88:b5:b8:55:ba:61:40:56:0b:ac:2e:
cc:bf:43:cb:0d:6a:29:ea:67:ee:81:15:4a:49:a1:
bb:12:57:45:42:33:19:9e:67:41:bd:fe:17:28:ea:
35:98:ce:d7:13:7c:e0:ea:f3:a5:5d:eb:4a:8e:87:
13:12:73:6d:1f:f8:be:f7:d1:9f:a6:f0:dd:19:82:
3c:13:9f:ad:04:d4:e4:9f:88:53:de:52:50:e7:b7:
66:eb:f7:3b:f4:2c:22:c9:6c:ea:aa:a9:63:b5:85:
1f:96:9d:74:cd:31:eb:89:23:48:18:ab:9d:c1:d6:
ec:01:45:95:a1:fe:3b:82:82:71:ee:7c:d4:73:42:
85:03:a3:a5:a7:70:8f:98:0e:a9:bd:e0:60:a4:2d:
1c:23:f1:cb:5f:27:e6:b4:c4:aa:f6:ae:bc:cd:b0:
7d:2b:7e:0b:1d:8e:bb:65:e0:81:85:4f:d6:9a:2f:
cd:6e:8c:b3:bb:51:40:28:f4:8b:b5:1a:37:84:38:
9a:b0:80:af:1b:7a:5b:67:4b:d0:a5:b9:ab:2b:03:
b5:be:8b:a8:89:91:66:b4:85:16:d7:a1:9f:04:bb:
9e:4a:b5:0a:86:b8:0c:7f:8d:42:d4:63:6e:d2:93:
d7:2a:3c:b7:c9:1b:66:b9:58:59:27:f5:d0:53:95:
2a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:15:1E:59:AD:1C:1F:06:12:78:2B:A5:69:00:FB:0B:08:25:7D:C0
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/zRUeWa0cHwYSeCulaQD7CwglfcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7ac1::/48
Signature Algorithm: sha256WithRSAEncryption
76:bd:99:ea:e6:28:fd:6d:63:52:a5:0c:a6:a0:be:ad:70:68:
a0:1b:63:ff:38:8c:ab:cc:aa:a3:61:7b:0c:7f:36:5f:1a:9e:
f6:ba:4f:a9:21:f5:e4:96:5a:96:b2:e0:c9:96:16:65:7d:51:
e3:49:e2:02:bc:78:2b:29:27:0c:d0:80:1c:41:32:62:64:01:
a1:9e:02:20:8c:85:7e:a5:1f:7d:f8:f5:0b:00:58:07:9c:8a:
6f:bf:82:ea:a5:ad:5f:ef:3f:71:57:35:47:89:0a:06:2a:d4:
51:e7:6f:0e:cc:d9:6e:93:e0:98:2e:be:dd:d6:88:68:07:b7:
a6:39:47:24:99:a4:02:ea:33:ad:ea:dc:97:01:d7:62:5a:58:
b0:7f:4e:47:72:42:b5:75:f6:6a:c4:c0:7f:34:5d:93:0f:91:
87:60:9e:60:a8:24:bc:8c:8f:db:f3:38:68:27:a3:ad:e8:75:
0a:43:26:76:c3:a0:4a:96:82:e6:18:d4:7e:42:28:3d:74:62:
6e:08:50:d2:5d:39:f2:e9:4f:ad:27:f4:51:dd:df:9d:3a:98:
5e:c6:6e:17:76:de:e3:1e:1c:2f:d8:42:5e:2c:d5:a8:22:53:
0b:7a:09:c4:ba:b1:ef:78:e8:23:7d:ae:f8:01:61:be:8f:93:
00:7b:ad:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRFpHTrXLAZ5Hh/N0ZQAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDE1MWU1OWFkMWMxZjA2MTI3ODJiYTU2OTAwZmIwYjA4MjU3ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYP9iLW4VbphQFYLrC7Mv0PLDWop
6mfugRVKSaG7EldFQjMZnmdBvf4XKOo1mM7XE3zg6vOlXetKjocTEnNtH/i+99Gf
pvDdGYI8E5+tBNTkn4hT3lJQ57dm6/c79CwiyWzqqqljtYUflp10zTHriSNIGKud
wdbsAUWVof47goJx7nzUc0KFA6Olp3CPmA6pveBgpC0cI/HLXyfmtMSq9q68zbB9
K34LHY67ZeCBhU/Wmi/Nboyzu1FAKPSLtRo3hDiasICvG3pbZ0vQpbmrKwO1vouo
iZFmtIUW16GfBLueSrUKhrgMf41C1GNu0pPXKjy3yRtmuVhZJ/XQU5UqqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM0VHlmtHB8GEngrpWkA+wsIJX3AMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvelJVZVdhMGNId1lTZUN1bGFRRDdDd2dsZmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgl6wQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB2vZnq5ij9bWNSpQymoL6tcGigG2P/OIyrzKqj
YXsMfzZfGp72uk+pIfXkllqWsuDJlhZlfVHjSeICvHgrKScM0IAcQTJiZAGhngIg
jIV+pR99+PULAFgHnIpvv4Lqpa1f7z9xVzVHiQoGKtRR528OzNluk+CYLr7d1oho
B7emOUckmaQC6jOt6tyXAddiWliwf05HckK1dfZqxMB/NF2TD5GHYJ5gqCS8jI/b
8zhoJ6Ot6HUKQyZ2w6BKloLmGNR+Qig9dGJuCFDSXTny6U+tJ/RR3d+dOphexm4X
dt7jHhwv2EJeLNWoIlMLegnEurHveOgjfa74AWG+j5MAe60N
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:00:10 2025 by rpki-client