Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9D4lIPecpwm2UkkBhcqXKw4ac2Y.roa
File: 9D4lIPecpwm2UkkBhcqXKw4ac2Y.roa (raw, json)
Hash identifier: t6g03eNWvAMPxMTsEVslAObUWZXBKEkZGcQL0on29Ds=
Subject key identifier: F4:3E:25:20:F7:9C:A7:09:B6:52:49:01:85:CA:97:2B:0E:1A:73:66
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 019731F56F3C7CB952BD22B889F10B8CC7A9
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9D4lIPecpwm2UkkBhcqXKw4ac2Y.roa
Signing time: Mon 02 Jun 2025 18:44:17 +0000
ROA not before: Mon 02 Jun 2025 18:44:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a14:9705::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Jun 2025 18:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:f5:6f:3c:7c:b9:52:bd:22:b8:89:f1:0b:8c:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Jun 2 18:44:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f43e2520f79ca709b652490185ca972b0e1a7366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:16:c6:c3:20:c7:2a:04:a9:b8:cb:f9:60:fc:
4a:42:f0:7b:b0:3e:57:64:4a:9a:6c:0f:c6:96:ae:
f3:74:ee:55:b2:70:ad:53:d4:68:16:f0:15:f8:5f:
8a:8b:40:5b:24:36:13:9a:a0:12:b8:19:a0:a9:6e:
ee:3e:e5:60:f5:d6:f9:63:72:83:fe:7e:c1:6d:0f:
7c:d4:f2:2c:a4:c8:1e:e5:93:41:bb:5f:ea:f5:67:
5f:04:15:65:5f:fa:35:89:94:c2:d4:f7:d0:7b:67:
db:99:eb:50:b8:8e:f9:bc:0d:be:d0:ee:ab:f9:20:
56:8d:59:dc:66:a9:20:1f:ee:56:f6:fa:cb:79:d6:
79:24:76:1a:6a:fe:44:a7:7f:c9:09:88:3a:9d:b0:
cd:2c:0d:28:df:d2:e1:2b:dc:df:70:8e:60:be:d4:
b3:54:29:c1:bc:90:29:cc:95:c0:fc:e0:c2:22:92:
46:14:2d:40:96:2c:c4:16:20:95:f2:e4:86:c0:a8:
86:e0:99:c8:04:c6:79:6a:9c:09:d8:0f:9b:97:f5:
09:2b:b8:ad:89:e0:5c:b8:cb:52:c0:7a:17:fb:35:
28:bb:f1:da:48:dd:b3:62:6f:9c:a1:ea:b5:cc:16:
d5:9d:b6:9f:58:ca:47:99:f1:ee:f3:75:c8:b1:6d:
86:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3E:25:20:F7:9C:A7:09:B6:52:49:01:85:CA:97:2B:0E:1A:73:66
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/9D4lIPecpwm2UkkBhcqXKw4ac2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9705::/32
Signature Algorithm: sha256WithRSAEncryption
05:8c:db:36:c1:71:74:43:44:9d:8c:e2:de:cc:70:71:c1:f1:
c8:ae:8e:93:56:e9:e5:cc:c2:c5:f4:b1:be:d0:df:a8:d0:28:
99:8b:70:39:64:3d:50:5a:d8:ca:de:5c:d4:c7:7b:a6:32:69:
bf:b3:2d:5c:6d:ae:d7:44:be:c5:91:d6:6a:c1:d5:a5:b4:67:
06:dc:9d:5c:4f:95:c4:7a:0d:c5:aa:de:05:8c:68:9b:ce:43:
40:58:bf:c6:78:9a:bf:7e:d2:30:cc:be:56:4e:7c:e3:a7:e4:
73:c4:fb:96:c5:6a:e6:a2:bf:6d:c9:2f:90:4b:21:aa:4a:c6:
61:5e:8e:5b:cc:22:d8:98:58:fc:32:f7:f1:d1:4c:41:02:aa:
65:e3:6b:53:47:a8:6e:53:7a:8f:61:7a:9d:b5:64:a8:87:b4:
5e:1b:78:9b:45:db:59:25:b5:11:b9:52:b5:d7:ca:d4:2f:ba:
d0:a5:56:dd:f8:9d:49:65:7f:55:7b:c7:76:d6:fc:77:ea:05:
38:8b:3b:d1:dd:0f:65:dc:cb:a8:4e:21:70:e7:4f:7c:ea:53:
1d:7b:20:4b:f3:77:bf:8f:89:34:0c:38:ba:3b:7b:a1:94:6b:
49:6e:d2:4f:76:1a:82:bd:d4:47:cb:66:ea:3a:3c:ff:d4:fc:
f4:76:0e:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcx9W88fLlSvSK4ifELjMepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjUwNjAyMTg0NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNlMjUyMGY3OWNhNzA5YjY1MjQ5MDE4NWNhOTcyYjBlMWE3MzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthbGwyDHKgSpuMv5YPxKQvB7sD5X
ZEqabA/Glq7zdO5VsnCtU9RoFvAV+F+Ki0BbJDYTmqASuBmgqW7uPuVg9db5Y3KD
/n7BbQ981PIspMge5ZNBu1/q9WdfBBVlX/o1iZTC1PfQe2fbmetQuI75vA2+0O6r
+SBWjVncZqkgH+5W9vrLedZ5JHYaav5Ep3/JCYg6nbDNLA0o39LhK9zfcI5gvtSz
VCnBvJApzJXA/ODCIpJGFC1AlizEFiCV8uSGwKiG4JnIBMZ5apwJ2A+bl/UJK7it
ieBcuMtSwHoX+zUou/HaSN2zYm+coeq1zBbVnbafWMpHmfHu83XIsW2G4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPQ+JSD3nKcJtlJJAYXKlysOGnNmMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvOUQ0bElQZWNwd20yVWtrQmhjcVhLdzRhYzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhSXBTAN
BgkqhkiG9w0BAQsFAAOCAQEABYzbNsFxdENEnYzi3sxwccHxyK6Ok1bp5czCxfSx
vtDfqNAomYtwOWQ9UFrYyt5c1Md7pjJpv7MtXG2u10S+xZHWasHVpbRnBtydXE+V
xHoNxareBYxom85DQFi/xniav37SMMy+Vk5846fkc8T7lsVq5qK/bckvkEshqkrG
YV6OW8wi2JhY/DL38dFMQQKqZeNrU0eoblN6j2F6nbVkqIe0Xht4m0XbWSW1EblS
tdfK1C+60KVW3fidSWV/VXvHdtb8d+oFOIs70d0PZdzLqE4hcOdPfOpTHXsgS/N3
v4+JNAw4ujt7oZRrSW7ST3Yagr3UR8tm6jo8/9T89HYOjw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:25:11 2025 by rpki-client