Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/rcUkghT58DUtAtKpXCWoxsmt0i8.roa
File: rcUkghT58DUtAtKpXCWoxsmt0i8.roa (raw, json)
Hash identifier: J+0SIdgqsfaVJXD5VRp2xRVCSi4Nw8bCDqLhr0MjQkk=
Subject key identifier: AD:C5:24:82:14:F9:F0:35:2D:02:D2:A9:5C:25:A8:C6:C9:AD:D2:2F
Certificate issuer: /CN=cfdc217388aa7e9028dd1e04ba64291352d60bef
Certificate serial: 0193AAD3E415118DE60A588FE25908400005
Authority key identifier: CF:DC:21:73:88:AA:7E:90:28:DD:1E:04:BA:64:29:13:52:D6:0B:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9whc4iqfpAo3R4EumQpE1LWC-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/rcUkghT58DUtAtKpXCWoxsmt0i8.roa
Signing time: Mon 09 Dec 2024 09:50:33 +0000
ROA not before: Mon 09 Dec 2024 09:50:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49034
IP address blocks: 2a00:f6e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 11 Dec 2024 13:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:d3:e4:15:11:8d:e6:0a:58:8f:e2:59:08:40:00:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdc217388aa7e9028dd1e04ba64291352d60bef
Validity
Not Before: Dec 9 09:50:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adc5248214f9f0352d02d2a95c25a8c6c9add22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:7e:92:82:cc:8c:ee:7b:7d:8c:4f:16:3b:b7:
ba:43:de:83:e8:ce:41:29:cb:11:24:56:3e:20:53:
92:f2:87:8a:78:5a:53:06:f1:6a:e3:97:b8:5c:eb:
29:ae:ac:bc:ff:08:de:51:62:45:02:cd:cd:51:e6:
00:db:52:ee:9c:c1:f9:e5:3c:f2:80:a9:91:7c:27:
79:4d:5f:0e:18:44:6a:3f:5b:2c:50:ac:98:5d:fe:
23:d1:93:b5:8a:48:7b:5b:02:d0:9d:1c:c8:bc:03:
27:c3:e8:a1:cd:a0:12:43:70:e1:79:34:29:b9:d1:
2a:eb:61:81:2e:29:62:b9:de:34:4f:b5:8f:f2:6e:
68:55:0a:eb:4a:37:11:a7:9f:a9:28:5c:0f:e9:f5:
6c:5a:ba:22:97:06:50:3e:6e:16:3f:7c:f2:5e:e9:
60:81:97:ba:69:24:a3:81:da:61:08:f0:b4:e2:85:
9d:a0:aa:f8:df:25:5c:f1:53:0e:82:fe:3f:0b:ba:
64:bf:1e:42:90:51:e0:b1:11:9b:7e:74:e1:d1:07:
ca:74:12:07:58:15:6f:72:fe:96:ac:e0:b4:65:17:
c1:41:e7:33:1e:7a:36:8d:c0:30:a0:8b:e4:07:b0:
ef:fe:8f:78:5d:3f:2e:a0:fc:d5:65:78:da:f9:a4:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C5:24:82:14:F9:F0:35:2D:02:D2:A9:5C:25:A8:C6:C9:AD:D2:2F
X509v3 Authority Key Identifier:
keyid:CF:DC:21:73:88:AA:7E:90:28:DD:1E:04:BA:64:29:13:52:D6:0B:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9whc4iqfpAo3R4EumQpE1LWC-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/rcUkghT58DUtAtKpXCWoxsmt0i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/z9whc4iqfpAo3R4EumQpE1LWC-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f6e0::/32
Signature Algorithm: sha256WithRSAEncryption
59:1b:32:b2:b3:c5:9d:5d:74:63:b3:c9:ef:c9:46:fb:e1:34:
fc:7d:19:a0:e7:dc:6e:7a:d0:09:91:d4:e8:1c:f3:f0:99:bd:
41:9b:29:69:4e:47:b8:64:df:87:c3:4c:f4:0d:65:dc:6b:d9:
1a:4c:94:37:48:fa:8b:4a:a1:ae:63:7c:9a:48:73:55:2c:0a:
aa:d8:28:83:31:b8:c5:58:a0:aa:56:ab:cb:17:56:1d:2a:85:
67:3e:69:7c:f0:96:96:27:65:03:33:22:40:a1:40:1f:75:93:
46:3e:b2:e0:c2:34:58:8a:33:92:d1:22:80:15:f0:01:ba:c3:
d8:6c:9b:20:3f:4b:23:d0:d3:cf:19:b7:2a:de:a1:61:66:46:
ec:17:c2:75:51:6a:b1:db:ff:56:12:fd:06:7f:b8:70:ad:a0:
4f:2b:13:10:2b:d5:4b:48:e2:10:63:e5:73:fe:43:71:78:e8:
1d:4c:cb:0d:a8:87:72:d4:d0:d3:4e:6b:20:3d:ae:f6:75:c6:
44:9a:c2:61:26:90:ff:cd:c4:cd:1b:a0:83:33:f2:5d:3c:80:
0e:79:a6:7b:42:44:e0:18:57:bc:c0:06:d3:b0:11:7c:a7:e8:
a5:c8:6c:3e:4a:27:83:54:41:b9:97:f4:64:71:6b:e5:0d:7e:
89:8a:71:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOq0+QVEY3mCliP4lkIQAAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGMyMTczODhhYTdlOTAyOGRkMWUwNGJhNjQyOTEzNTJk
NjBiZWYwHhcNMjQxMjA5MDk1MDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM1MjQ4MjE0ZjlmMDM1MmQwMmQyYTk1YzI1YThjNmM5YWRkMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA836SgsyM7nt9jE8WO7e6Q96D6M5B
KcsRJFY+IFOS8oeKeFpTBvFq45e4XOsprqy8/wjeUWJFAs3NUeYA21LunMH55Tzy
gKmRfCd5TV8OGERqP1ssUKyYXf4j0ZO1ikh7WwLQnRzIvAMnw+ihzaASQ3DheTQp
udEq62GBLiliud40T7WP8m5oVQrrSjcRp5+pKFwP6fVsWroilwZQPm4WP3zyXulg
gZe6aSSjgdphCPC04oWdoKr43yVc8VMOgv4/C7pkvx5CkFHgsRGbfnTh0QfKdBIH
WBVvcv6WrOC0ZRfBQeczHno2jcAwoIvkB7Dv/o94XT8uoPzVZXja+aRICwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK3FJIIU+fA1LQLSqVwlqMbJrdIvMB8GA1UdIwQY
MBaAFM/cIXOIqn6QKN0eBLpkKRNS1gvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejl3aGM0aXFmcEFvM1I0RXVtUXBFMUxXQy04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMjYwMjYtMTU5Ni00NGQ4LThhZjMt
NWU1YTYyNGQ3NGI4LzEvcmNVa2doVDU4RFV0QXRLcFhDV294c210MGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMjYwMjYtMTU5Ni00NGQ4LThhZjMtNWU1YTYyNGQ3NGI4
LzEvejl3aGM0aXFmcEFvM1I0RXVtUXBFMUxXQy04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgD24DAN
BgkqhkiG9w0BAQsFAAOCAQEAWRsysrPFnV10Y7PJ78lG++E0/H0ZoOfcbnrQCZHU
6Bzz8Jm9QZspaU5HuGTfh8NM9A1l3GvZGkyUN0j6i0qhrmN8mkhzVSwKqtgogzG4
xVigqlaryxdWHSqFZz5pfPCWlidlAzMiQKFAH3WTRj6y4MI0WIozktEigBXwAbrD
2GybID9LI9DTzxm3Kt6hYWZG7BfCdVFqsdv/VhL9Bn+4cK2gTysTECvVS0jiEGPl
c/5DcXjoHUzLDaiHctTQ005rID2u9nXGRJrCYSaQ/83EzRuggzPyXTyADnmme0JE
4BhXvMAG07ARfKfopchsPkong1RBuZf0ZHFr5Q1+iYpxwQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:28:50 2025 by rpki-client