Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/RxIihMiDY1u0K6yF33krnKCjKsQ.roa
File: RxIihMiDY1u0K6yF33krnKCjKsQ.roa (raw, json)
Hash identifier: NnbciHthF0lKeG3TXRZ9fSZra8BXpjsDnyiznEoikaw=
Subject key identifier: 47:12:22:84:C8:83:63:5B:B4:2B:AC:85:DF:79:2B:9C:A0:A3:2A:C4
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 018F209463C617362F79A968FC1F0EA67978
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/RxIihMiDY1u0K6yF33krnKCjKsQ.roa
Signing time: Sat 27 Apr 2024 17:22:26 +0000
ROA not before: Sat 27 Apr 2024 17:22:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a12:2ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Apr 2024 17:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:94:63:c6:17:36:2f:79:a9:68:fc:1f:0e:a6:79:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Apr 27 17:22:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47122284c883635bb42bac85df792b9ca0a32ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:dc:6f:43:6b:c9:cc:cd:f9:b9:8b:14:35:
ae:17:e7:5a:53:cf:b6:74:22:16:8e:e4:a7:10:3f:
90:71:af:8a:44:dd:42:94:ad:40:67:c5:64:41:64:
0c:5f:05:aa:57:1e:ba:1e:f6:1c:47:f1:d4:30:bd:
43:4b:4f:72:28:3b:34:f2:d3:e8:bb:b9:fb:b3:a9:
5c:fd:4c:e0:b6:ce:d7:80:54:e8:b5:41:fd:de:d5:
ee:59:3f:97:c2:9f:34:f5:bc:55:24:bf:12:64:06:
4e:87:82:42:bf:3e:15:52:e9:2c:c7:73:c0:c1:53:
95:a4:38:64:b0:fb:09:55:7d:ed:65:1e:34:fc:09:
30:f5:2b:50:3a:49:ec:f0:7e:81:b6:8e:22:e4:5d:
94:04:cc:e8:cd:f7:76:0b:00:56:5d:dc:e4:6f:10:
a9:77:77:e4:40:bb:35:f3:4c:92:ce:84:0f:a3:6e:
a1:45:72:5d:d2:57:32:af:48:af:e6:3e:69:3b:9d:
6d:d7:38:79:29:3b:20:69:6f:66:2f:39:08:fd:f0:
8c:74:f2:54:1a:d6:c7:48:4a:c9:7d:aa:f4:e9:d0:
4b:19:25:9a:fe:c0:41:30:4d:05:84:80:32:b4:54:
1d:7b:fe:a3:fc:6e:b3:7a:72:f7:44:46:8b:84:08:
45:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:12:22:84:C8:83:63:5B:B4:2B:AC:85:DF:79:2B:9C:A0:A3:2A:C4
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/RxIihMiDY1u0K6yF33krnKCjKsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
84:7e:20:23:4d:47:d6:3f:72:14:51:de:91:67:2e:1f:bb:64:
d9:b2:1f:24:a5:e4:53:ba:dd:fd:df:b5:92:2f:66:3b:0a:61:
d7:05:bc:43:75:1b:99:3b:ed:b7:56:01:c4:df:29:32:87:c8:
c1:eb:f3:9a:28:e3:ce:dd:b0:05:28:44:cc:2b:51:16:cd:7e:
b1:e2:69:c8:73:49:9f:46:54:1a:22:cb:1e:c1:79:d6:1a:59:
ac:1c:cf:96:3b:94:7a:90:cf:e4:45:f6:93:22:58:0c:e3:cb:
03:b6:7c:43:ba:c8:cc:26:5c:00:a9:40:59:fb:01:a4:9c:1c:
80:b0:ae:25:06:96:c5:f0:b4:af:b5:95:33:65:1c:32:30:9e:
db:99:a3:4e:c8:01:d3:c1:56:4d:0a:ea:c9:85:a6:e4:bd:18:
90:9a:af:da:f5:a7:bf:cd:b0:3e:4e:e6:1c:b0:28:cb:00:93:
23:df:d0:75:3f:8b:d4:21:75:95:00:92:2b:2c:97:79:bc:84:
2c:bc:c3:c4:97:a1:30:c8:61:68:e7:82:2e:7b:6b:53:08:f6:
c1:04:d4:40:74:d4:e3:70:c2:68:33:7c:6a:88:10:7e:82:ea:
e6:f6:9a:8a:43:00:b9:cb:70:d9:a1:91:df:bc:75:5f:00:f9:
07:9b:08:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8glGPGFzYvealo/B8Opnl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjQwNDI3MTcyMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzEyMjI4NGM4ODM2MzViYjQyYmFjODVkZjc5MmI5Y2EwYTMyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFXcb0NryczN+bmLFDWuF+daU8+2
dCIWjuSnED+Qca+KRN1ClK1AZ8VkQWQMXwWqVx66HvYcR/HUML1DS09yKDs08tPo
u7n7s6lc/Uzgts7XgFTotUH93tXuWT+Xwp809bxVJL8SZAZOh4JCvz4VUuksx3PA
wVOVpDhksPsJVX3tZR40/Akw9StQOkns8H6Bto4i5F2UBMzozfd2CwBWXdzkbxCp
d3fkQLs180ySzoQPo26hRXJd0lcyr0iv5j5pO51t1zh5KTsgaW9mLzkI/fCMdPJU
GtbHSErJfar06dBLGSWa/sBBME0FhIAytFQde/6j/G6zenL3REaLhAhF9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEcSIoTIg2NbtCushd95K5ygoyrEMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvUnhJaWhNaURZMXUwSzZ5RjMza3JuS0NqS3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIuwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhH4gI01H1j9yFFHekWcuH7tk2bIfJKXkU7rd/d+1
ki9mOwph1wW8Q3UbmTvtt1YBxN8pMofIwevzmijjzt2wBShEzCtRFs1+seJpyHNJ
n0ZUGiLLHsF51hpZrBzPljuUepDP5EX2kyJYDOPLA7Z8Q7rIzCZcAKlAWfsBpJwc
gLCuJQaWxfC0r7WVM2UcMjCe25mjTsgB08FWTQrqyYWm5L0YkJqv2vWnv82wPk7m
HLAoywCTI9/QdT+L1CF1lQCSKyyXebyELLzDxJehMMhhaOeCLntrUwj2wQTUQHTU
43DCaDN8aogQfoLq5vaaikMAuctw2aGR37x1XwD5B5sIPQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:15:17 2025 by rpki-client