Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oeYjG9NIDiIgZTqviVdPGvWPWRk.roa
File: oeYjG9NIDiIgZTqviVdPGvWPWRk.roa (raw, json)
Hash identifier: UHiAiGHhHrfbfHeHUX6vQ+2jDpWnzGQflKVSYdeNOYU=
Subject key identifier: A1:E6:23:1B:D3:48:0E:22:20:65:3A:AF:89:57:4F:1A:F5:8F:59:19
Certificate issuer: /CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Certificate serial: 01939C29740E5C7E656F03ED0BEC242B68E8
Authority key identifier: A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oeYjG9NIDiIgZTqviVdPGvWPWRk.roa
Signing time: Fri 06 Dec 2024 13:29:42 +0000
ROA not before: Fri 06 Dec 2024 13:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213758
IP address blocks: 2a0c:f686::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Dec 2024 18:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:29:74:0e:5c:7e:65:6f:03:ed:0b:ec:24:2b:68:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Validity
Not Before: Dec 6 13:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1e6231bd3480e2220653aaf89574f1af58f5919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f2:dd:1c:cb:8d:12:83:58:a5:e1:ef:f2:0e:
5d:08:0d:a5:3b:1c:b1:69:12:df:f7:c0:cd:ee:47:
aa:39:87:bf:50:65:27:5e:46:01:9c:3b:cf:f4:80:
7d:d7:5c:c8:6d:e5:c0:e8:9d:c4:ab:b8:75:28:7b:
45:78:ad:ae:17:bf:38:85:cc:f0:1d:ed:e4:15:be:
5f:51:b9:44:d3:94:8d:1e:6b:ce:30:30:78:2e:4b:
b3:72:df:26:5d:6c:e9:de:e8:65:12:d0:3a:4a:a0:
72:74:b4:21:bc:b6:24:57:fd:bb:c5:ce:47:98:81:
b3:81:30:6e:77:33:d6:0d:73:79:36:97:1c:27:65:
8d:37:0b:2d:f5:1b:41:bd:c8:4a:4f:b5:e1:f9:fc:
82:8a:c2:af:7e:04:1f:6d:e3:df:de:6d:31:57:dc:
96:b7:7f:46:64:2b:d8:55:fa:58:52:46:5c:60:70:
98:25:63:46:63:33:3f:86:15:89:6e:de:5f:cf:98:
a2:ce:e7:c7:b4:65:00:37:65:f9:12:4f:d2:3c:d0:
d9:58:60:c8:96:56:c7:5e:23:21:25:1e:ca:d3:92:
ba:ab:9c:86:44:a1:e5:71:b4:33:a2:e2:0a:4b:a2:
8c:3a:aa:97:d4:58:b6:99:60:d0:aa:22:0f:e9:4e:
6d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E6:23:1B:D3:48:0E:22:20:65:3A:AF:89:57:4F:1A:F5:8F:59:19
X509v3 Authority Key Identifier:
keyid:A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oeYjG9NIDiIgZTqviVdPGvWPWRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:f686::/32
Signature Algorithm: sha256WithRSAEncryption
04:6b:77:4f:05:01:8c:01:ca:6c:db:47:a5:df:6e:34:fd:69:
55:e6:d5:8e:0e:02:28:1a:a7:d7:37:40:ed:b1:d9:3f:c5:0e:
7f:0c:66:a6:e7:4c:9d:21:1c:e0:18:ad:8d:96:0c:c6:0f:f2:
c9:cd:6b:53:ec:7b:24:d9:7f:0b:d2:2e:c0:dc:89:10:a8:41:
21:70:76:94:18:a6:60:fb:09:89:c9:3a:0a:41:98:e0:ed:61:
54:a1:3f:9c:44:20:1f:fe:15:ab:68:0a:f2:3d:a3:ee:c2:13:
3b:7a:1f:ef:ae:bb:c9:b0:a7:2d:40:e6:6b:b8:c8:85:dd:45:
bd:6e:ca:3c:9b:1e:39:39:77:f0:1b:bf:00:81:6a:b3:65:41:
17:8e:bb:f4:fa:b8:7b:a7:a6:0f:c8:23:a1:34:e6:90:ad:d7:
54:d4:63:ab:ff:5d:76:c6:10:a1:83:36:62:8a:80:a8:38:dc:
e0:9a:d4:10:f6:9b:9a:e5:8f:63:4b:c3:92:75:eb:ee:fe:1d:
09:a9:8b:22:4d:ea:b9:84:aa:2e:e1:84:a4:eb:72:d1:a5:7b:
8a:5a:4e:8b:8d:e5:05:c7:8f:55:68:da:a8:d7:03:07:77:c5:
be:06:32:a8:2d:2a:0b:b3:45:0d:5b:cc:3e:50:db:c1:07:dc:
4b:3b:5d:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOcKXQOXH5lbwPtC+wkK2joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2Y2ZTJiNjBjYTQ2NDcwMGRkOGUyOGZiYTBkYWFkYzJj
NDBjZWQwHhcNMjQxMjA2MTMyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU2MjMxYmQzNDgwZTIyMjA2NTNhYWY4OTU3NGYxYWY1OGY1OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPLdHMuNEoNYpeHv8g5dCA2lOxyx
aRLf98DN7keqOYe/UGUnXkYBnDvP9IB911zIbeXA6J3Eq7h1KHtFeK2uF784hczw
He3kFb5fUblE05SNHmvOMDB4Lkuzct8mXWzp3uhlEtA6SqBydLQhvLYkV/27xc5H
mIGzgTBudzPWDXN5NpccJ2WNNwst9RtBvchKT7Xh+fyCisKvfgQfbePf3m0xV9yW
t39GZCvYVfpYUkZcYHCYJWNGYzM/hhWJbt5fz5iizufHtGUAN2X5Ek/SPNDZWGDI
llbHXiMhJR7K05K6q5yGRKHlcbQzouIKS6KMOqqX1Fi2mWDQqiIP6U5tPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKHmIxvTSA4iIGU6r4lXTxr1j1kZMB8GA1UdIwQY
MBaAFKB/bitgykZHAN2OKPug2q3CxAztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGIt
YmNiNzI0YmMyNjg0LzEvb2VZakc5TklEaUlnWlRxdmlWZFBHdldQV1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGItYmNiNzI0YmMyNjg0
LzEvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgz2hjAN
BgkqhkiG9w0BAQsFAAOCAQEABGt3TwUBjAHKbNtHpd9uNP1pVebVjg4CKBqn1zdA
7bHZP8UOfwxmpudMnSEc4BitjZYMxg/yyc1rU+x7JNl/C9IuwNyJEKhBIXB2lBim
YPsJick6CkGY4O1hVKE/nEQgH/4Vq2gK8j2j7sITO3of7667ybCnLUDma7jIhd1F
vW7KPJseOTl38Bu/AIFqs2VBF4679Pq4e6emD8gjoTTmkK3XVNRjq/9ddsYQoYM2
YoqAqDjc4JrUEPabmuWPY0vDknXr7v4dCamLIk3quYSqLuGEpOty0aV7ilpOi43l
BcePVWjaqNcDB3fFvgYyqC0qC7NFDVvMPlDbwQfcSztd0w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:02:21 2025 by rpki-client