Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/aJpC_KY0hVhwM-m4fVeYsBJjYII.roa
File: aJpC_KY0hVhwM-m4fVeYsBJjYII.roa (raw, json)
Hash identifier: LS2TdxeVa1+63YDXflJVoPP+ed+nD1WRNcLn1D7cwAg=
Subject key identifier: 68:9A:42:FC:A6:34:85:58:70:33:E9:B8:7D:57:98:B0:12:63:60:82
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 0193634A65E068B620446FF12C2395999B76
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/aJpC_KY0hVhwM-m4fVeYsBJjYII.roa
Signing time: Mon 25 Nov 2024 12:27:20 +0000
ROA not before: Mon 25 Nov 2024 12:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:7f40::/32 maxlen: 32
2a0e:7f41::/32 maxlen: 32
2a0e:7f43::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:4a:65:e0:68:b6:20:44:6f:f1:2c:23:95:99:9b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Nov 25 12:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=689a42fca63485587033e9b87d5798b012636082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:65:21:e7:07:17:5f:51:84:32:37:5b:20:1d:
aa:38:72:97:85:3c:fc:3f:3c:a9:1f:a5:8e:a1:fd:
5d:90:43:35:2d:0a:b6:a6:35:15:29:e7:51:a3:72:
0c:18:ea:21:88:b7:5e:e3:a4:97:df:61:fa:f5:f1:
4f:31:5b:50:c4:bb:97:03:21:06:aa:60:e9:ce:57:
f9:1f:35:2e:37:a3:f2:b3:b9:33:29:65:b8:c2:61:
95:28:30:f9:fd:04:c8:95:c7:47:8e:60:e0:ba:a5:
1e:6b:d8:d9:dc:1a:06:b6:db:00:4c:c8:f3:c2:15:
3e:c3:23:62:eb:8e:d6:95:57:e7:95:25:60:aa:14:
3d:bd:c6:df:73:92:3e:8c:03:e1:b1:12:a6:71:b2:
73:0c:68:35:d1:70:d2:74:c2:75:49:5a:68:ce:59:
78:11:04:0d:22:0e:36:fb:04:85:78:1f:00:12:a3:
9f:f2:1b:8f:84:ea:fb:b1:59:19:88:94:47:e6:f2:
df:10:8c:f3:4e:6d:94:a1:9d:8e:d9:ad:fd:bb:ef:
1a:4a:fa:fa:67:44:76:33:0c:ea:7e:8e:3e:c5:12:
0b:9c:43:65:c9:03:8d:c1:52:1f:8f:b7:0b:2e:c8:
e2:50:5e:9b:9c:70:cf:28:5d:dc:82:74:ad:b4:83:
81:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9A:42:FC:A6:34:85:58:70:33:E9:B8:7D:57:98:B0:12:63:60:82
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/aJpC_KY0hVhwM-m4fVeYsBJjYII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/31
2a0e:7f43::/32
Signature Algorithm: sha256WithRSAEncryption
58:bf:31:be:27:bc:88:9b:83:b8:e5:68:c5:74:84:17:74:a8:
45:a1:e5:a0:0a:6f:87:18:99:a0:5b:dc:e9:9c:36:4c:95:bb:
c5:bc:64:31:56:38:bc:29:ba:eb:ef:f1:12:a7:6d:7a:11:dc:
03:99:d3:66:9b:33:9b:95:3a:7e:b1:a4:8e:9c:9f:2d:de:f8:
73:08:99:4a:fe:36:dc:ea:b6:bd:e7:1e:11:9d:0f:d5:32:c3:
6e:33:7f:f0:f5:8a:8c:73:7b:2a:55:37:f5:7a:4b:ae:da:9e:
89:65:d2:aa:3e:e9:62:14:15:ab:70:9f:00:7d:a0:01:38:a9:
1b:86:46:7d:62:da:82:b5:ec:fe:d1:e6:18:eb:05:ce:3d:73:
a9:02:91:59:89:8a:63:b3:3a:cf:3a:4a:1f:ca:93:09:ef:29:
f6:8b:3f:1f:e4:2e:9c:9e:63:0a:2a:fa:ca:a5:87:23:85:b3:
89:52:39:29:16:fa:25:c2:c7:53:e3:3e:6c:49:a3:d7:ad:0f:
76:31:7e:48:4f:eb:4d:67:02:3e:39:f6:ae:e8:66:b6:8e:85:
55:90:de:d5:2d:3f:df:0b:e6:09:5e:62:b6:5b:5e:82:d8:3b:
9b:86:3d:52:e2:32:8c:5a:9b:cd:fc:7f:ad:df:68:a0:0e:ce:
69:b6:d8:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNjSmXgaLYgRG/xLCOVmZt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQxMTI1MTIyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODlhNDJmY2E2MzQ4NTU4NzAzM2U5Yjg3ZDU3OThiMDEyNjM2MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmUh5wcXX1GEMjdbIB2qOHKXhTz8
PzypH6WOof1dkEM1LQq2pjUVKedRo3IMGOohiLde46SX32H69fFPMVtQxLuXAyEG
qmDpzlf5HzUuN6Pys7kzKWW4wmGVKDD5/QTIlcdHjmDguqUea9jZ3BoGttsATMjz
whU+wyNi647WlVfnlSVgqhQ9vcbfc5I+jAPhsRKmcbJzDGg10XDSdMJ1SVpozll4
EQQNIg42+wSFeB8AEqOf8huPhOr7sVkZiJRH5vLfEIzzTm2UoZ2O2a39u+8aSvr6
Z0R2Mwzqfo4+xRILnENlyQONwVIfj7cLLsjiUF6bnHDPKF3cgnSttIOBPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGiaQvymNIVYcDPpuH1XmLASY2CCMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvYUpwQ19LWTBoVmh3TS1tNGZWZVlzQkpqWUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKg5/QAMF
ACoOf0MwDQYJKoZIhvcNAQELBQADggEBAFi/Mb4nvIibg7jlaMV0hBd0qEWh5aAK
b4cYmaBb3OmcNkyVu8W8ZDFWOLwpuuvv8RKnbXoR3AOZ02abM5uVOn6xpI6cny3e
+HMImUr+Ntzqtr3nHhGdD9Uyw24zf/D1ioxzeypVN/V6S67anoll0qo+6WIUFatw
nwB9oAE4qRuGRn1i2oK17P7R5hjrBc49c6kCkVmJimOzOs86Sh/KkwnvKfaLPx/k
LpyeYwoq+sqlhyOFs4lSOSkW+iXCx1PjPmxJo9etD3YxfkhP601nAj459q7oZraO
hVWQ3tUtP98L5gleYrZbXoLYO5uGPVLiMoxam838f63faKAOzmm22PQ=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:08 2025 by rpki-client