Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gH5Xaznlr9k6wKzh6JQB0EKAlUY.roa
File: gH5Xaznlr9k6wKzh6JQB0EKAlUY.roa (raw, json)
Hash identifier: xOiVazUlKemaYhxeEvq30gKaMofsfIoNr6UzwT8qpAI=
Subject key identifier: 80:7E:57:6B:39:E5:AF:D9:3A:C0:AC:E1:E8:94:01:D0:42:80:95:46
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B682D4F0F9F006B22E409EAF8D321E
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gH5Xaznlr9k6wKzh6JQB0EKAlUY.roa
Signing time: Thu 02 Jan 2025 15:50:59 +0000
ROA not before: Thu 02 Jan 2025 15:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43639
IP address blocks: 2.16.55.0/24 maxlen: 24
2a02:26f0:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Jan 2025 11:19:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:82:d4:f0:f9:f0:06:b2:2e:40:9e:af:8d:32:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=807e576b39e5afd93ac0ace1e89401d042809546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:08:76:40:91:62:4a:7a:e7:b8:d6:8f:c6:45:
50:b0:ca:25:8d:75:e3:29:b2:65:9f:a9:d7:f6:1b:
19:50:1b:82:a6:24:be:e0:f9:7a:53:c4:f9:98:d1:
4b:8b:cb:7b:12:87:67:7e:20:e0:c4:80:67:4a:d8:
31:4a:15:ce:bf:77:b2:6e:b0:d1:f6:4e:61:7e:5b:
89:00:e8:0c:39:1a:da:3f:ad:61:46:7d:02:ec:90:
96:8b:be:38:a3:c0:10:ae:af:e0:cd:37:93:14:22:
2a:7c:0f:fd:b4:6a:28:5c:ca:06:af:dc:59:55:33:
86:e5:bd:5a:ea:6a:0c:40:53:4d:36:37:7f:be:11:
81:b1:84:27:c7:5d:d9:7a:62:9b:9b:fa:44:c9:0b:
d7:cf:f5:c9:72:90:6d:b1:49:90:74:98:f1:15:03:
eb:ac:ee:01:de:4c:52:b6:c2:49:bf:43:ea:65:0b:
a9:7b:ef:a0:6e:40:9f:fe:df:df:c8:45:51:41:d1:
da:2f:84:68:af:88:5f:7a:b7:fc:cd:7d:0d:e2:5b:
5c:4d:30:30:13:0e:7a:0f:64:62:18:0f:62:34:db:
22:d1:3d:13:48:4c:81:1e:dc:51:2a:b5:b3:04:b8:
c4:7e:6c:c7:ef:08:63:d1:b0:b9:d6:1f:eb:17:79:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7E:57:6B:39:E5:AF:D9:3A:C0:AC:E1:E8:94:01:D0:42:80:95:46
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gH5Xaznlr9k6wKzh6JQB0EKAlUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.55.0/24
IPv6:
2a02:26f0:80::/48
Signature Algorithm: sha256WithRSAEncryption
89:b2:ae:3f:26:1a:5d:df:4e:e5:ab:96:b8:5d:04:08:30:47:
bf:b4:5d:2f:85:a3:a5:08:da:02:bf:7a:b9:e4:0d:1a:c8:f2:
3b:69:4b:26:6d:f8:7f:58:cb:a1:ac:7b:58:b5:e4:8c:04:94:
51:23:05:6f:7f:80:49:02:6c:fd:36:06:7c:63:ac:4b:99:17:
28:73:08:45:25:53:b8:f8:d5:18:25:58:ef:b9:3b:2d:63:9a:
69:16:53:79:9f:b1:b1:e4:53:0f:24:fb:85:5d:af:f6:7a:a9:
14:2b:42:e1:9b:08:31:0d:20:cc:85:37:18:d8:d0:a5:a0:7b:
c9:78:46:96:9c:fa:73:5e:34:c0:17:cf:d9:b5:bc:a7:75:99:
26:58:58:9a:7c:31:b2:2f:06:2d:1b:9e:cb:8d:69:ea:9f:73:
42:1a:2f:23:22:60:32:78:3d:42:8f:63:01:57:09:c9:89:57:
31:5e:90:26:00:b4:fc:25:9a:f7:ea:40:0f:4c:75:b5:d9:56:
6d:b7:1f:0e:8a:c6:77:0c:12:1f:08:c7:b3:c7:0a:6d:ef:52:
a3:2d:17:af:4a:01:07:ae:fa:32:36:f0:51:1c:91:0e:6c:61:
05:d7:90:0c:12:26:86:57:89:19:a8:3a:20:1b:1f:eb:3d:48:
16:2f:67:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntoLU8PnwBrIuQJ6vjTIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdlNTc2YjM5ZTVhZmQ5M2FjMGFjZTFlODk0MDFkMDQyODA5NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ah2QJFiSnrnuNaPxkVQsMoljXXj
KbJln6nX9hsZUBuCpiS+4Pl6U8T5mNFLi8t7EodnfiDgxIBnStgxShXOv3eybrDR
9k5hfluJAOgMORraP61hRn0C7JCWi744o8AQrq/gzTeTFCIqfA/9tGooXMoGr9xZ
VTOG5b1a6moMQFNNNjd/vhGBsYQnx13ZemKbm/pEyQvXz/XJcpBtsUmQdJjxFQPr
rO4B3kxStsJJv0PqZQupe++gbkCf/t/fyEVRQdHaL4Ror4hferf8zX0N4ltcTTAw
Ew56D2RiGA9iNNsi0T0TSEyBHtxRKrWzBLjEfmzH7whj0bC51h/rF3kB3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIB+V2s55a/ZOsCs4eiUAdBCgJVGMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZ0g1WGF6bmxyOWs2d0t6aDZKUUIwRUtBbFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAAhA3MA8E
AgACMAkDBwAqAibwAIAwDQYJKoZIhvcNAQELBQADggEBAImyrj8mGl3fTuWrlrhd
BAgwR7+0XS+Fo6UI2gK/ernkDRrI8jtpSyZt+H9Yy6Gse1i15IwElFEjBW9/gEkC
bP02BnxjrEuZFyhzCEUlU7j41RglWO+5Oy1jmmkWU3mfsbHkUw8k+4Vdr/Z6qRQr
QuGbCDENIMyFNxjY0KWge8l4Rpac+nNeNMAXz9m1vKd1mSZYWJp8MbIvBi0bnsuN
aeqfc0IaLyMiYDJ4PUKPYwFXCcmJVzFekCYAtPwlmvfqQA9MdbXZVm23Hw6KxncM
Eh8Ix7PHCm3vUqMtF69KAQeu+jI28FEckQ5sYQXXkAwSJoZXiRmoOiAbH+s9SBYv
Z8A=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:42:04 2025 by rpki-client