Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/XAa7syxslC4asjevZpURrEGefkg.roa
File: XAa7syxslC4asjevZpURrEGefkg.roa (raw, json)
Hash identifier: +lTR801xlfBeDqjM6nLTz/QZcF2xO3igYrianl8V8/I=
Subject key identifier: 5C:06:BB:B3:2C:6C:94:2E:1A:B2:37:AF:66:95:11:AC:41:9E:7E:48
Certificate issuer: /CN=5754d19527fd85d0d444acadd44a01655fdc7400
Certificate serial: 0193B792AA6BDE48D4FE56968C4C1294AEC3
Authority key identifier: 57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/XAa7syxslC4asjevZpURrEGefkg.roa
Signing time: Wed 11 Dec 2024 21:14:22 +0000
ROA not before: Wed 11 Dec 2024 21:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:a640:10a0::/44 maxlen: 48
2a00:a640:20a0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b7:92:aa:6b:de:48:d4:fe:56:96:8c:4c:12:94:ae:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5754d19527fd85d0d444acadd44a01655fdc7400
Validity
Not Before: Dec 11 21:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c06bbb32c6c942e1ab237af669511ac419e7e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:84:57:f1:7a:3d:00:ba:6d:4a:f0:3a:51:b7:
85:45:d0:26:ba:cc:e8:02:88:48:37:0e:97:7a:90:
8d:fb:4c:39:cf:7d:2e:68:f2:a3:64:de:88:aa:bc:
b9:2f:b2:ac:63:88:1b:3d:eb:70:c8:30:0c:01:b4:
d6:d3:31:1a:2d:b8:ce:fe:b8:15:8f:b6:d9:12:2b:
6a:dc:56:0f:00:4a:49:28:2b:16:c8:e8:ae:b8:22:
fa:ac:ba:9c:82:e4:0f:a8:98:03:41:eb:8e:2a:e3:
10:0f:35:95:4e:57:c7:2c:c1:6c:f8:b9:a2:15:ee:
ae:63:dc:78:de:86:a8:b3:74:83:52:98:23:30:15:
cf:76:d5:d4:e8:39:a1:60:e8:e9:fa:9f:b1:bd:75:
e7:69:7d:15:d9:1a:1a:1b:7a:fb:7a:79:0c:bd:ae:
09:fd:1e:e9:2a:aa:41:bb:b8:47:4b:4e:06:d8:28:
f7:a1:87:5e:b8:b2:fe:ec:77:0e:02:d4:0e:de:be:
70:bb:6b:24:e5:a0:f3:06:57:10:3b:17:41:c2:ce:
dc:14:db:29:67:ca:d9:6b:76:98:b5:a8:20:9d:6a:
1f:a6:2c:77:55:97:86:4a:b3:23:e5:e1:7f:de:01:
0b:21:39:c4:b2:39:ce:03:12:13:3a:fa:a7:f5:62:
ed:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:06:BB:B3:2C:6C:94:2E:1A:B2:37:AF:66:95:11:AC:41:9E:7E:48
X509v3 Authority Key Identifier:
keyid:57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/XAa7syxslC4asjevZpURrEGefkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:a640:10a0::/44
2a00:a640:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
24:e4:00:83:d2:5d:b5:69:f6:c9:f5:df:68:47:38:62:a8:5e:
08:f0:a0:a3:5c:ef:c2:6e:34:89:c2:1a:d1:49:22:f0:67:39:
4c:73:78:f1:7e:9b:8b:5b:e7:2d:f0:a7:d9:1c:ad:18:31:90:
13:d0:4d:cf:b0:c4:9e:99:19:ee:9e:54:e9:be:6a:0b:c1:c5:
28:46:74:6d:dd:f2:f2:8f:78:01:c6:64:91:ee:2f:79:d5:d5:
50:c8:46:08:74:e0:a0:68:64:2a:1c:6b:6a:ca:0c:2f:02:6e:
fc:16:cb:ee:e2:d8:6c:31:fd:8d:13:c3:19:a7:c6:a8:8c:3e:
85:92:12:22:fc:cc:0f:f4:5e:1a:84:e5:63:79:e3:e2:fa:ed:
0a:04:35:fd:42:fc:3a:9e:bf:42:f4:ad:d0:6a:8e:51:4e:36:
70:83:31:4d:4c:bc:de:b8:e3:6f:b8:2d:24:c9:91:0b:61:c6:
8d:ad:5f:48:73:b1:39:23:4a:c4:6b:97:e6:1f:dd:12:58:73:
a7:2c:bc:3a:5f:37:13:32:75:d2:fd:ec:0c:6d:fc:f3:cd:af:
64:bd:51:8a:0b:ac:0b:0a:42:f4:e3:a3:6d:51:7f:6c:9a:a2:
2b:08:8b:49:6d:65:ce:09:ca:5d:23:3c:42:d8:28:ff:62:58:
e0:fb:06:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZO3kqpr3kjU/laWjEwSlK7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTRkMTk1MjdmZDg1ZDBkNDQ0YWNhZGQ0NGEwMTY1NWZk
Yzc0MDAwHhcNMjQxMjExMjExNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA2YmJiMzJjNmM5NDJlMWFiMjM3YWY2Njk1MTFhYzQxOWU3ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIRX8Xo9ALptSvA6UbeFRdAmuszo
AohINw6XepCN+0w5z30uaPKjZN6Iqry5L7KsY4gbPetwyDAMAbTW0zEaLbjO/rgV
j7bZEitq3FYPAEpJKCsWyOiuuCL6rLqcguQPqJgDQeuOKuMQDzWVTlfHLMFs+Lmi
Fe6uY9x43oaos3SDUpgjMBXPdtXU6DmhYOjp+p+xvXXnaX0V2RoaG3r7enkMva4J
/R7pKqpBu7hHS04G2Cj3oYdeuLL+7HcOAtQO3r5wu2sk5aDzBlcQOxdBws7cFNsp
Z8rZa3aYtaggnWofpix3VZeGSrMj5eF/3gELITnEsjnOAxITOvqn9WLt0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFwGu7MsbJQuGrI3r2aVEaxBnn5IMB8GA1UdIwQY
MBaAFFdU0ZUn/YXQ1ESsrdRKAWVf3HQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYt
MTE3NzYwMzE0MTVmLzEvWEFhN3N5eHNsQzRhc2pldlpwVVJyRUdlZmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYtMTE3NzYwMzE0MTVm
LzEvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgCmQBCg
AwcEKgCmQCCgMA0GCSqGSIb3DQEBCwUAA4IBAQAk5ACD0l21afbJ9d9oRzhiqF4I
8KCjXO/CbjSJwhrRSSLwZzlMc3jxfpuLW+ct8KfZHK0YMZAT0E3PsMSemRnunlTp
vmoLwcUoRnRt3fLyj3gBxmSR7i951dVQyEYIdOCgaGQqHGtqygwvAm78Fsvu4ths
Mf2NE8MZp8aojD6FkhIi/MwP9F4ahOVjeePi+u0KBDX9Qvw6nr9C9K3Qao5RTjZw
gzFNTLzeuONvuC0kyZELYcaNrV9Ic7E5I0rEa5fmH90SWHOnLLw6XzcTMnXS/ewM
bfzzza9kvVGKC6wLCkL046NtUX9smqIrCItJbWXOCcpdIzxC2Cj/Yljg+wYQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:55:45 2025 by rpki-client