Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c230b5-4791-48d0-b887-b34d649cfb7b/1/sDEhvtVhzGLBi4dOLMWIwyLKB8k.roa
File: sDEhvtVhzGLBi4dOLMWIwyLKB8k.roa (raw, json)
Hash identifier: aoD7XOYGgosRMHVL+9W6hWuaCfDorvPz4PrVJr4lLg0=
Subject key identifier: B0:31:21:BE:D5:61:CC:62:C1:8B:87:4E:2C:C5:88:C3:22:CA:07:C9
Certificate issuer: /CN=6faf48b02b97dc2d312250aa234083b8c1bb9e81
Certificate serial: 01951F0B81B6453BBF3A34CE266ED9414031
Authority key identifier: 6F:AF:48:B0:2B:97:DC:2D:31:22:50:AA:23:40:83:B8:C1:BB:9E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b69IsCuX3C0xIlCqI0CDuMG7noE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c230b5-4791-48d0-b887-b34d649cfb7b/1/sDEhvtVhzGLBi4dOLMWIwyLKB8k.roa
Signing time: Wed 19 Feb 2025 16:30:02 +0000
ROA not before: Wed 19 Feb 2025 16:30:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214586
IP address blocks: 2001:30c7:ffff:ffff::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 24 Feb 2025 15:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:0b:81:b6:45:3b:bf:3a:34:ce:26:6e:d9:41:40:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6faf48b02b97dc2d312250aa234083b8c1bb9e81
Validity
Not Before: Feb 19 16:30:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b03121bed561cc62c18b874e2cc588c322ca07c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:75:17:4b:5d:1d:0e:0f:50:5d:d2:ff:3e:8d:
60:4d:98:0d:4c:64:b0:02:60:d3:35:18:22:51:1f:
08:9f:a8:b6:bb:8f:e1:76:fe:76:91:a9:77:12:c9:
e0:59:02:9c:47:af:74:2f:79:4d:81:d3:21:b8:39:
d7:6e:e5:d7:05:13:f9:4a:c8:cc:59:e9:86:83:95:
75:54:8d:9e:29:f8:50:ff:b0:87:ec:1f:f8:09:37:
7a:2b:91:83:64:9e:1b:20:60:71:3f:48:4b:90:d8:
ff:0a:0b:bd:e8:8f:31:92:4f:27:1d:d8:d4:12:d3:
5a:74:5f:c3:ce:fe:a1:72:e1:af:b2:f2:bd:8c:3f:
19:65:91:ea:5a:fe:e6:51:75:99:6b:9d:e3:13:8c:
03:1e:0e:c0:c1:25:1c:8a:16:a4:ff:b6:8e:33:20:
aa:cb:9d:72:3b:99:79:48:91:e3:db:30:81:4c:3b:
7f:63:b0:8c:8f:21:0c:ac:9a:96:c1:f1:35:a4:23:
f8:94:53:ee:7f:9c:c6:61:86:99:c7:0c:01:7b:32:
93:1a:25:05:2f:59:0e:6c:27:f2:dd:5a:08:9f:46:
21:e9:9b:b1:bd:50:0b:c4:f6:41:31:e1:e5:64:2a:
91:a8:2f:0b:c5:ab:6d:b5:f2:7c:aa:a4:7b:55:6e:
95:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:31:21:BE:D5:61:CC:62:C1:8B:87:4E:2C:C5:88:C3:22:CA:07:C9
X509v3 Authority Key Identifier:
keyid:6F:AF:48:B0:2B:97:DC:2D:31:22:50:AA:23:40:83:B8:C1:BB:9E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b69IsCuX3C0xIlCqI0CDuMG7noE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c230b5-4791-48d0-b887-b34d649cfb7b/1/sDEhvtVhzGLBi4dOLMWIwyLKB8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c230b5-4791-48d0-b887-b34d649cfb7b/1/b69IsCuX3C0xIlCqI0CDuMG7noE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:30c7:ffff:ffff::/64
Signature Algorithm: sha256WithRSAEncryption
90:19:61:7e:20:a5:79:a5:f4:28:a8:d3:cd:59:43:77:e0:a6:
6c:0f:04:ba:24:12:fb:13:41:49:d6:00:a8:8b:11:44:83:1a:
c3:06:60:27:c9:e0:92:b8:80:8f:ed:83:20:0e:33:07:84:d9:
4d:54:94:68:e9:13:95:f3:34:94:4a:19:5d:1c:6d:eb:85:1d:
28:bc:f7:c7:30:e9:ef:f4:c8:b9:2e:0d:f5:eb:7d:8b:88:a7:
65:cb:2f:17:44:2e:5c:9e:e6:c9:f1:dc:5d:9e:4b:71:2f:ca:
71:db:82:e8:a7:70:34:ee:da:2e:6f:82:bc:e3:68:8c:eb:58:
3a:20:d9:db:b8:e6:bb:39:4e:04:42:02:bc:a8:09:43:09:da:
9c:2a:08:40:e7:3c:b5:44:c0:74:3c:21:22:2c:03:3d:71:54:
19:41:71:dd:22:89:b6:73:18:08:b0:44:f6:fa:0c:e9:a2:da:
ba:4a:93:2c:d2:a1:e2:00:bd:42:9a:34:5a:bf:24:da:f2:3d:
3e:a2:42:94:ac:7f:6b:fd:6f:82:45:37:84:79:a3:be:09:07:
1c:e4:63:14:82:6f:c1:b3:06:fc:8f:01:c6:d2:65:64:71:76:
c9:31:4e:d3:43:60:c0:18:ec:2b:4f:b2:db:39:10:92:16:fc:
7a:5c:ba:95
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZUfC4G2RTu/OjTOJm7ZQUAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWY0OGIwMmI5N2RjMmQzMTIyNTBhYTIzNDA4M2I4YzFi
YjllODEwHhcNMjUwMjE5MTYzMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDMxMjFiZWQ1NjFjYzYyYzE4Yjg3NGUyY2M1ODhjMzIyY2EwN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnUXS10dDg9QXdL/Po1gTZgNTGSw
AmDTNRgiUR8In6i2u4/hdv52kal3EsngWQKcR690L3lNgdMhuDnXbuXXBRP5SsjM
WemGg5V1VI2eKfhQ/7CH7B/4CTd6K5GDZJ4bIGBxP0hLkNj/Cgu96I8xkk8nHdjU
EtNadF/Dzv6hcuGvsvK9jD8ZZZHqWv7mUXWZa53jE4wDHg7AwSUcihak/7aOMyCq
y51yO5l5SJHj2zCBTDt/Y7CMjyEMrJqWwfE1pCP4lFPuf5zGYYaZxwwBezKTGiUF
L1kObCfy3VoIn0Yh6ZuxvVALxPZBMeHlZCqRqC8LxatttfJ8qqR7VW6VdQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFLAxIb7VYcxiwYuHTizFiMMiygfJMB8GA1UdIwQY
MBaAFG+vSLArl9wtMSJQqiNAg7jBu56BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjY5SXNDdVgzQzB4SWxDcUkwQ0R1TUc3bm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMjMwYjUtNDc5MS00OGQwLWI4ODct
YjM0ZDY0OWNmYjdiLzEvc0RFaHZ0Vmh6R0xCaTRkT0xNV0l3eUxLQjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMjMwYjUtNDc5MS00OGQwLWI4ODctYjM0ZDY0OWNmYjdi
LzEvYjY5SXNDdVgzQzB4SWxDcUkwQ0R1TUc3bm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAIAEwx///
//8wDQYJKoZIhvcNAQELBQADggEBAJAZYX4gpXml9Cio081ZQ3fgpmwPBLokEvsT
QUnWAKiLEUSDGsMGYCfJ4JK4gI/tgyAOMweE2U1UlGjpE5XzNJRKGV0cbeuFHSi8
98cw6e/0yLkuDfXrfYuIp2XLLxdELlye5snx3F2eS3EvynHbguincDTu2i5vgrzj
aIzrWDog2du45rs5TgRCAryoCUMJ2pwqCEDnPLVEwHQ8ISIsAz1xVBlBcd0iibZz
GAiwRPb6DOmi2rpKkyzSoeIAvUKaNFq/JNryPT6iQpSsf2v9b4JFN4R5o74JBxzk
YxSCb8GzBvyPAcbSZWRxdskxTtNDYMAY7CtPsts5EJIW/HpcupU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:01:52 2025 by rpki-client