Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/2VgkDJwrx47d82qh1XR8C0RjG4g.roa
File: 2VgkDJwrx47d82qh1XR8C0RjG4g.roa (raw, json)
Hash identifier: RhaCqpTxCHc8K/G1t8WOryOLjuJj2w/X63KYF3vKaSk=
Subject key identifier: D9:58:24:0C:9C:2B:C7:8E:DD:F3:6A:A1:D5:74:7C:0B:44:63:1B:88
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01920AA1CCC3F23E846B101C0366063D4D43
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/2VgkDJwrx47d82qh1XR8C0RjG4g.roa
Signing time: Thu 19 Sep 2024 14:13:48 +0000
ROA not before: Thu 19 Sep 2024 14:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60912
IP address blocks: 2a0d:f740::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Sep 2024 15:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:a1:cc:c3:f2:3e:84:6b:10:1c:03:66:06:3d:4d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Sep 19 14:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d958240c9c2bc78eddf36aa1d5747c0b44631b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:7f:cb:87:9a:11:98:f6:d1:a2:27:44:57:
7c:9e:04:c4:84:10:f7:c7:83:49:44:ff:16:20:86:
98:ec:fa:75:bd:15:c6:74:72:32:5b:f5:9e:2a:ce:
be:4e:c8:9d:79:2a:38:19:cc:1f:80:99:cd:57:77:
48:10:1b:0a:29:00:ac:f1:3a:80:ea:ba:84:19:c1:
ae:43:ac:8a:42:b3:84:78:98:95:71:0d:43:9a:a6:
00:82:4f:7a:bc:85:bc:58:39:e6:79:9e:96:d4:a0:
bc:f7:4e:fd:0c:1f:7a:44:97:66:3a:3c:c2:f4:1b:
35:64:78:d8:92:91:a3:34:11:80:c4:06:2c:7f:11:
4f:a1:d7:4f:11:8d:ec:a3:06:d9:19:c5:a8:b6:04:
48:62:02:08:6a:a9:1d:cc:d9:98:d1:98:2d:2b:f7:
c1:12:f3:d9:a6:a0:84:d6:f0:5e:a4:33:30:43:9b:
75:b6:4f:cc:22:ce:a7:9e:31:f4:16:e7:da:d7:c2:
0d:05:78:d1:5e:89:ca:32:4d:d1:2b:ee:e0:9c:42:
0f:07:c2:20:82:67:9a:51:d4:ed:49:cd:92:84:de:
40:02:00:09:7f:b5:86:6d:95:d4:81:84:e4:0d:1e:
a2:63:4e:d7:22:92:45:4b:a5:7e:e3:90:5c:a1:60:
3c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:58:24:0C:9C:2B:C7:8E:DD:F3:6A:A1:D5:74:7C:0B:44:63:1B:88
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/2VgkDJwrx47d82qh1XR8C0RjG4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f740::/32
Signature Algorithm: sha256WithRSAEncryption
16:58:65:c4:73:b2:43:d3:87:2b:f6:e4:63:2a:14:a6:15:ec:
a8:45:8a:82:97:36:d2:4c:27:0a:9c:99:19:af:a6:07:80:e4:
93:e2:17:c6:fd:33:1c:55:10:b5:86:e8:d4:e2:dd:a0:76:5e:
c2:b8:cb:38:cc:98:07:be:15:44:42:a0:a0:46:88:5a:d4:ad:
f4:de:ca:4d:31:a1:93:1d:42:53:67:8b:72:a1:b1:2c:f0:82:
3a:6a:1e:9b:80:97:f5:c8:91:b4:2f:a3:d1:f2:cd:ca:2d:4e:
6c:3d:46:b3:1a:f1:3e:2f:43:05:c4:18:94:e8:89:30:a6:89:
fc:25:22:f9:cb:0b:b6:7a:c3:1b:4c:71:b1:f1:ed:08:2e:2a:
e1:2b:5f:bd:ed:8e:6c:4b:65:b4:86:a0:62:3e:e6:74:00:5d:
a3:64:2d:ca:9f:ab:8c:57:30:b9:62:53:fc:6e:39:4c:47:11:
44:f9:52:75:75:8d:1d:54:19:b6:d7:a6:a9:a9:d4:3d:b6:7b:
f4:64:86:91:c5:8c:ba:f3:a7:85:95:98:42:96:cc:48:fd:3e:
e3:42:28:9d:1f:2d:51:ad:80:48:49:ad:5a:af:8c:41:e7:c7:
b4:4f:24:22:1d:1d:55:b5:f3:66:ba:b6:50:71:be:5a:8a:5d:
85:ca:ff:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIKoczD8j6EaxAcA2YGPU1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwOTE5MTQxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU4MjQwYzljMmJjNzhlZGRmMzZhYTFkNTc0N2MwYjQ0NjMxYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP9/y4eaEZj20aInRFd8ngTEhBD3
x4NJRP8WIIaY7Pp1vRXGdHIyW/WeKs6+TsideSo4GcwfgJnNV3dIEBsKKQCs8TqA
6rqEGcGuQ6yKQrOEeJiVcQ1DmqYAgk96vIW8WDnmeZ6W1KC89079DB96RJdmOjzC
9Bs1ZHjYkpGjNBGAxAYsfxFPoddPEY3sowbZGcWotgRIYgIIaqkdzNmY0ZgtK/fB
EvPZpqCE1vBepDMwQ5t1tk/MIs6nnjH0Fufa18INBXjRXonKMk3RK+7gnEIPB8Ig
gmeaUdTtSc2ShN5AAgAJf7WGbZXUgYTkDR6iY07XIpJFS6V+45BcoWA8uQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNlYJAycK8eO3fNqodV0fAtEYxuIMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvMlZna0RKd3J4NDdkODJxaDFYUjhDMFJqRzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg33QDAN
BgkqhkiG9w0BAQsFAAOCAQEAFlhlxHOyQ9OHK/bkYyoUphXsqEWKgpc20kwnCpyZ
Ga+mB4Dkk+IXxv0zHFUQtYbo1OLdoHZewrjLOMyYB74VREKgoEaIWtSt9N7KTTGh
kx1CU2eLcqGxLPCCOmoem4CX9ciRtC+j0fLNyi1ObD1GsxrxPi9DBcQYlOiJMKaJ
/CUi+csLtnrDG0xxsfHtCC4q4Stfve2ObEtltIagYj7mdABdo2Qtyp+rjFcwuWJT
/G45TEcRRPlSdXWNHVQZttemqanUPbZ79GSGkcWMuvOnhZWYQpbMSP0+40IonR8t
Ua2ASEmtWq+MQefHtE8kIh0dVbXzZrq2UHG+Wopdhcr/rQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:15:46 2025 by rpki-client