Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3e3d08-e4c5-4f3d-be01-450ad55d325a/1/sbo9gjQQqElO4rzd0NIuq720b34.roa
File: sbo9gjQQqElO4rzd0NIuq720b34.roa (raw, json)
Hash identifier: FZpsTgXE5UXyvb1i+UP6MgkgccgMhKYPlelNI2hcbmo=
Subject key identifier: B1:BA:3D:82:34:10:A8:49:4E:E2:BC:DD:D0:D2:2E:AB:BD:B4:6F:7E
Certificate issuer: /CN=b691d00bdb626ae57307d5cd4e8addd9475680b3
Certificate serial: 018CC801CC1E3A280C7A5F3C542524960427
Authority key identifier: B6:91:D0:0B:DB:62:6A:E5:73:07:D5:CD:4E:8A:DD:D9:47:56:80:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tpHQC9tiauVzB9XNTord2UdWgLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3e3d08-e4c5-4f3d-be01-450ad55d325a/1/sbo9gjQQqElO4rzd0NIuq720b34.roa
Signing time: Tue 02 Jan 2024 02:30:10 +0000
ROA not before: Tue 02 Jan 2024 02:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207583
IP address blocks: 2001:67c:2d34::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:cc:1e:3a:28:0c:7a:5f:3c:54:25:24:96:04:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b691d00bdb626ae57307d5cd4e8addd9475680b3
Validity
Not Before: Jan 2 02:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1ba3d823410a8494ee2bcddd0d22eabbdb46f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:85:35:31:5d:b8:16:d1:ce:10:c4:89:6c:
d1:da:53:74:17:b3:c8:eb:09:8b:4f:cd:3c:0a:84:
39:0c:d4:47:83:c3:e0:32:92:91:02:40:5b:64:e4:
23:8c:62:2c:c0:ad:03:00:70:cf:94:7e:5f:a5:23:
0b:50:e5:1a:e2:4c:04:b6:35:c8:3d:ab:7d:ea:89:
17:de:a7:01:79:fb:7a:1c:7c:e9:04:6a:5c:80:36:
25:a9:f7:9a:0c:1f:3b:33:3e:3d:e2:da:b7:1c:8a:
e5:08:41:6e:6b:c2:3b:1d:5a:ff:92:35:f1:6a:4d:
44:22:3e:21:2e:2e:b1:c1:9d:27:2f:bc:5b:7a:b2:
ad:f9:5a:8b:c9:04:5e:d3:27:1d:e2:3b:37:12:92:
62:ec:70:de:e3:2e:2f:d4:04:ec:54:04:69:df:56:
d9:9b:4d:33:10:2a:c4:63:1b:53:75:46:ec:2f:a1:
da:ab:35:a5:9d:90:0d:ec:0a:4c:d1:9e:c5:48:66:
6b:72:fc:d5:42:2a:18:e0:93:bb:9c:f4:cf:87:37:
a6:32:22:f2:39:18:9f:8e:3d:d3:37:ab:19:89:7e:
89:8e:55:53:e4:14:9d:7a:a7:69:43:d8:f0:d0:d3:
d1:ff:0f:fc:ce:bb:7d:57:29:be:f4:6a:3d:d8:12:
7f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BA:3D:82:34:10:A8:49:4E:E2:BC:DD:D0:D2:2E:AB:BD:B4:6F:7E
X509v3 Authority Key Identifier:
keyid:B6:91:D0:0B:DB:62:6A:E5:73:07:D5:CD:4E:8A:DD:D9:47:56:80:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpHQC9tiauVzB9XNTord2UdWgLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3e3d08-e4c5-4f3d-be01-450ad55d325a/1/sbo9gjQQqElO4rzd0NIuq720b34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3e3d08-e4c5-4f3d-be01-450ad55d325a/1/tpHQC9tiauVzB9XNTord2UdWgLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d34::/48
Signature Algorithm: sha256WithRSAEncryption
93:d5:1e:e7:b4:3f:9f:5a:47:d0:a3:17:cf:69:e6:66:61:7c:
62:39:b8:76:ae:0f:69:9e:e6:11:c5:f8:34:f9:ed:72:6d:27:
dc:30:ef:06:dc:ca:94:85:a9:8d:ff:af:53:f6:fd:9f:c3:8e:
f0:32:48:d7:0f:8f:43:99:c6:9e:6a:a8:5f:8a:75:6c:4a:f0:
5f:17:8c:8a:d8:b8:82:e4:70:a5:e2:25:de:b6:37:bc:90:55:
ca:fb:a7:39:cd:7c:38:a1:8d:9a:51:d4:70:b4:73:7c:bc:4a:
92:1a:9e:54:24:ba:2b:b5:e6:82:ae:51:4e:d5:34:5f:b3:68:
19:ce:16:e0:24:de:2c:43:18:c8:e2:c9:2f:4f:21:ee:be:3e:
25:90:84:b4:12:96:21:37:46:87:5f:3a:e6:73:a6:71:2d:be:
e0:c3:0c:e2:eb:ff:96:34:31:3c:44:83:f6:ed:bb:5a:46:04:
07:ca:f4:f2:f2:21:a5:68:d8:ac:95:43:85:fa:35:9a:0b:39:
1c:b9:64:05:14:26:28:60:ce:62:f0:88:59:cb:19:9c:6c:ea:
f6:cb:26:a3:1f:d6:2c:a2:c7:66:f6:09:9d:43:43:69:4e:6c:
b1:9e:4f:f7:8f:66:e2:f5:0e:3b:1a:43:a3:ff:f0:1d:ce:b8:
ee:2c:0c:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAcweOigMel88VCUklgQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OTFkMDBiZGI2MjZhZTU3MzA3ZDVjZDRlOGFkZGQ5NDc1
NjgwYjMwHhcNMjQwMTAyMDIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWJhM2Q4MjM0MTBhODQ5NGVlMmJjZGRkMGQyMmVhYmJkYjQ2ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcKFNTFduBbRzhDEiWzR2lN0F7PI
6wmLT808CoQ5DNRHg8PgMpKRAkBbZOQjjGIswK0DAHDPlH5fpSMLUOUa4kwEtjXI
Pat96okX3qcBeft6HHzpBGpcgDYlqfeaDB87Mz494tq3HIrlCEFua8I7HVr/kjXx
ak1EIj4hLi6xwZ0nL7xberKt+VqLyQRe0ycd4js3EpJi7HDe4y4v1ATsVARp31bZ
m00zECrEYxtTdUbsL6HaqzWlnZAN7ApM0Z7FSGZrcvzVQioY4JO7nPTPhzemMiLy
ORifjj3TN6sZiX6JjlVT5BSdeqdpQ9jw0NPR/w/8zrt9Vym+9Go92BJ/UwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLG6PYI0EKhJTuK83dDSLqu9tG9+MB8GA1UdIwQY
MBaAFLaR0AvbYmrlcwfVzU6K3dlHVoCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBIUUM5dGlhdVZ6QjlYTlRvcmQyVWRXZ0xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zZTNkMDgtZTRjNS00ZjNkLWJlMDEt
NDUwYWQ1NWQzMjVhLzEvc2JvOWdqUVFxRWxPNHJ6ZDBOSXVxNzIwYjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zZTNkMDgtZTRjNS00ZjNkLWJlMDEtNDUwYWQ1NWQzMjVh
LzEvdHBIUUM5dGlhdVZ6QjlYTlRvcmQyVWRXZ0xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC00
MA0GCSqGSIb3DQEBCwUAA4IBAQCT1R7ntD+fWkfQoxfPaeZmYXxiObh2rg9pnuYR
xfg0+e1ybSfcMO8G3MqUhamN/69T9v2fw47wMkjXD49DmcaeaqhfinVsSvBfF4yK
2LiC5HCl4iXetje8kFXK+6c5zXw4oY2aUdRwtHN8vEqSGp5UJLorteaCrlFO1TRf
s2gZzhbgJN4sQxjI4skvTyHuvj4lkIS0EpYhN0aHXzrmc6ZxLb7gwwzi6/+WNDE8
RIP27btaRgQHyvTy8iGlaNislUOF+jWaCzkcuWQFFCYoYM5i8IhZyxmcbOr2yyaj
H9Ysosdm9gmdQ0NpTmyxnk/3j2bi9Q47GkOj//AdzrjuLAxv
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:56:17 2025 by rpki-client