Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/a16ea5-3867-4406-9f2a-a4944e9625c0/1/ri7gvn6JVD4kRWEpsdz9fU7qEoU.roa
File: ri7gvn6JVD4kRWEpsdz9fU7qEoU.roa (raw, json)
Hash identifier: 9+XL2SkTYCs53ndW3uOfZlUbkSKoBlSHhXfgVltZeQI=
Subject key identifier: AE:2E:E0:BE:7E:89:54:3E:24:45:61:29:B1:DC:FD:7D:4E:EA:12:85
Certificate issuer: /CN=61106d2dff7116f35ab7fa10275a45e383bce523
Certificate serial: 018CC42554B4C196EB58EADE5E594323053E
Authority key identifier: 61:10:6D:2D:FF:71:16:F3:5A:B7:FA:10:27:5A:45:E3:83:BC:E5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YRBtLf9xFvNat_oQJ1pF44O85SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/a16ea5-3867-4406-9f2a-a4944e9625c0/1/ri7gvn6JVD4kRWEpsdz9fU7qEoU.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1836
IP address blocks: 2001:67c:1300::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:54:b4:c1:96:eb:58:ea:de:5e:59:43:23:05:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61106d2dff7116f35ab7fa10275a45e383bce523
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae2ee0be7e89543e24456129b1dcfd7d4eea1285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a7:93:b1:bd:5b:9d:83:c9:57:d4:4b:79:c5:
68:b2:bf:40:02:2a:36:26:db:ba:2b:43:eb:c5:4b:
b6:32:ba:bd:c0:40:31:d6:9b:be:90:d0:f5:f8:73:
98:67:c1:0a:81:ac:44:f4:b3:1c:cc:e6:b9:6c:1e:
ce:65:30:1b:20:1b:46:cf:d8:02:3e:7d:3c:39:50:
89:3b:1c:bc:d1:8f:0f:89:59:2e:1c:8b:4b:2f:71:
1b:9a:bf:93:e9:84:86:0e:b5:bd:a0:42:1e:be:44:
63:22:ef:dc:b4:ed:c5:8c:11:22:1a:f6:03:95:46:
1c:8f:69:47:37:90:63:cd:fd:c4:a4:e6:ad:d8:18:
48:32:44:07:6c:5a:1a:06:09:f3:b1:f6:8b:00:26:
15:cf:fa:78:4e:77:ef:d5:8b:14:10:ce:a4:b8:0b:
14:ed:1f:7e:bf:e6:66:fe:18:53:38:ad:94:85:2f:
b3:c7:2b:eb:7d:36:07:d5:ea:0f:23:07:9e:30:1f:
ad:d8:f4:79:d5:f6:84:61:38:a1:a4:ac:11:cd:52:
b0:0f:4c:d3:46:06:5f:f0:c5:22:02:bf:89:12:d1:
7a:5a:f3:f8:a9:9d:34:cf:e5:5a:f2:f0:01:55:42:
b7:4e:d7:9c:fd:97:cb:71:ae:71:67:63:03:f7:c2:
c6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2E:E0:BE:7E:89:54:3E:24:45:61:29:B1:DC:FD:7D:4E:EA:12:85
X509v3 Authority Key Identifier:
keyid:61:10:6D:2D:FF:71:16:F3:5A:B7:FA:10:27:5A:45:E3:83:BC:E5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRBtLf9xFvNat_oQJ1pF44O85SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a16ea5-3867-4406-9f2a-a4944e9625c0/1/ri7gvn6JVD4kRWEpsdz9fU7qEoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a16ea5-3867-4406-9f2a-a4944e9625c0/1/YRBtLf9xFvNat_oQJ1pF44O85SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1300::/48
Signature Algorithm: sha256WithRSAEncryption
39:f6:41:26:2b:e7:e7:e4:31:83:53:6b:44:7f:86:54:3c:ad:
55:6c:a2:74:0d:5d:71:c0:bf:f8:ac:f6:1d:40:c1:9e:6a:59:
fa:06:90:36:9e:ea:b8:10:09:64:e4:be:65:a0:4e:66:50:0d:
4b:e2:d0:6b:32:d7:d2:5e:39:9e:33:bc:2b:b4:03:60:f1:ac:
05:a5:db:97:24:6e:4c:4b:bf:75:0a:f1:91:22:a1:6a:4e:fe:
79:c1:cc:17:28:af:48:58:ef:b2:68:63:9d:ab:a7:ff:73:ea:
e6:e8:8b:84:bb:bd:59:f3:99:f7:0e:42:f8:24:fa:89:29:0a:
f8:9b:ed:3f:ef:f0:37:e0:60:7e:60:79:08:4e:8f:61:36:3b:
25:0e:95:e3:6f:e7:92:9d:6b:e9:1e:1a:6f:e1:84:5a:3a:fb:
20:47:0b:2e:25:7c:36:67:76:90:12:3d:ab:74:1c:b8:77:5e:
df:c3:40:77:05:0a:ec:99:fc:65:82:19:ac:db:92:47:0d:e4:
25:f0:0f:7a:9f:5c:6d:4b:6e:35:36:a4:4e:e6:70:47:7e:a0:
06:fe:58:0f:89:24:ee:c7:99:b0:b5:18:06:c1:24:38:46:e7:
45:e0:49:89:d4:f6:4c:2e:20:5f:9c:97:0f:40:c1:09:49:b5:
d4:0c:37:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJVS0wZbrWOreXllDIwU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTA2ZDJkZmY3MTE2ZjM1YWI3ZmExMDI3NWE0NWUzODNi
Y2U1MjMwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJlZTBiZTdlODk1NDNlMjQ0NTYxMjliMWRjZmQ3ZDRlZWExMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKeTsb1bnYPJV9RLecVosr9AAio2
Jtu6K0PrxUu2Mrq9wEAx1pu+kND1+HOYZ8EKgaxE9LMczOa5bB7OZTAbIBtGz9gC
Pn08OVCJOxy80Y8PiVkuHItLL3Ebmr+T6YSGDrW9oEIevkRjIu/ctO3FjBEiGvYD
lUYcj2lHN5Bjzf3EpOat2BhIMkQHbFoaBgnzsfaLACYVz/p4Tnfv1YsUEM6kuAsU
7R9+v+Zm/hhTOK2UhS+zxyvrfTYH1eoPIweeMB+t2PR51faEYTihpKwRzVKwD0zT
RgZf8MUiAr+JEtF6WvP4qZ00z+Va8vABVUK3Ttec/ZfLca5xZ2MD98LGxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK4u4L5+iVQ+JEVhKbHc/X1O6hKFMB8GA1UdIwQY
MBaAFGEQbS3/cRbzWrf6ECdaReODvOUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJCdExmOXhGdk5hdF9vUUoxcEY0NE84NVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hMTZlYTUtMzg2Ny00NDA2LTlmMmEt
YTQ5NDRlOTYyNWMwLzEvcmk3Z3ZuNkpWRDRrUldFcHNkejlmVTdxRW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hMTZlYTUtMzg2Ny00NDA2LTlmMmEtYTQ5NDRlOTYyNWMw
LzEvWVJCdExmOXhGdk5hdF9vUUoxcEY0NE84NVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBMA
MA0GCSqGSIb3DQEBCwUAA4IBAQA59kEmK+fn5DGDU2tEf4ZUPK1VbKJ0DV1xwL/4
rPYdQMGealn6BpA2nuq4EAlk5L5loE5mUA1L4tBrMtfSXjmeM7wrtANg8awFpduX
JG5MS791CvGRIqFqTv55wcwXKK9IWO+yaGOdq6f/c+rm6IuEu71Z85n3DkL4JPqJ
KQr4m+0/7/A34GB+YHkITo9hNjslDpXjb+eSnWvpHhpv4YRaOvsgRwsuJXw2Z3aQ
Ej2rdBy4d17fw0B3BQrsmfxlghms25JHDeQl8A96n1xtS241NqRO5nBHfqAG/lgP
iSTux5mwtRgGwSQ4RudF4EmJ1PZMLiBfnJcPQMEJSbXUDDdN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:02 2025 by rpki-client