Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/8ffa79-7528-4fca-9cdf-69bb282cf5ae/1/RpPxeZG4Dy0eYZVwHGuGB8sv8Tg.roa
File: RpPxeZG4Dy0eYZVwHGuGB8sv8Tg.roa (raw, json)
Hash identifier: ByBHY1bFaTqHPUOwIEH4nS+Hxo/UOGXt+572yeCSbNs=
Subject key identifier: 46:93:F1:79:91:B8:0F:2D:1E:61:95:70:1C:6B:86:07:CB:2F:F1:38
Certificate issuer: /CN=48113c916a59da4d43b8efa7739ad1167ace59fd
Certificate serial: 018CC56DF5451FE6C22803DF1D1C8E16DEB0
Authority key identifier: 48:11:3C:91:6A:59:DA:4D:43:B8:EF:A7:73:9A:D1:16:7A:CE:59:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBE8kWpZ2k1DuO-nc5rRFnrOWf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/8ffa79-7528-4fca-9cdf-69bb282cf5ae/1/RpPxeZG4Dy0eYZVwHGuGB8sv8Tg.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42487
IP address blocks: 212.102.121.0/24 maxlen: 24
2a0f:c540::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:45:1f:e6:c2:28:03:df:1d:1c:8e:16:de:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48113c916a59da4d43b8efa7739ad1167ace59fd
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4693f17991b80f2d1e6195701c6b8607cb2ff138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:22:03:42:67:35:98:a3:fa:24:91:62:7d:78:
b0:ab:e7:ed:8e:1b:6f:e8:f6:e6:fa:6d:31:0e:02:
e8:0e:01:6d:89:4d:c7:9a:09:6f:38:f7:08:dc:87:
f9:78:28:34:c0:47:87:00:ca:4f:81:cb:80:55:dc:
3c:03:dc:d5:28:cd:18:8f:78:de:43:b0:4a:11:e3:
db:60:2f:b9:61:db:65:96:81:a7:30:6e:74:3d:05:
6d:c0:a1:8d:ec:bf:0a:07:e1:c5:ca:8c:3c:6a:6a:
ec:fc:bd:1d:1c:7d:f8:50:19:ca:2c:c7:8a:00:32:
06:e7:16:9c:e6:af:26:57:9e:b3:ca:32:c4:0b:c0:
39:0e:5a:77:a8:f6:0c:90:70:1a:e7:4c:1a:0f:4a:
68:58:2d:c7:41:bc:dc:3b:77:99:1c:58:9f:d2:9d:
4e:6c:34:a8:65:58:40:80:80:af:77:02:48:a1:6c:
b3:9c:6d:55:4a:4d:e7:ca:56:f3:9e:ce:d2:5b:e3:
3f:fb:22:68:9c:00:9c:f7:b5:74:24:3b:4c:66:fe:
f6:89:4f:39:c8:bc:9b:da:1c:7d:71:74:96:8f:49:
91:a1:e0:02:ea:72:f6:43:4d:31:e1:59:b3:b2:51:
91:33:7e:db:b2:0e:ec:ff:ce:7f:dc:fc:d9:c8:e7:
73:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:93:F1:79:91:B8:0F:2D:1E:61:95:70:1C:6B:86:07:CB:2F:F1:38
X509v3 Authority Key Identifier:
keyid:48:11:3C:91:6A:59:DA:4D:43:B8:EF:A7:73:9A:D1:16:7A:CE:59:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBE8kWpZ2k1DuO-nc5rRFnrOWf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8ffa79-7528-4fca-9cdf-69bb282cf5ae/1/RpPxeZG4Dy0eYZVwHGuGB8sv8Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/8ffa79-7528-4fca-9cdf-69bb282cf5ae/1/SBE8kWpZ2k1DuO-nc5rRFnrOWf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.121.0/24
IPv6:
2a0f:c540::/29
Signature Algorithm: sha256WithRSAEncryption
25:f4:f3:c9:d7:42:12:2a:b2:db:1c:20:ac:59:a7:1c:b6:a4:
6f:f3:a1:b2:46:79:68:a1:97:4f:60:dd:da:1b:a7:f1:11:78:
0d:46:6c:0a:d1:a6:79:dd:3e:84:ca:05:a1:64:da:52:1d:dd:
fb:8b:0c:e7:42:b6:81:38:78:4c:d4:06:51:ec:db:25:72:4b:
d4:c2:05:df:7a:70:fe:d7:72:ec:c8:9b:b0:ef:04:bd:43:8b:
70:e3:8e:27:0b:77:bc:86:26:23:1d:c3:93:e2:56:60:80:2b:
33:34:32:2c:88:e3:6a:d6:ed:18:d5:80:83:d5:ab:64:4d:e9:
1c:9c:f0:db:b3:40:54:b5:e8:3b:93:3e:41:58:0a:cc:14:16:
4e:06:67:5f:e4:9e:ff:2d:57:44:af:76:f6:1d:62:84:d4:2d:
6e:55:72:a8:5c:63:34:b1:ff:a9:3b:c4:13:e7:73:36:54:6d:
2a:ed:13:85:e1:f1:75:7c:be:75:02:54:dc:7e:ba:25:c3:f0:
18:00:0a:10:86:bc:9c:e9:5f:ef:15:1e:48:86:a7:95:7f:ae:
df:13:f1:d0:c0:b9:8f:02:69:41:f5:26:33:23:38:0c:57:96:
1e:e4:8a:96:0a:8b:4d:c2:8a:f5:61:44:1e:d8:2c:21:4c:bd:
64:21:89:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfVFH+bCKAPfHRyOFt6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTEzYzkxNmE1OWRhNGQ0M2I4ZWZhNzczOWFkMTE2N2Fj
ZTU5ZmQwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjkzZjE3OTkxYjgwZjJkMWU2MTk1NzAxYzZiODYwN2NiMmZmMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCIDQmc1mKP6JJFifXiwq+ftjhtv
6Pbm+m0xDgLoDgFtiU3HmglvOPcI3If5eCg0wEeHAMpPgcuAVdw8A9zVKM0Yj3je
Q7BKEePbYC+5YdtlloGnMG50PQVtwKGN7L8KB+HFyow8amrs/L0dHH34UBnKLMeK
ADIG5xac5q8mV56zyjLEC8A5Dlp3qPYMkHAa50waD0poWC3HQbzcO3eZHFif0p1O
bDSoZVhAgICvdwJIoWyznG1VSk3nylbzns7SW+M/+yJonACc97V0JDtMZv72iU85
yLyb2hx9cXSWj0mRoeAC6nL2Q00x4VmzslGRM37bsg7s/85/3PzZyOdzRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEaT8XmRuA8tHmGVcBxrhgfLL/E4MB8GA1UdIwQY
MBaAFEgRPJFqWdpNQ7jvp3Oa0RZ6zln9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JFOGtXcFoyazFEdU8tbmM1clJGbnJPV2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84ZmZhNzktNzUyOC00ZmNhLTljZGYt
NjliYjI4MmNmNWFlLzEvUnBQeGVaRzREeTBlWVpWd0hHdUdCOHN2OFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84ZmZhNzktNzUyOC00ZmNhLTljZGYtNjliYjI4MmNmNWFl
LzEvU0JFOGtXcFoyazFEdU8tbmM1clJGbnJPV2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1GZ5MA0E
AgACMAcDBQMqD8VAMA0GCSqGSIb3DQEBCwUAA4IBAQAl9PPJ10ISKrLbHCCsWacc
tqRv86GyRnlooZdPYN3aG6fxEXgNRmwK0aZ53T6EygWhZNpSHd37iwznQraBOHhM
1AZR7NslckvUwgXfenD+13LsyJuw7wS9Q4tw444nC3e8hiYjHcOT4lZggCszNDIs
iONq1u0Y1YCD1atkTekcnPDbs0BUteg7kz5BWArMFBZOBmdf5J7/LVdEr3b2HWKE
1C1uVXKoXGM0sf+pO8QT53M2VG0q7ROF4fF1fL51AlTcfrolw/AYAAoQhryc6V/v
FR5IhqeVf67fE/HQwLmPAmlB9SYzIzgMV5Ye5IqWCotNwor1YUQe2CwhTL1kIYmL
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:33:11 2025 by rpki-client