Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/2Zn8DRVGusMaqzoJYv8MupuOUK8.roa
File: 2Zn8DRVGusMaqzoJYv8MupuOUK8.roa (raw, json)
Hash identifier: nFabPCt0doipTrEUp7EgbxuLmKciIC5hxUSNwUlNZpY=
Subject key identifier: D9:99:FC:0D:15:46:BA:C3:1A:AB:3A:09:62:FF:0C:BA:9B:8E:50:AF
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 01949426508B5B70F618399703FECE25321A
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/2Zn8DRVGusMaqzoJYv8MupuOUK8.roa
Signing time: Thu 23 Jan 2025 17:12:06 +0000
ROA not before: Thu 23 Jan 2025 17:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213527
IP address blocks: 2a14:47c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Jan 2025 23:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:94:26:50:8b:5b:70:f6:18:39:97:03:fe:ce:25:32:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 23 17:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d999fc0d1546bac31aab3a0962ff0cba9b8e50af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:c8:34:ad:c8:71:8e:ec:09:01:7d:7c:81:
4c:d6:db:f9:a3:76:59:ed:2a:9e:9f:04:df:4e:77:
6d:ac:67:e7:a1:eb:2c:2c:d9:58:79:67:fa:dd:bd:
98:bb:35:6d:4b:cc:ba:8b:42:d6:2d:70:da:ae:c8:
71:98:6d:e9:04:6a:e9:dc:f4:dd:56:cd:f7:9d:39:
c8:6d:55:37:e2:6e:d6:2e:e8:14:9f:de:d9:a8:d5:
c7:c5:fa:69:92:31:c0:b2:d1:de:bc:8a:2f:71:99:
d4:4e:72:3a:e9:42:de:75:99:5a:ab:7d:ed:e1:90:
0d:80:26:b1:00:ed:a6:d4:a1:cd:76:47:9a:06:1d:
3f:91:5e:6e:c9:bb:e2:52:f0:33:5f:1e:ed:1c:f8:
94:7a:b0:d1:87:87:9a:f7:8d:5b:30:52:e6:57:2b:
10:a2:d3:20:d4:aa:11:17:77:8b:c7:93:12:c6:8f:
eb:fe:b0:c7:cd:d6:92:bc:7e:d3:7f:a5:7b:54:54:
15:f8:80:44:a5:17:bc:de:c9:4e:46:58:f8:32:15:
0a:cf:6f:0d:ae:38:ca:d8:7c:e6:e7:14:a2:ea:0f:
5e:8d:86:74:4b:9d:ff:57:62:b4:51:0d:64:c1:4c:
dc:d9:7f:e6:48:ad:16:02:cf:c1:39:ca:9f:db:87:
a1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:99:FC:0D:15:46:BA:C3:1A:AB:3A:09:62:FF:0C:BA:9B:8E:50:AF
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/2Zn8DRVGusMaqzoJYv8MupuOUK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
88:ec:21:21:5e:7d:27:fe:d2:31:98:54:7f:3b:2d:3c:74:f3:
a4:16:c7:e8:5b:33:2d:c9:84:4e:7c:5c:0f:9c:e2:9c:f3:bd:
a9:a6:bf:5c:2b:71:d5:b4:87:20:37:7f:d5:52:ff:45:84:0f:
34:76:7c:b2:81:5b:f3:5b:b6:1d:a9:e1:97:25:b3:8c:8a:dc:
1c:e9:7e:b4:57:1c:b0:99:60:b5:84:f9:82:e0:f3:a3:92:16:
ac:9e:01:ea:71:6a:6b:7b:a2:1a:08:81:72:d8:1c:1c:36:72:
4e:f4:4e:bd:40:24:09:81:c7:49:0b:32:08:af:e8:5a:3b:75:
2d:dc:a7:2f:6f:25:10:72:bc:89:4e:de:f5:fe:ed:b4:23:ea:
63:06:ed:bd:48:45:cb:1b:6a:ab:cc:70:16:56:ee:84:f0:8e:
2a:dc:fe:3f:b3:9c:63:fc:25:9c:77:b2:88:8f:a4:62:f9:d0:
42:b4:fe:f7:7f:f5:2f:b5:00:88:8c:1d:52:c0:7f:7e:0b:33:
f9:b3:64:96:63:44:88:a3:a1:b5:08:4c:9a:01:08:f9:85:bb:
d0:0d:92:52:33:1f:5c:dd:3e:41:b7:dc:08:0e:5b:f7:a6:af:
bd:c1:c5:c0:21:a2:a1:c3:50:88:dc:50:f9:41:42:5a:ad:e8:
c2:d8:e6:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSUJlCLW3D2GDmXA/7OJTIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTIzMTcxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk5ZmMwZDE1NDZiYWMzMWFhYjNhMDk2MmZmMGNiYTliOGU1MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQzINK3IcY7sCQF9fIFM1tv5o3ZZ
7SqenwTfTndtrGfnoessLNlYeWf63b2YuzVtS8y6i0LWLXDarshxmG3pBGrp3PTd
Vs33nTnIbVU34m7WLugUn97ZqNXHxfppkjHAstHevIovcZnUTnI66ULedZlaq33t
4ZANgCaxAO2m1KHNdkeaBh0/kV5uybviUvAzXx7tHPiUerDRh4ea941bMFLmVysQ
otMg1KoRF3eLx5MSxo/r/rDHzdaSvH7Tf6V7VFQV+IBEpRe83slORlj4MhUKz28N
rjjK2Hzm5xSi6g9ejYZ0S53/V2K0UQ1kwUzc2X/mSK0WAs/BOcqf24ehfwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNmZ/A0VRrrDGqs6CWL/DLqbjlCvMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvMlpuOERSVkd1c01hcXpvSll2OE11cHVPVUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRHwP//
MA0GCSqGSIb3DQEBCwUAA4IBAQCI7CEhXn0n/tIxmFR/Oy08dPOkFsfoWzMtyYRO
fFwPnOKc872ppr9cK3HVtIcgN3/VUv9FhA80dnyygVvzW7YdqeGXJbOMitwc6X60
VxywmWC1hPmC4POjkhasngHqcWpre6IaCIFy2BwcNnJO9E69QCQJgcdJCzIIr+ha
O3Ut3KcvbyUQcryJTt71/u20I+pjBu29SEXLG2qrzHAWVu6E8I4q3P4/s5xj/CWc
d7KIj6Ri+dBCtP73f/UvtQCIjB1SwH9+CzP5s2SWY0SIo6G1CEyaAQj5hbvQDZJS
Mx9c3T5Bt9wIDlv3pq+9wcXAIaKhw1CI3FD5QUJarejC2OaW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:19 2025 by rpki-client