Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/3knEzcbDHLEg7jzZiAHzI15vYqU.roa
File: 3knEzcbDHLEg7jzZiAHzI15vYqU.roa (raw, json)
Hash identifier: faGzeazcRwEMHKPeFx2Jm0nLyNPWwRQ8Vf0/im1GIqk=
Subject key identifier: DE:49:C4:CD:C6:C3:1C:B1:20:EE:3C:D9:88:01:F3:23:5E:6F:62:A5
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 019422FB8B1671176C32C5A5330F385A9607
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/3knEzcbDHLEg7jzZiAHzI15vYqU.roa
Signing time: Wed 01 Jan 2025 17:48:18 +0000
ROA not before: Wed 01 Jan 2025 17:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 2a14:47c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 07 Feb 2025 23:55:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8b:16:71:17:6c:32:c5:a5:33:0f:38:5a:96:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 1 17:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de49c4cdc6c31cb120ee3cd98801f3235e6f62a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:ef:c2:71:e4:f1:d7:d7:1b:e6:5f:06:cd:
ec:43:07:fb:5d:dd:33:f3:ce:88:03:6d:27:83:de:
f5:98:a6:47:07:73:35:72:75:ee:a4:47:f3:5c:5d:
e1:b3:e2:39:31:9c:74:e6:e0:72:7f:1f:aa:6e:65:
b7:11:bc:9e:50:43:5f:ba:ae:57:66:40:05:dc:35:
02:db:e6:28:16:24:99:dd:08:b8:01:52:72:43:c9:
8b:d7:4f:c2:db:ba:d6:ba:a6:b4:be:d2:f7:eb:a1:
8c:3d:07:6c:10:51:35:a0:9b:6d:87:6e:8a:c3:05:
d7:14:a8:55:a0:a6:a7:f0:77:f4:e7:52:91:20:f5:
ab:bd:d4:aa:51:26:b4:33:b2:7a:77:33:28:11:46:
bd:b5:5c:9f:7b:ef:0a:be:3b:a0:e0:ca:8f:20:dc:
18:03:96:da:89:b8:57:60:08:56:10:fd:70:34:eb:
35:17:86:78:a4:20:dd:5f:ab:c3:70:c4:f7:91:b9:
09:0a:4b:d9:18:8f:f6:d9:12:d5:dd:5b:fc:2d:30:
9a:41:c1:7d:b0:cc:6d:73:75:24:2e:e6:12:11:22:
79:1e:59:56:c1:3f:d2:7b:69:f9:44:7d:90:b3:cb:
c3:02:b2:1f:a4:40:6e:6b:4f:c2:af:dd:ef:62:37:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:49:C4:CD:C6:C3:1C:B1:20:EE:3C:D9:88:01:F3:23:5E:6F:62:A5
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/3knEzcbDHLEg7jzZiAHzI15vYqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
ab:4e:80:89:75:6a:e4:6c:d3:a6:5c:71:db:b4:cd:c4:2f:e4:
06:37:e3:99:aa:d9:89:65:f8:10:fa:89:f9:fa:25:f2:d7:f7:
71:a0:ae:08:93:0b:ed:a6:a6:8c:ef:11:dc:91:55:7b:24:83:
eb:2d:da:7e:9f:95:0a:fa:d3:f5:e7:db:f8:39:f9:86:46:63:
c7:f3:29:4e:ca:0b:aa:c6:64:30:a5:9d:f2:4e:d9:b0:04:4c:
03:40:ef:ae:8e:14:8e:be:85:c1:58:35:5e:61:4d:97:c8:f3:
84:35:17:65:c2:77:93:cb:2a:9a:9d:3d:41:f7:be:a9:05:3a:
7d:d2:e9:2a:5c:30:d7:4f:9a:c6:c2:93:83:6c:b3:66:1f:e3:
5d:b8:27:b7:2e:dc:69:01:b3:8b:de:55:a3:aa:28:62:f9:c4:
4a:0a:f1:e0:2d:37:b8:fd:30:cc:b5:ae:e7:58:84:fc:ae:a1:
cc:86:ee:45:18:8a:31:da:d5:7d:b1:2d:9d:06:53:0a:d0:cb:
34:56:b9:7e:a5:f3:d2:7f:27:48:1f:8a:5c:49:e9:76:4d:f1:
1b:bd:de:31:7a:9e:a2:52:37:d5:ad:f3:05:e2:db:6c:df:71:
d0:40:63:3a:ea:5c:cb:32:74:70:c4:55:d9:df:dd:e7:31:34:
3f:c6:ad:be
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+4sWcRdsMsWlMw84WpYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTAxMTc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ5YzRjZGM2YzMxY2IxMjBlZTNjZDk4ODAxZjMyMzVlNmY2MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDvvwnHk8dfXG+ZfBs3sQwf7Xd0z
886IA20ng971mKZHB3M1cnXupEfzXF3hs+I5MZx05uByfx+qbmW3EbyeUENfuq5X
ZkAF3DUC2+YoFiSZ3Qi4AVJyQ8mL10/C27rWuqa0vtL366GMPQdsEFE1oJtth26K
wwXXFKhVoKan8Hf051KRIPWrvdSqUSa0M7J6dzMoEUa9tVyfe+8Kvjug4MqPINwY
A5baibhXYAhWEP1wNOs1F4Z4pCDdX6vDcMT3kbkJCkvZGI/22RLV3Vv8LTCaQcF9
sMxtc3UkLuYSESJ5HllWwT/Se2n5RH2Qs8vDArIfpEBua0/Cr93vYjcJ8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN5JxM3GwxyxIO482YgB8yNeb2KlMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvM2tuRXpjYkRITEVnN2p6WmlBSHpJMTV2WXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAq06AiXVq5GzTplxx27TNxC/kBjfjmarZiWX4EPqJ
+fol8tf3caCuCJML7aamjO8R3JFVeySD6y3afp+VCvrT9efb+Dn5hkZjx/MpTsoL
qsZkMKWd8k7ZsARMA0Dvro4Ujr6FwVg1XmFNl8jzhDUXZcJ3k8sqmp09Qfe+qQU6
fdLpKlww10+axsKTg2yzZh/jXbgnty7caQGzi95Vo6ooYvnESgrx4C03uP0wzLWu
51iE/K6hzIbuRRiKMdrVfbEtnQZTCtDLNFa5fqXz0n8nSB+KXEnpdk3xG73eMXqe
olI31a3zBeLbbN9x0EBjOupcyzJ0cMRV2d/d5zE0P8atvg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:51 2025 by rpki-client