Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/7QZvBFLoSCBCtfbEa227OALZHF4.roa
File: 7QZvBFLoSCBCtfbEa227OALZHF4.roa (raw, json)
Hash identifier: fLzTZARgKJF0ikOGzm1XH5DXAh8ZLWyu0Iku4TnJKPw=
Subject key identifier: ED:06:6F:04:52:E8:48:20:42:B5:F6:C4:6B:6D:BB:38:02:D9:1C:5E
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0194A9648C341C5052CCAF4E5EB47199669A
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/7QZvBFLoSCBCtfbEa227OALZHF4.roa
Signing time: Mon 27 Jan 2025 20:12:06 +0000
ROA not before: Mon 27 Jan 2025 20:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213512
IP address blocks: 2a14:47c0:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Feb 2025 02:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a9:64:8c:34:1c:50:52:cc:af:4e:5e:b4:71:99:66:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 27 20:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed066f0452e8482042b5f6c46b6dbb3802d91c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:91:74:ee:6c:05:00:9b:0d:10:e0:b7:e5:36:
41:ec:6e:2f:f6:32:29:47:d1:2a:22:2a:90:bf:09:
08:de:dc:a0:bc:37:af:84:92:22:b8:4d:7c:55:31:
0b:cf:83:de:5b:19:7f:d9:5c:a6:04:6c:92:cd:38:
07:2c:3d:a6:5c:a6:58:41:f4:36:87:08:21:56:66:
69:de:8a:e5:9e:fe:05:ec:be:c3:22:99:2c:a6:9e:
84:10:c4:c3:55:4a:55:5f:b1:3e:2b:a7:09:b3:15:
24:89:f5:61:a0:84:13:28:80:d3:ae:f1:7f:bc:07:
d3:59:c0:05:99:94:ed:3c:ed:a5:84:33:d3:25:a4:
89:78:44:32:16:19:82:1d:b3:b8:18:65:74:f7:c8:
12:d1:75:c9:05:d5:62:57:9c:fa:0f:5d:46:b4:a6:
6d:2f:c7:46:16:00:54:0c:8c:8f:93:2b:3f:7e:d7:
3d:ba:73:9a:46:73:54:db:79:45:22:d4:ac:66:d3:
a7:76:47:4c:38:51:0d:55:29:e2:25:38:51:fb:f6:
b7:10:e9:3a:e2:73:51:e8:ea:4a:b9:13:34:f5:fd:
ae:b4:69:a7:06:81:ac:dc:a1:01:f7:be:9d:91:9a:
e4:0e:1c:90:19:bd:e6:34:dc:97:dc:9d:1b:f3:79:
d1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:06:6F:04:52:E8:48:20:42:B5:F6:C4:6B:6D:BB:38:02:D9:1C:5E
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/7QZvBFLoSCBCtfbEa227OALZHF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
1c:c3:7a:3d:31:d3:63:5d:2c:a0:0a:31:83:9d:02:6d:05:96:
37:fa:11:32:bd:61:31:1d:dc:b7:17:47:ab:fe:f6:01:58:30:
dc:89:ef:81:23:d6:fa:31:40:d8:e5:92:1d:b5:5a:d8:e7:c1:
bc:0a:34:84:48:98:4a:29:c4:11:e4:b8:5d:c6:a2:bc:7b:dd:
e0:d1:69:5a:1e:c4:e6:77:0d:59:39:8a:75:07:a7:3b:e1:23:
3d:04:4f:01:1f:18:79:b3:27:31:f8:d2:23:7b:86:6e:53:a4:
7d:99:34:c0:d0:18:49:83:a7:34:d6:1d:57:a3:6d:89:06:a4:
b5:b2:56:50:25:08:3d:a5:2d:23:42:22:56:75:7d:93:7b:ac:
cf:1c:8a:a8:3b:eb:6e:b2:97:b0:c5:72:fb:10:5b:6e:3c:d0:
04:60:fb:a8:c9:b3:16:f8:b2:b9:a0:b2:f6:85:a4:31:a8:ec:
5b:78:cb:6b:f8:a8:bc:dc:64:4a:b5:67:90:c1:c7:ae:a0:3f:
38:ba:b0:9c:cf:85:a7:cd:9a:c3:0f:de:f8:b0:48:a3:4c:1d:
60:ef:27:15:66:62:06:1c:10:d6:33:83:f9:31:3e:be:6d:ca:
39:1a:d5:2a:e7:23:b4:82:d7:98:f8:4c:dd:74:66:89:7f:17:
20:61:a0:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSpZIw0HFBSzK9OXrRxmWaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTI3MjAxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA2NmYwNDUyZTg0ODIwNDJiNWY2YzQ2YjZkYmIzODAyZDkxYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZF07mwFAJsNEOC35TZB7G4v9jIp
R9EqIiqQvwkI3tygvDevhJIiuE18VTELz4PeWxl/2VymBGySzTgHLD2mXKZYQfQ2
hwghVmZp3orlnv4F7L7DIpkspp6EEMTDVUpVX7E+K6cJsxUkifVhoIQTKIDTrvF/
vAfTWcAFmZTtPO2lhDPTJaSJeEQyFhmCHbO4GGV098gS0XXJBdViV5z6D11GtKZt
L8dGFgBUDIyPkys/ftc9unOaRnNU23lFItSsZtOndkdMOFENVSniJThR+/a3EOk6
4nNR6OpKuRM09f2utGmnBoGs3KEB976dkZrkDhyQGb3mNNyX3J0b83nRQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO0GbwRS6EggQrX2xGttuzgC2RxeMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvN1FadkJGTG9TQ0JDdGZiRWEyMjdPQUxaSEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRHwP/+
MA0GCSqGSIb3DQEBCwUAA4IBAQAcw3o9MdNjXSygCjGDnQJtBZY3+hEyvWExHdy3
F0er/vYBWDDcie+BI9b6MUDY5ZIdtVrY58G8CjSESJhKKcQR5LhdxqK8e93g0Wla
HsTmdw1ZOYp1B6c74SM9BE8BHxh5sycx+NIje4ZuU6R9mTTA0BhJg6c01h1Xo22J
BqS1slZQJQg9pS0jQiJWdX2Te6zPHIqoO+tuspewxXL7EFtuPNAEYPuoybMW+LK5
oLL2haQxqOxbeMtr+Ki83GRKtWeQwceuoD84urCcz4WnzZrDD974sEijTB1g7ycV
ZmIGHBDWM4P5MT6+bco5GtUq5yO0gteY+EzddGaJfxcgYaCo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:41 2025 by rpki-client