Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/_BHOiX2qTtp2JPE3ZlRibT_NtNo.roa
File: _BHOiX2qTtp2JPE3ZlRibT_NtNo.roa (raw, json)
Hash identifier: rzG9lh+df7kWmxYCSTRNW6kfzkfXgu767c1sF+WR8q8=
Subject key identifier: FC:11:CE:89:7D:AA:4E:DA:76:24:F1:37:66:54:62:6D:3F:CD:B4:DA
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 01949DD9395001F0877176D96C705800220E
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/_BHOiX2qTtp2JPE3ZlRibT_NtNo.roa
Signing time: Sat 25 Jan 2025 14:24:06 +0000
ROA not before: Sat 25 Jan 2025 14:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213527
IP address blocks: 2a14:47c0::/32 maxlen: 32
2a14:47c0::/40 maxlen: 40
2a14:47c0:e::/48 maxlen: 48
2a14:47c0:fffe::/48 maxlen: 48
2a14:47c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Feb 2025 12:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9d:d9:39:50:01:f0:87:71:76:d9:6c:70:58:00:22:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 25 14:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc11ce897daa4eda7624f1376654626d3fcdb4da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:34:c4:e7:29:18:31:17:93:17:f7:10:0f:02:
1e:fd:16:38:47:61:06:f8:91:b2:de:e1:28:5b:3c:
e2:a8:4a:86:71:ce:ef:36:0c:fe:0f:e7:1e:48:18:
09:b7:bc:3e:58:32:21:b8:69:0b:9a:79:e1:4a:d7:
32:21:65:ce:e3:a8:fb:18:08:8c:a5:a8:56:fb:a4:
fc:fd:dd:aa:98:1a:32:36:d9:bf:9c:92:0c:2e:30:
a7:e8:6c:09:7c:0a:68:17:c1:74:5d:37:36:7c:a8:
17:c7:04:df:17:4e:15:b7:dd:73:d8:8c:9a:f1:b7:
ba:c4:71:b2:62:6e:0d:98:74:42:de:3c:fa:41:71:
4c:d7:d3:a5:63:b6:83:72:01:34:1c:a5:68:c2:8a:
26:1b:6f:5c:1b:a4:ea:fd:35:77:df:8e:25:6d:7a:
95:f8:3a:81:98:50:ed:0c:57:84:a2:38:78:e1:0d:
7c:22:d1:b0:65:c1:18:1f:19:59:75:e3:6e:31:f5:
db:21:92:83:27:71:83:e2:5f:22:0c:02:d2:58:b3:
db:79:30:30:c0:b9:4f:91:13:ce:1a:9d:51:91:08:
b2:db:e1:85:3b:20:cb:86:b3:46:10:77:eb:aa:ca:
09:7e:70:32:19:9a:e4:2f:fe:b0:a9:75:84:bf:80:
c6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:11:CE:89:7D:AA:4E:DA:76:24:F1:37:66:54:62:6D:3F:CD:B4:DA
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/_BHOiX2qTtp2JPE3ZlRibT_NtNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
28:f9:a9:89:c1:6c:30:fe:89:d0:e6:5d:a2:8f:e4:4e:93:e5:
dd:67:84:b6:77:31:d4:1e:9e:20:10:80:85:17:2e:b4:12:fb:
40:39:92:54:e6:1f:7f:4c:6a:9f:5e:50:38:bc:ba:e6:82:79:
11:2d:0e:6f:ca:25:c2:66:57:eb:a3:1b:49:f5:ac:03:33:e8:
5e:74:78:7c:cd:2e:20:0c:9d:8f:81:56:fe:a1:60:0c:e2:6e:
e6:d1:d9:47:9d:01:29:27:7f:76:71:22:aa:1b:23:06:98:59:
f3:4a:30:c6:51:ab:77:af:c4:af:b8:d8:cf:90:9c:9c:75:32:
19:aa:5d:85:b4:e5:9a:d0:7b:fd:e7:42:d3:ff:d1:20:13:7c:
94:56:31:33:2d:13:24:ee:f4:cf:0a:79:36:51:70:34:21:70:
37:b6:a5:74:b7:ad:e1:12:40:aa:8c:aa:3e:6d:b1:87:14:ae:
bd:76:86:f2:88:14:9a:1d:50:31:f4:ef:1d:76:70:d6:f1:8e:
3c:8a:d2:06:03:73:83:6a:41:91:7e:06:e8:7b:c9:e8:40:0f:
e5:20:0c:ea:78:48:32:bd:63:57:26:4a:8c:b2:9f:84:77:ae:
db:88:fd:a8:24:21:f3:eb:96:44:8f:04:a2:b5:6a:2c:d7:65:
97:ba:25:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZSd2TlQAfCHcXbZbHBYACIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTI1MTQyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzExY2U4OTdkYWE0ZWRhNzYyNGYxMzc2NjU0NjI2ZDNmY2RiNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+zTE5ykYMReTF/cQDwIe/RY4R2EG
+JGy3uEoWzziqEqGcc7vNgz+D+ceSBgJt7w+WDIhuGkLmnnhStcyIWXO46j7GAiM
pahW+6T8/d2qmBoyNtm/nJIMLjCn6GwJfApoF8F0XTc2fKgXxwTfF04Vt91z2Iya
8be6xHGyYm4NmHRC3jz6QXFM19OlY7aDcgE0HKVowoomG29cG6Tq/TV3344lbXqV
+DqBmFDtDFeEojh44Q18ItGwZcEYHxlZdeNuMfXbIZKDJ3GD4l8iDALSWLPbeTAw
wLlPkRPOGp1RkQiy2+GFOyDLhrNGEHfrqsoJfnAyGZrkL/6wqXWEv4DGgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPwRzol9qk7adiTxN2ZUYm0/zbTaMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvX0JIT2lYMnFUdHAySlBFM1psUmliVF9OdE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKPmpicFsMP6J0OZdoo/kTpPl3WeEtncx1B6eIBCA
hRcutBL7QDmSVOYff0xqn15QOLy65oJ5ES0Ob8olwmZX66MbSfWsAzPoXnR4fM0u
IAydj4FW/qFgDOJu5tHZR50BKSd/dnEiqhsjBphZ80owxlGrd6/Er7jYz5CcnHUy
GapdhbTlmtB7/edC0//RIBN8lFYxMy0TJO70zwp5NlFwNCFwN7aldLet4RJAqoyq
Pm2xhxSuvXaG8ogUmh1QMfTvHXZw1vGOPIrSBgNzg2pBkX4G6HvJ6EAP5SAM6nhI
Mr1jVyZKjLKfhHeu24j9qCQh8+uWRI8EorVqLNdll7oleg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:29 2025 by rpki-client