Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-ajR-9B7cdVSJTy2cq0LYaHZNdc.roa
File: 1-ajR-9B7cdVSJTy2cq0LYaHZNdc.roa (raw, json)
Hash identifier: NxMkqBvfyfwOiuSUCKE6c3cN8j73/gxtNb2KgkIVAgk=
Subject key identifier: F9:A8:D1:FB:D0:7B:71:D5:52:25:3C:B6:72:AD:0B:61:A1:D9:35:D7
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCE27F1C86A68C3E32F2D1E8EBC96B
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-ajR-9B7cdVSJTy2cq0LYaHZNdc.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57026
IP address blocks: 2a02:2698:8c00::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e2:7f:1c:86:a6:8c:3e:32:f2:d1:e8:eb:c9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9a8d1fbd07b71d552253cb672ad0b61a1d935d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d7:16:d6:1f:d7:3f:09:b3:a5:8f:b7:1c:f4:
62:44:01:35:59:b6:ef:74:2e:b0:06:d7:d7:cd:83:
50:fd:3f:c8:3d:a7:dd:12:31:6c:ca:b3:2d:89:76:
30:a2:60:ad:2a:b7:46:4f:80:7c:58:0f:a6:35:9c:
92:d8:ac:a3:c1:14:57:9e:c9:dd:fd:08:e3:9e:ec:
4f:64:de:e5:4b:e5:c5:1a:0f:0a:e1:bb:65:48:0e:
94:d4:ad:eb:97:67:1f:6b:55:0a:e3:67:a5:88:57:
19:74:36:60:2b:38:36:66:ab:75:16:12:e2:4c:47:
c3:1f:b6:74:08:ff:e7:7f:24:ec:12:c0:14:56:36:
e5:f6:12:90:f5:f7:4b:0b:e5:c7:e7:7d:e7:2e:76:
4f:1d:64:12:7f:e5:25:f6:ae:18:50:d9:ae:78:a3:
c0:79:5a:79:55:57:6a:23:66:4a:3e:3e:ee:e9:ee:
2f:70:2e:ee:93:94:ff:a3:33:4b:b6:73:68:4e:cc:
08:a7:1b:5d:16:f5:46:6d:b6:62:5a:04:55:75:ed:
d6:f7:54:20:94:43:d7:c3:7a:d6:2f:ee:b0:81:5c:
26:93:7b:b9:a4:87:91:f9:cb:df:29:a3:0f:96:a0:
5c:99:8c:c3:fa:0e:d4:a6:97:91:83:a7:41:a2:e6:
0d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A8:D1:FB:D0:7B:71:D5:52:25:3C:B6:72:AD:0B:61:A1:D9:35:D7
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-ajR-9B7cdVSJTy2cq0LYaHZNdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
58:ee:52:71:ae:79:2d:0e:30:bc:fe:86:96:aa:45:c4:b3:65:
25:78:27:df:ee:ab:9d:6c:9f:2c:76:b0:87:a7:71:0a:5e:ec:
95:38:4c:19:84:2b:2a:0a:09:ab:4d:27:d8:75:7c:56:68:df:
b7:fc:e8:e7:3d:08:64:8d:43:42:08:eb:4d:3e:8a:9e:18:9c:
e2:45:3e:45:00:b2:d5:7c:34:6b:58:58:dc:90:5d:51:74:f5:
12:2b:84:bc:60:ee:10:df:6f:e7:e0:9f:ea:27:b8:f9:79:7a:
8e:94:6f:f1:7f:44:79:aa:56:2f:d3:a3:3a:f6:ec:58:d1:1b:
fd:82:7d:8b:8b:ee:2d:66:1a:60:d9:d2:d9:93:c0:31:f6:68:
6a:d9:7b:8a:85:74:55:45:3a:2e:12:85:04:74:2d:4e:a2:30:
16:44:5f:d2:55:d5:18:b3:cf:d0:4d:80:4e:89:1e:06:bd:92:
09:c7:22:d8:0b:e3:34:91:96:d2:6d:a6:2f:77:9d:13:72:1e:
d0:7b:ae:74:96:d0:78:ba:b3:4f:65:ba:b8:cc:b0:99:6c:9e:
4b:76:03:9e:12:51:b6:b6:7e:ce:5d:5d:ce:58:32:db:ef:e8:
2e:67:37:7b:df:59:24:97:01:1a:2f:02:35:cf:f0:9f:8a:e1:
7e:40:3b:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOJ/HIamjD4y8tHo68lrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE4ZDFmYmQwN2I3MWQ1NTIyNTNjYjY3MmFkMGI2MWExZDkzNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtcW1h/XPwmzpY+3HPRiRAE1Wbbv
dC6wBtfXzYNQ/T/IPafdEjFsyrMtiXYwomCtKrdGT4B8WA+mNZyS2KyjwRRXnsnd
/QjjnuxPZN7lS+XFGg8K4btlSA6U1K3rl2cfa1UK42eliFcZdDZgKzg2Zqt1FhLi
TEfDH7Z0CP/nfyTsEsAUVjbl9hKQ9fdLC+XH533nLnZPHWQSf+Ul9q4YUNmueKPA
eVp5VVdqI2ZKPj7u6e4vcC7uk5T/ozNLtnNoTswIpxtdFvVGbbZiWgRVde3W91Qg
lEPXw3rWL+6wgVwmk3u5pIeR+cvfKaMPlqBcmYzD+g7UppeRg6dBouYN1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPmo0fvQe3HVUiU8tnKtC2Gh2TXXMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMS1halItOUI3Y2RWU0pUeTJjcTBMWWFIWk5kYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQy
OC8xL0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpiM
MA0GCSqGSIb3DQEBCwUAA4IBAQBY7lJxrnktDjC8/oaWqkXEs2UleCff7qudbJ8s
drCHp3EKXuyVOEwZhCsqCgmrTSfYdXxWaN+3/OjnPQhkjUNCCOtNPoqeGJziRT5F
ALLVfDRrWFjckF1RdPUSK4S8YO4Q32/n4J/qJ7j5eXqOlG/xf0R5qlYv06M69uxY
0Rv9gn2Li+4tZhpg2dLZk8Ax9mhq2XuKhXRVRTouEoUEdC1OojAWRF/SVdUYs8/Q
TYBOiR4GvZIJxyLYC+M0kZbSbaYvd50Tch7Qe650ltB4urNPZbq4zLCZbJ5LdgOe
ElG2tn7OXV3OWDLb7+guZzd731kklwEaLwI1z/CfiuF+QDsc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:48 2025 by rpki-client