Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/VmnTbUvFDApFD1Y-xzO7-pq11BE.roa
File: VmnTbUvFDApFD1Y-xzO7-pq11BE.roa (raw, json)
Hash identifier: 0Q4kZgcem1MBfhfqEYU+hk5PFIzqrU33VsNZw+yy8mw=
Subject key identifier: 56:69:D3:6D:4B:C5:0C:0A:45:0F:56:3E:C7:33:BB:FA:9A:B5:D4:11
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCDF5EC8DF88CC23AD11603F7A0042
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/VmnTbUvFDApFD1Y-xzO7-pq11BE.roa
Signing time: Tue 02 Jan 2024 10:34:07 +0000
ROA not before: Tue 02 Jan 2024 10:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51819
IP address blocks: 2a02:2698:9400::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:df:5e:c8:df:88:cc:23:ad:11:60:3f:7a:00:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5669d36d4bc50c0a450f563ec733bbfa9ab5d411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:27:e7:60:32:ec:8e:7d:3c:7b:ec:c6:f8:34:
db:9e:87:0e:e4:25:dd:af:e8:34:9b:c9:1f:67:5f:
da:bd:22:4e:cc:61:9c:ce:ee:01:89:40:57:6a:f6:
91:2f:9f:db:7d:ff:03:74:da:6e:b7:b2:45:e7:64:
2d:68:c1:b0:4a:3a:e4:a0:bf:49:08:56:83:34:ab:
61:66:63:1d:83:4e:7a:6d:83:35:d3:9e:ca:42:a5:
f8:7e:7b:0e:87:05:1e:9a:d9:1d:cc:5b:14:d6:de:
7c:97:6e:62:6b:4b:76:c5:4c:0f:cd:f0:aa:7d:7e:
6c:5b:46:cb:08:11:47:7a:06:01:6f:cb:78:0a:c4:
25:62:2a:06:42:6a:f1:9d:24:32:19:cb:f0:a1:4d:
1b:92:32:13:01:f9:f4:2e:11:dc:bf:f7:f4:70:e2:
dd:25:a6:71:71:2d:d9:96:71:bc:b9:a0:4f:d0:4f:
c0:f9:82:5d:c5:05:72:ee:ab:5f:31:a6:40:75:a2:
8f:93:68:fa:ca:52:16:7c:89:27:ef:2a:50:ad:11:
b7:9a:e0:8f:5d:0f:af:4a:47:36:54:f6:ad:8b:c6:
06:f4:00:36:68:ec:ac:48:cc:2b:2b:dd:cc:aa:b3:
4d:bd:34:b8:58:38:c6:ad:65:05:a1:6a:56:10:91:
e3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:69:D3:6D:4B:C5:0C:0A:45:0F:56:3E:C7:33:BB:FA:9A:B5:D4:11
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/VmnTbUvFDApFD1Y-xzO7-pq11BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:9400::/38
Signature Algorithm: sha256WithRSAEncryption
d1:25:e0:7d:03:25:17:9e:e1:d8:ab:c0:d5:84:90:32:b3:82:
37:c1:52:25:27:59:c0:98:7d:bd:9e:8d:03:65:45:55:ef:98:
db:ac:41:75:d8:3d:f2:c8:62:d1:ed:ef:24:91:97:48:05:23:
4d:74:fb:3a:2d:c0:a6:02:9d:53:04:10:85:fd:25:ce:84:1f:
19:42:20:cb:63:f1:8d:8d:44:34:5c:de:6f:d3:67:85:a6:e8:
9b:a6:f9:0a:8b:70:58:2d:c1:9e:c9:a3:cf:75:32:ac:ed:b4:
04:18:d6:87:cf:6e:8a:a2:34:28:3d:65:d2:a4:68:8f:af:4b:
fd:75:52:93:fa:1d:4b:07:3d:f3:19:91:0c:ca:9f:9f:dd:2f:
39:29:e7:4d:c4:02:fb:c1:0e:35:e3:9c:04:6f:21:53:49:93:
f2:e0:1f:b7:02:0a:86:b4:e1:b2:6d:5b:32:1a:83:4e:27:5b:
17:79:80:43:7a:b4:9f:14:07:b2:8a:95:36:2f:9c:cd:d2:29:
24:d5:92:55:b3:23:00:af:d9:83:af:8d:1a:a0:d3:93:d7:70:
eb:51:8f:e7:45:8d:27:e0:80:80:a4:8d:e3:d0:61:6c:81:d6:
05:fb:3d:b6:e9:91:c1:57:fb:0c:23:1e:7c:1a:11:5a:a4:24:
d3:24:72:fb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvN9eyN+IzCOtEWA/egBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY5ZDM2ZDRiYzUwYzBhNDUwZjU2M2VjNzMzYmJmYTlhYjVkNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyfnYDLsjn08e+zG+DTbnocO5CXd
r+g0m8kfZ1/avSJOzGGczu4BiUBXavaRL5/bff8DdNput7JF52QtaMGwSjrkoL9J
CFaDNKthZmMdg056bYM1057KQqX4fnsOhwUemtkdzFsU1t58l25ia0t2xUwPzfCq
fX5sW0bLCBFHegYBb8t4CsQlYioGQmrxnSQyGcvwoU0bkjITAfn0LhHcv/f0cOLd
JaZxcS3ZlnG8uaBP0E/A+YJdxQVy7qtfMaZAdaKPk2j6ylIWfIkn7ypQrRG3muCP
XQ+vSkc2VPati8YG9AA2aOysSMwrK93MqrNNvTS4WDjGrWUFoWpWEJHjfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFZp021LxQwKRQ9WPsczu/qatdQRMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvVm1uVGJVdkZEQXBGRDFZLXh6TzctcHExMUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmJQw
DQYJKoZIhvcNAQELBQADggEBANEl4H0DJRee4dirwNWEkDKzgjfBUiUnWcCYfb2e
jQNlRVXvmNusQXXYPfLIYtHt7ySRl0gFI010+zotwKYCnVMEEIX9Jc6EHxlCIMtj
8Y2NRDRc3m/TZ4Wm6Jum+QqLcFgtwZ7Jo891MqzttAQY1ofPboqiNCg9ZdKkaI+v
S/11UpP6HUsHPfMZkQzKn5/dLzkp503EAvvBDjXjnARvIVNJk/LgH7cCCoa04bJt
WzIag04nWxd5gEN6tJ8UB7KKlTYvnM3SKSTVklWzIwCv2YOvjRqg05PXcOtRj+dF
jSfggICkjePQYWyB1gX7PbbpkcFX+wwjHnwaEVqkJNMkcvs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:01 2025 by rpki-client