Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dIuysQMbofP9RsaepbMgjieRoXo.roa
File: dIuysQMbofP9RsaepbMgjieRoXo.roa (raw, json)
Hash identifier: 1BmQ9aOwd5dAkmzEg3iz3yHWyYrD9U12dZG3xGMmw9Y=
Subject key identifier: 74:8B:B2:B1:03:1B:A1:F3:FD:46:C6:9E:A5:B3:20:8E:27:91:A1:7A
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCD21CC6ED9DF04C969A87D323054A
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dIuysQMbofP9RsaepbMgjieRoXo.roa
Signing time: Tue 02 Jan 2024 10:34:04 +0000
ROA not before: Tue 02 Jan 2024 10:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41661
IP address blocks: 2a02:2698:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d2:1c:c6:ed:9d:f0:4c:96:9a:87:d3:23:05:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=748bb2b1031ba1f3fd46c69ea5b3208e2791a17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:67:aa:1c:76:a7:1a:9d:4c:f9:3a:69:9b:8d:
9d:3a:4b:e2:2f:9f:61:56:5e:ed:b4:53:69:60:33:
c1:0a:42:95:39:51:ca:cc:48:a5:8b:82:a3:93:a6:
c1:a7:da:58:4f:ca:a5:11:23:d4:f9:75:12:3d:93:
8c:eb:58:b5:54:dd:83:da:25:0c:25:9b:25:0b:08:
48:6b:dd:f5:7b:0e:8e:98:65:c3:eb:e6:b9:06:ce:
4d:3f:ce:16:1e:87:a7:d8:28:8d:82:a0:8f:07:0b:
d1:ce:71:3c:67:d9:87:94:36:9e:d0:7e:29:23:b5:
15:46:49:6c:3e:44:73:e3:e4:06:5f:df:86:15:45:
61:0e:d4:89:9d:9c:b9:d3:00:d4:c6:d8:76:92:82:
bc:f3:bb:65:f2:20:d4:3f:4a:b2:af:a2:b5:0f:68:
a1:ae:f9:52:94:84:af:7e:73:8c:a3:33:c6:ed:e0:
83:c0:3e:d9:b2:9c:fd:f6:95:da:41:22:7c:e0:d8:
2c:02:98:4e:ca:78:d2:cb:c9:2c:19:d6:fb:a2:6e:
42:59:2b:f8:9b:c8:f1:cb:46:76:84:2d:d9:85:40:
58:2b:a1:44:bd:c7:4e:59:ef:b9:a7:8e:83:43:db:
26:0b:a7:10:18:1c:c5:1b:09:00:e1:b5:57:61:61:
1c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8B:B2:B1:03:1B:A1:F3:FD:46:C6:9E:A5:B3:20:8E:27:91:A1:7A
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/dIuysQMbofP9RsaepbMgjieRoXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:9000::/38
Signature Algorithm: sha256WithRSAEncryption
b0:ad:2f:38:d1:30:0f:66:4e:43:75:ab:2d:2d:96:1c:2d:87:
1b:79:72:8d:bb:4a:af:63:5c:9e:3e:b1:01:27:3b:bd:55:0f:
d8:ff:31:f2:b8:79:ec:9f:1a:5c:73:38:67:db:6d:8a:d5:52:
c2:bf:b5:ba:ff:21:27:d3:47:a9:13:b7:a1:93:10:42:a0:53:
54:cf:e0:05:98:5a:1e:8f:37:92:be:86:05:9d:11:12:0e:82:
7e:15:dc:f5:6f:d4:82:7b:3f:f2:b0:f4:58:d8:cf:6f:6c:1d:
c2:04:3c:aa:4c:4c:5f:57:92:3e:d1:93:2c:3b:6a:65:e0:bd:
8b:32:9e:1a:81:64:c7:3c:78:a1:19:b9:e6:ed:13:d6:23:2f:
19:2d:7f:0f:87:54:f3:3d:91:50:77:3b:41:14:e9:f0:32:a3:
4d:ce:ba:44:ae:e2:f4:40:52:91:52:10:f1:11:07:5d:d7:70:
32:52:22:59:87:ca:a5:7b:a2:80:5d:e6:2b:57:e4:15:fb:a8:
a3:53:35:94:52:78:e0:c3:0d:63:77:4b:e4:c7:fb:99:be:70:
6b:9a:5f:15:41:fb:fd:b2:77:63:70:be:85:63:26:41:2a:6d:
34:7b:73:b9:b1:54:56:e3:f6:fc:52:cd:66:6b:24:50:e8:31:
bd:ae:72:5f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvNIcxu2d8EyWmofTIwVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhiYjJiMTAzMWJhMWYzZmQ0NmM2OWVhNWIzMjA4ZTI3OTFhMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGeqHHanGp1M+Tppm42dOkviL59h
Vl7ttFNpYDPBCkKVOVHKzEili4Kjk6bBp9pYT8qlESPU+XUSPZOM61i1VN2D2iUM
JZslCwhIa931ew6OmGXD6+a5Bs5NP84WHoen2CiNgqCPBwvRznE8Z9mHlDae0H4p
I7UVRklsPkRz4+QGX9+GFUVhDtSJnZy50wDUxth2koK887tl8iDUP0qyr6K1D2ih
rvlSlISvfnOMozPG7eCDwD7Zspz99pXaQSJ84NgsAphOynjSy8ksGdb7om5CWSv4
m8jxy0Z2hC3ZhUBYK6FEvcdOWe+5p46DQ9smC6cQGBzFGwkA4bVXYWEcTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHSLsrEDG6Hz/UbGnqWzII4nkaF6MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvZEl1eXNRTWJvZlA5UnNhZXBiTWdqaWVSb1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmJAw
DQYJKoZIhvcNAQELBQADggEBALCtLzjRMA9mTkN1qy0tlhwthxt5co27Sq9jXJ4+
sQEnO71VD9j/MfK4eeyfGlxzOGfbbYrVUsK/tbr/ISfTR6kTt6GTEEKgU1TP4AWY
Wh6PN5K+hgWdERIOgn4V3PVv1IJ7P/Kw9FjYz29sHcIEPKpMTF9Xkj7Rkyw7amXg
vYsynhqBZMc8eKEZuebtE9YjLxktfw+HVPM9kVB3O0EU6fAyo03OukSu4vRAUpFS
EPERB13XcDJSIlmHyqV7ooBd5itX5BX7qKNTNZRSeODDDWN3S+TH+5m+cGuaXxVB
+/2yd2NwvoVjJkEqbTR7c7mxVFbj9vxSzWZrJFDoMb2ucl8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:19 2025 by rpki-client