Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/naI5cl6zKph4r1Mp_Li0wdMo8kY.roa
File: naI5cl6zKph4r1Mp_Li0wdMo8kY.roa (raw, json)
Hash identifier: j/RnJFw97tKv+zMCbjJZHXcTHB1HVFNEXjLDWBi3Pj0=
Subject key identifier: 9D:A2:39:72:5E:B3:2A:98:78:AF:53:29:FC:B8:B4:C1:D3:28:F2:46
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCE50165BA093710AD35B1E9AA526E
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/naI5cl6zKph4r1Mp_Li0wdMo8kY.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211221
IP address blocks: 2a02:2698:7600::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e5:01:65:ba:09:37:10:ad:35:b1:e9:aa:52:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da239725eb32a9878af5329fcb8b4c1d328f246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:83:b0:e8:a5:29:ae:fe:13:35:a5:ca:83:26:
fc:bc:dc:92:f4:48:99:8c:aa:68:45:87:fd:ba:a4:
a2:eb:4e:be:22:e7:b5:9f:46:d8:4a:6d:0b:6e:3c:
f4:5a:7f:51:72:54:f5:71:a2:2f:d7:0b:d9:69:17:
34:5b:66:29:ce:48:5c:b4:75:7f:4d:1b:15:d6:ef:
5b:6b:d0:aa:3d:97:f4:23:a9:de:fc:f2:64:a3:6e:
fe:d3:b1:e0:c2:62:ad:a9:af:e2:b2:27:1c:ee:08:
b1:e0:8f:a3:e2:e7:5c:ee:d1:3f:26:42:0b:b6:c6:
2b:d0:63:9e:f5:0f:c0:ae:93:f2:11:de:fa:bb:9b:
44:08:51:8c:0e:03:b5:4b:30:ae:de:ea:04:82:7f:
8f:2e:44:17:1e:0c:45:b2:39:de:69:12:ed:bd:3d:
ac:63:8f:9b:04:75:53:8c:96:34:f6:dc:c9:19:b9:
47:eb:f3:4c:24:a6:8e:59:3f:00:a8:f9:ee:77:19:
5f:f0:bd:cb:77:b3:05:ac:75:ed:f2:d3:c1:15:18:
2c:43:ab:95:a3:72:1b:2f:99:48:b4:32:b6:5d:72:
7b:49:e3:91:6b:0e:81:8d:f7:31:96:7d:ab:92:e6:
82:52:e5:5f:8d:37:a4:77:42:a1:f4:69:1f:3b:15:
a9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A2:39:72:5E:B3:2A:98:78:AF:53:29:FC:B8:B4:C1:D3:28:F2:46
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/naI5cl6zKph4r1Mp_Li0wdMo8kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7600::/48
Signature Algorithm: sha256WithRSAEncryption
57:53:2b:4f:fc:d2:04:8c:0a:2b:17:e7:52:3f:ed:a4:fa:d3:
99:8c:ee:96:0d:12:b0:8d:1a:86:70:ff:5d:68:6f:e3:cc:87:
e4:55:e1:02:0f:ea:32:b3:00:97:06:6c:e2:35:35:19:ba:4b:
14:09:ad:6a:e1:5b:02:bc:0a:62:40:b2:e8:ad:dc:45:07:7d:
0b:1e:77:2e:c9:07:b3:62:e1:e1:db:6d:cf:99:65:f8:81:10:
d3:18:7b:06:f8:60:08:e7:eb:51:a0:df:81:37:9a:53:44:02:
bc:52:bf:c5:81:47:0f:ae:0d:ee:84:21:1b:5c:f0:35:25:41:
cc:fe:6c:3d:c9:8b:90:08:fd:a7:6e:a8:7a:80:64:46:4f:a9:
b9:b5:d6:a0:b1:aa:f8:1e:17:ba:bb:98:73:26:14:70:36:c0:
26:31:3a:92:55:3d:99:28:ee:d0:84:4d:8f:de:11:0d:c0:75:
50:63:82:9b:73:bf:32:ce:b6:04:b2:c3:b7:37:5b:a4:95:dd:
ca:52:3e:2f:5c:bb:36:93:42:e9:f2:a3:4a:7b:c8:e6:b0:77:
3f:e7:e1:0c:d4:25:20:a4:11:f1:88:40:8f:e7:b2:6e:89:de:
f9:3a:c0:49:6a:e5:76:97:e3:9a:76:65:d5:65:81:af:60:1d:
52:80:82:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOUBZboJNxCtNbHpqlJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEyMzk3MjVlYjMyYTk4NzhhZjUzMjlmY2I4YjRjMWQzMjhmMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oOw6KUprv4TNaXKgyb8vNyS9EiZ
jKpoRYf9uqSi606+Iue1n0bYSm0Lbjz0Wn9RclT1caIv1wvZaRc0W2YpzkhctHV/
TRsV1u9ba9CqPZf0I6ne/PJko27+07HgwmKtqa/isicc7gix4I+j4udc7tE/JkIL
tsYr0GOe9Q/ArpPyEd76u5tECFGMDgO1SzCu3uoEgn+PLkQXHgxFsjneaRLtvT2s
Y4+bBHVTjJY09tzJGblH6/NMJKaOWT8AqPnudxlf8L3Ld7MFrHXt8tPBFRgsQ6uV
o3IbL5lItDK2XXJ7SeORaw6Bjfcxln2rkuaCUuVfjTekd0Kh9GkfOxWp0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ2iOXJesyqYeK9TKfy4tMHTKPJGMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvbmFJNWNsNnpLcGg0cjFNcF9MaTB3ZE1vOGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgImmHYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXUytP/NIEjAorF+dSP+2k+tOZjO6WDRKwjRqG
cP9daG/jzIfkVeECD+oyswCXBmziNTUZuksUCa1q4VsCvApiQLLordxFB30LHncu
yQezYuHh223PmWX4gRDTGHsG+GAI5+tRoN+BN5pTRAK8Ur/FgUcPrg3uhCEbXPA1
JUHM/mw9yYuQCP2nbqh6gGRGT6m5tdagsar4Hhe6u5hzJhRwNsAmMTqSVT2ZKO7Q
hE2P3hENwHVQY4Kbc78yzrYEssO3N1ukld3KUj4vXLs2k0Lp8qNKe8jmsHc/5+EM
1CUgpBHxiECP57Juid75OsBJauV2l+OadmXVZYGvYB1SgIK8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:10 2025 by rpki-client