Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/rASLcQ822VhrCyx2MjjshcQ7od0.roa
File: rASLcQ822VhrCyx2MjjshcQ7od0.roa (raw, json)
Hash identifier: y6CvlcklNwAy9VDTdfiYS/Ym0k48JdlZhMBhwvcNu0w=
Subject key identifier: AC:04:8B:71:0F:36:D9:58:6B:0B:2C:76:32:38:EC:85:C4:3B:A1:DD
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0193AF328034A8224BC76EBEFE7908C33257
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/rASLcQ822VhrCyx2MjjshcQ7od0.roa
Signing time: Tue 10 Dec 2024 06:12:22 +0000
ROA not before: Tue 10 Dec 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a07:bdc1::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Dec 2024 10:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:32:80:34:a8:22:4b:c7:6e:be:fe:79:08:c3:32:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Dec 10 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac048b710f36d9586b0b2c763238ec85c43ba1dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ff:5c:9f:6d:2a:3f:76:d1:24:d9:00:58:42:
f2:c1:f5:54:12:44:18:e4:24:d5:97:89:1f:1d:01:
41:47:2d:0e:6e:82:17:24:96:bd:2d:d6:43:8d:98:
d7:63:47:ee:3f:9b:61:1b:b8:69:3f:d5:39:be:9a:
fc:04:cb:07:f5:0d:01:2d:c7:5b:39:ff:73:0f:6b:
0c:9e:72:c0:c1:3f:2a:af:0f:f7:57:67:47:17:c7:
1c:c8:ab:30:e1:06:2a:5d:fe:ac:ab:07:a5:b0:a4:
88:88:d6:f9:c0:9c:92:97:b3:b5:18:b6:65:17:c1:
4e:8d:d4:cc:42:4b:c4:be:50:53:af:8a:db:70:8c:
64:c4:e7:54:a6:f4:41:5f:c6:69:de:bb:b8:4e:de:
40:8a:32:27:70:39:e7:56:30:d3:c5:9e:a3:03:0b:
fc:0c:63:aa:b4:5a:e7:21:96:82:6a:c8:75:cd:73:
23:64:1e:7e:1d:36:12:f3:3f:1c:4c:67:67:f0:42:
8b:05:4d:fa:32:ef:5a:36:a0:c1:0d:f7:d3:04:f1:
fa:9e:97:21:c0:26:0b:d4:65:3b:65:8a:d4:7b:54:
87:91:61:68:d0:39:28:7c:48:00:16:24:e5:45:5e:
ac:5d:25:e9:b8:c1:bf:79:36:a0:eb:ef:29:69:a4:
35:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:04:8B:71:0F:36:D9:58:6B:0B:2C:76:32:38:EC:85:C4:3B:A1:DD
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/rASLcQ822VhrCyx2MjjshcQ7od0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bdc1::/32
Signature Algorithm: sha256WithRSAEncryption
09:d0:1e:9e:8c:ef:54:ec:f6:83:86:2d:ac:bc:06:46:a1:4a:
db:99:86:19:39:0d:b5:6a:8f:a9:8f:3a:12:d8:17:5e:1c:03:
1b:bc:6d:36:6a:17:20:bc:f9:90:b9:8d:7d:f1:c9:84:43:ca:
40:5d:1b:4d:89:0c:f0:fe:06:3d:d8:39:de:1e:26:ce:e8:cd:
82:b4:cb:8f:f9:fd:09:f5:aa:a6:b7:68:59:03:04:5b:9c:dc:
bb:10:76:bc:70:de:3b:39:0f:1f:65:5a:6f:88:77:7e:ec:40:
ad:d0:22:60:2d:33:ae:e2:07:8e:1c:b8:9d:b8:93:97:97:b3:
be:e7:89:ae:cd:e9:02:d0:58:1b:40:f9:ab:25:5a:1c:dd:84:
83:88:35:c7:fd:29:a1:9c:fe:71:2c:5a:79:f7:79:eb:42:f5:
51:bb:2a:08:11:09:4b:da:7e:91:a1:e6:c0:f1:0b:73:ed:a4:
14:b3:58:5d:dd:c3:78:ad:df:30:de:7b:33:15:c5:82:74:d8:
57:81:d7:58:5a:4a:77:17:f0:d9:ff:15:2f:85:32:ff:ab:85:
1e:d8:bc:6e:1e:be:75:00:69:e3:eb:53:ab:82:92:30:51:05:
a4:95:ef:95:10:ff:85:1d:c2:ad:ac:30:75:f6:3e:76:87:94:
dc:df:57:ff
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOvMoA0qCJLx26+/nkIwzJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMjEwMDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzA0OGI3MTBmMzZkOTU4NmIwYjJjNzYzMjM4ZWM4NWM0M2JhMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/9cn20qP3bRJNkAWELywfVUEkQY
5CTVl4kfHQFBRy0OboIXJJa9LdZDjZjXY0fuP5thG7hpP9U5vpr8BMsH9Q0BLcdb
Of9zD2sMnnLAwT8qrw/3V2dHF8ccyKsw4QYqXf6sqwelsKSIiNb5wJySl7O1GLZl
F8FOjdTMQkvEvlBTr4rbcIxkxOdUpvRBX8Zp3ru4Tt5AijIncDnnVjDTxZ6jAwv8
DGOqtFrnIZaCash1zXMjZB5+HTYS8z8cTGdn8EKLBU36Mu9aNqDBDffTBPH6npch
wCYL1GU7ZYrUe1SHkWFo0DkofEgAFiTlRV6sXSXpuMG/eTag6+8paaQ1hQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKwEi3EPNtlYawssdjI47IXEO6HdMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvckFTTGNRODIyVmhyQ3l4Mk1qanNoY1E3b2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKge9wTAN
BgkqhkiG9w0BAQsFAAOCAQEACdAenozvVOz2g4YtrLwGRqFK25mGGTkNtWqPqY86
EtgXXhwDG7xtNmoXILz5kLmNffHJhEPKQF0bTYkM8P4GPdg53h4mzujNgrTLj/n9
CfWqprdoWQMEW5zcuxB2vHDeOzkPH2Vab4h3fuxArdAiYC0zruIHjhy4nbiTl5ez
vueJrs3pAtBYG0D5qyVaHN2Eg4g1x/0poZz+cSxaefd560L1UbsqCBEJS9p+kaHm
wPELc+2kFLNYXd3DeK3fMN57MxXFgnTYV4HXWFpKdxfw2f8VL4Uy/6uFHti8bh6+
dQBp4+tTq4KSMFEFpJXvlRD/hR3CrawwdfY+doeU3N9X/w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:40 2025 by rpki-client