Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/zAleiK_G-KUDU8YKFYQVcf1-sT0.roa
File: zAleiK_G-KUDU8YKFYQVcf1-sT0.roa (raw, json)
Hash identifier: scQE4tpOoIKLwikcB+6IzD1f2bJuvaapdskw8ixRLgQ=
Subject key identifier: CC:09:5E:88:AF:C6:F8:A5:03:53:C6:0A:15:84:15:71:FD:7E:B1:3D
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0193D445C5732089E5B5C11AA8C806EF4997
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/zAleiK_G-KUDU8YKFYQVcf1-sT0.roa
Signing time: Tue 17 Dec 2024 10:59:22 +0000
ROA not before: Tue 17 Dec 2024 10:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2a07:bdc1::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:45:c5:73:20:89:e5:b5:c1:1a:a8:c8:06:ef:49:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Dec 17 10:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc095e88afc6f8a50353c60a15841571fd7eb13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:37:fe:a5:49:38:0a:58:2c:0c:31:d2:a9:bd:
5e:75:0c:be:00:27:da:2e:35:9a:37:33:62:6e:16:
24:3d:8d:96:0b:5b:74:c8:9b:c6:9d:f1:3f:19:62:
47:1a:6b:cc:0a:28:85:88:8c:3c:39:18:43:b8:ca:
b7:36:bc:ff:2d:4c:69:44:01:90:cb:3e:a4:8c:18:
d6:10:22:2b:10:67:34:2b:ed:b0:87:5b:ac:05:15:
79:92:b6:60:88:6c:ee:c3:be:37:95:19:bc:08:60:
fc:41:96:34:71:8b:2b:77:f7:00:70:f3:6a:d5:76:
dc:dd:b2:20:76:69:56:0a:cc:4f:d5:57:0a:0e:2a:
53:a9:58:9e:b2:f8:24:91:6e:13:95:6a:b9:38:df:
2d:57:75:e4:69:39:0b:e4:13:fd:26:72:7b:ae:e4:
9b:f3:a5:86:d5:63:10:6d:7d:10:c2:0a:ea:12:33:
0d:bb:6e:c0:47:d6:69:eb:75:d9:0f:8a:64:b5:76:
be:89:59:d1:f8:2e:57:99:ce:31:e0:e6:45:b8:f2:
b8:4c:95:44:6a:6d:6f:5c:32:a5:91:16:20:74:df:
2b:8f:3c:23:66:e1:99:17:a9:54:d8:d2:53:18:d0:
ba:12:e4:58:77:47:22:f4:07:ce:d1:87:51:18:f4:
cb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:09:5E:88:AF:C6:F8:A5:03:53:C6:0A:15:84:15:71:FD:7E:B1:3D
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/zAleiK_G-KUDU8YKFYQVcf1-sT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bdc1::/32
Signature Algorithm: sha256WithRSAEncryption
23:d9:af:3e:8c:4a:24:54:bf:4d:19:06:df:43:8f:d0:30:27:
06:15:71:d9:cd:34:8a:22:0d:3a:49:4f:1f:aa:78:32:6c:e5:
1f:30:b3:e9:15:a4:53:88:2c:66:2c:dd:f3:13:4d:4d:2f:c9:
91:34:15:97:33:8a:d4:28:98:21:f0:13:fc:8d:e8:61:54:c9:
c6:f6:d7:97:68:e2:0d:98:6f:7b:95:c8:e7:c4:99:6a:f9:e0:
8e:50:cd:8e:a5:59:34:e9:9d:d3:a1:69:ca:6a:bd:45:33:9e:
ea:a1:e4:ea:17:25:a1:07:e0:64:e3:84:39:91:cc:6b:df:2e:
2d:c5:6d:d1:7b:62:e1:f1:af:83:44:fa:e1:d4:e6:23:38:0b:
33:a6:34:f7:8c:b6:42:a6:b1:f5:44:b0:30:ce:7f:e7:ae:2d:
82:9e:d0:cc:a6:c2:f5:03:d7:de:48:3e:24:54:60:21:41:a9:
32:85:74:37:63:4b:16:4a:d0:1a:70:61:8c:37:72:d2:2c:54:
03:aa:70:7d:48:92:9d:e0:cb:81:12:b1:82:34:c1:d8:b8:2c:
2b:dd:53:01:b9:20:5d:ae:0f:4f:12:c0:64:d5:11:6f:15:84:
a8:51:5c:e0:bd:4e:7f:37:25:dc:48:de:63:58:c9:f5:ab:02:
5b:6d:d7:57
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPURcVzIInltcEaqMgG70mXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMjE3MTA1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA5NWU4OGFmYzZmOGE1MDM1M2M2MGExNTg0MTU3MWZkN2ViMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDf+pUk4ClgsDDHSqb1edQy+ACfa
LjWaNzNibhYkPY2WC1t0yJvGnfE/GWJHGmvMCiiFiIw8ORhDuMq3Nrz/LUxpRAGQ
yz6kjBjWECIrEGc0K+2wh1usBRV5krZgiGzuw743lRm8CGD8QZY0cYsrd/cAcPNq
1Xbc3bIgdmlWCsxP1VcKDipTqViesvgkkW4TlWq5ON8tV3XkaTkL5BP9JnJ7ruSb
86WG1WMQbX0QwgrqEjMNu27AR9Zp63XZD4pktXa+iVnR+C5Xmc4x4OZFuPK4TJVE
am1vXDKlkRYgdN8rjzwjZuGZF6lU2NJTGNC6EuRYd0ci9AfO0YdRGPTLfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMwJXoivxvilA1PGChWEFXH9frE9MB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvekFsZWlLX0ctS1VEVThZS0ZZUVZjZjEtc1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKge9wTAN
BgkqhkiG9w0BAQsFAAOCAQEAI9mvPoxKJFS/TRkG30OP0DAnBhVx2c00iiINOklP
H6p4MmzlHzCz6RWkU4gsZizd8xNNTS/JkTQVlzOK1CiYIfAT/I3oYVTJxvbXl2ji
DZhve5XI58SZavngjlDNjqVZNOmd06Fpymq9RTOe6qHk6hcloQfgZOOEOZHMa98u
LcVt0Xti4fGvg0T64dTmIzgLM6Y094y2Qqax9USwMM5/564tgp7QzKbC9QPX3kg+
JFRgIUGpMoV0N2NLFkrQGnBhjDdy0ixUA6pwfUiSneDLgRKxgjTB2LgsK91TAbkg
Xa4PTxLAZNURbxWEqFFc4L1Ofzcl3EjeY1jJ9asCW23XVw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:39:43 2025 by rpki-client