Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O6bMXB6HjQ3ABxhqeb5YwJU2hbU.roa
File: O6bMXB6HjQ3ABxhqeb5YwJU2hbU.roa (raw, json)
Hash identifier: 9W5QO/aPALKvLVh1Kl0oI/cb8BqQJkWN36rqRS8uUO0=
Subject key identifier: 3B:A6:CC:5C:1E:87:8D:0D:C0:07:18:6A:79:BE:58:C0:95:36:85:B5
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42558DF8D65F278F64C477BC9D47C79
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O6bMXB6HjQ3ABxhqeb5YwJU2hbU.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 2a0b:b87:ffd1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:58:df:8d:65:f2:78:f6:4c:47:7b:c9:d4:7c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ba6cc5c1e878d0dc007186a79be58c0953685b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:86:ae:96:3a:7f:92:89:ef:73:03:07:cc:75:
63:a2:a0:91:47:e0:28:95:81:79:01:e4:9d:a7:a0:
25:63:46:fc:13:23:3a:2c:85:cd:05:51:34:a3:05:
2a:e0:e5:fd:f5:e5:f6:dc:54:4e:26:f4:55:ea:14:
86:38:b2:35:4c:6f:a2:62:45:b2:27:18:7a:10:64:
7a:6c:bf:23:66:f2:e7:e0:7c:8d:30:8e:5e:97:58:
72:19:ae:7b:1a:d8:05:d5:0c:6c:5a:11:3c:ed:8b:
d7:61:84:90:c3:f4:ed:65:9c:25:0e:74:12:50:e8:
17:6b:bf:6d:d6:da:e5:a8:d9:45:19:f6:9e:df:39:
12:5b:78:e8:59:bb:c9:1f:d1:31:79:b8:51:d9:ab:
8a:fc:fa:30:01:0a:8a:0a:5f:b4:55:13:1e:4d:97:
a3:50:7f:a9:a9:b9:13:ed:06:d0:d5:ff:a4:45:96:
2b:2c:81:99:e0:73:05:2e:f6:c7:61:73:82:91:b0:
04:ae:97:56:92:b4:02:2e:1f:24:3f:7b:45:0e:1d:
4a:27:03:f8:13:e3:b0:f1:40:78:d0:f2:66:74:0a:
84:79:71:a4:7c:35:35:92:b5:d8:7f:47:40:24:9a:
48:4d:31:76:73:49:63:12:5c:e6:08:4f:99:5d:6c:
e6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A6:CC:5C:1E:87:8D:0D:C0:07:18:6A:79:BE:58:C0:95:36:85:B5
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/O6bMXB6HjQ3ABxhqeb5YwJU2hbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffd1::/48
Signature Algorithm: sha256WithRSAEncryption
0c:9c:6f:73:41:bb:21:be:a2:ce:29:e2:48:4f:c5:ac:ec:9c:
1d:30:b2:14:26:3f:7d:74:f5:12:4e:7d:07:d3:7a:0b:c9:52:
5f:a6:7c:13:05:c5:81:fc:d4:4d:4a:7c:a2:9c:7f:9a:8f:04:
ab:e2:a7:56:03:ff:5d:32:87:90:05:2c:18:4b:43:f4:4e:79:
45:f7:84:7c:7d:20:d8:47:e5:17:94:5f:85:76:43:24:3d:de:
08:44:87:d1:d5:82:47:28:6b:3a:93:cd:07:1e:31:f3:8e:08:
80:12:89:25:78:16:71:53:88:29:6f:8a:a6:fa:ac:88:e4:bb:
99:0f:34:a2:f5:21:2a:b4:fe:73:af:20:e7:a4:e5:04:8c:15:
f7:b4:89:9e:36:52:b5:ff:55:c5:af:e6:fa:94:a3:4e:88:4c:
dd:46:e0:fb:56:06:05:00:27:cd:f5:15:44:5e:fd:7f:1a:a3:
19:38:67:48:97:4a:64:75:aa:85:64:fa:39:35:bb:7a:4e:11:
8b:df:5a:9f:f5:b9:29:6b:94:f0:4f:68:e9:35:e2:78:ac:54:
03:79:2c:ee:0e:94:a0:6d:f1:47:e2:84:60:3c:e6:a9:c2:9f:
5c:b8:7d:1d:c1:5c:c0:5a:e4:20:68:f7:01:f7:0a:23:eb:24:
af:25:bb:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJVjfjWXyePZMR3vJ1Hx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE2Y2M1YzFlODc4ZDBkYzAwNzE4NmE3OWJlNThjMDk1MzY4NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4auljp/konvcwMHzHVjoqCRR+Ao
lYF5AeSdp6AlY0b8EyM6LIXNBVE0owUq4OX99eX23FROJvRV6hSGOLI1TG+iYkWy
Jxh6EGR6bL8jZvLn4HyNMI5el1hyGa57GtgF1QxsWhE87YvXYYSQw/TtZZwlDnQS
UOgXa79t1trlqNlFGfae3zkSW3joWbvJH9ExebhR2auK/PowAQqKCl+0VRMeTZej
UH+pqbkT7QbQ1f+kRZYrLIGZ4HMFLvbHYXOCkbAErpdWkrQCLh8kP3tFDh1KJwP4
E+Ow8UB40PJmdAqEeXGkfDU1krXYf0dAJJpITTF2c0ljElzmCE+ZXWzmmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDumzFweh40NwAcYanm+WMCVNoW1MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTzZiTVhCNkhqUTNBQnhocWViNVl3SlUyaGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//R
MA0GCSqGSIb3DQEBCwUAA4IBAQAMnG9zQbshvqLOKeJIT8Ws7JwdMLIUJj99dPUS
Tn0H03oLyVJfpnwTBcWB/NRNSnyinH+ajwSr4qdWA/9dMoeQBSwYS0P0TnlF94R8
fSDYR+UXlF+FdkMkPd4IRIfR1YJHKGs6k80HHjHzjgiAEokleBZxU4gpb4qm+qyI
5LuZDzSi9SEqtP5zryDnpOUEjBX3tImeNlK1/1XFr+b6lKNOiEzdRuD7VgYFACfN
9RVEXv1/GqMZOGdIl0pkdaqFZPo5Nbt6ThGL31qf9bkpa5TwT2jpNeJ4rFQDeSzu
DpSgbfFH4oRgPOapwp9cuH0dwVzAWuQgaPcB9woj6ySvJbvx
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:58 2025 by rpki-client