Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h45iQ2E060j7qrzDcDgFjqQGVj8.roa
File: h45iQ2E060j7qrzDcDgFjqQGVj8.roa (raw, json)
Hash identifier: hFP6fvKxqKWml/CGuezJLhLIWbxjNZ4utAvL0GKtkwQ=
Subject key identifier: 87:8E:62:43:61:34:EB:48:FB:AA:BC:C3:70:38:05:8E:A4:06:56:3F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747D5355B086C0F5CED0D6DCDF1B17F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h45iQ2E060j7qrzDcDgFjqQGVj8.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50867
IP address blocks: 2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 24 Feb 2025 12:23:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d5:35:5b:08:6c:0f:5c:ed:0d:6d:cd:f1:b1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=878e62436134eb48fbaabcc37038058ea406563f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:15:b6:07:67:78:4f:cd:2c:2d:d9:d6:04:cd:
45:11:c1:f5:42:16:98:25:c7:e3:42:9d:76:64:28:
fe:cd:5b:75:3d:f4:ae:a4:ff:14:5f:3e:35:59:14:
3e:0f:78:b1:fe:d9:1b:a2:ab:dc:f9:17:f0:8b:d8:
16:fb:d1:b7:ec:6e:2f:c0:a6:1a:22:4c:f7:fe:4a:
1f:56:55:70:3a:65:0f:7d:c1:fa:83:30:a4:2e:4e:
3a:e1:49:65:d2:02:8e:b1:70:be:37:53:68:2c:13:
9f:ea:17:e9:5a:69:d5:09:b0:a8:a7:ae:8e:3e:9f:
ca:fe:dd:70:b7:9c:6e:09:df:10:8e:47:21:e9:a1:
1e:6b:ba:b3:97:44:06:ec:e8:9a:d1:c3:1b:35:99:
cb:d7:89:11:ab:97:b3:23:27:a4:06:21:f7:46:d0:
a3:cb:17:2e:15:ae:f0:0c:3a:51:4d:a5:89:15:8e:
8b:7e:a9:95:ff:25:fe:8f:39:9a:dd:40:b4:c9:5c:
54:17:83:91:ca:2a:0d:08:46:f8:a3:29:da:be:ba:
8e:9e:6a:01:e8:ef:24:00:d6:2b:f8:4f:c4:6a:e1:
44:76:05:ce:92:15:4f:2c:8e:82:f6:60:fc:c9:56:
c9:e9:2d:97:a5:b5:37:11:b4:5a:dd:23:74:39:50:
47:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8E:62:43:61:34:EB:48:FB:AA:BC:C3:70:38:05:8E:A4:06:56:3F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/h45iQ2E060j7qrzDcDgFjqQGVj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:fff0::/44
2a0b:b87:ffc0::/44
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
Signature Algorithm: sha256WithRSAEncryption
61:72:6e:b2:68:cc:ff:96:6f:83:01:b1:7d:9e:90:b8:0f:50:
60:76:0b:3e:ba:30:cd:f8:bd:df:5c:95:d8:7f:18:9b:c4:6b:
71:14:82:54:78:ba:ea:25:35:d2:61:1a:1a:7d:c0:c0:b5:22:
5b:6a:1d:56:80:05:6c:67:ca:e7:c6:3a:79:57:48:28:bc:75:
94:88:01:a6:97:90:e3:7d:6d:ba:e5:9d:64:2e:2f:0a:72:4f:
cc:c0:59:c7:45:d8:51:68:d2:19:13:a5:30:16:4a:8f:e6:de:
f2:34:62:d6:fd:d2:32:e9:e0:eb:49:03:ab:c6:c6:20:77:b5:
e3:a2:9c:8c:8f:fa:32:ac:4c:92:36:2a:56:fc:c5:c6:69:7e:
92:05:b6:07:00:0b:82:84:e1:4a:3f:78:c2:48:a7:be:1d:6c:
81:c1:f0:47:18:cb:32:05:ce:4d:17:38:b1:07:58:0a:72:d7:
6d:30:d1:5e:0f:13:07:fa:8e:2f:1a:ff:4f:5b:6a:db:05:4c:
17:cd:e9:8b:ee:ad:72:95:6f:b5:d7:81:3c:00:4f:b7:10:15:
9b:d9:c5:31:90:b7:6f:a5:1f:29:17:cc:6e:a4:5a:38:53:ec:
fc:02:f1:9a:71:07:b2:80:ef:c1:38:fb:e4:f1:ce:17:f9:a0:
52:5e:e7:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnR9U1WwhsD1ztDW3N8bF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhlNjI0MzYxMzRlYjQ4ZmJhYWJjYzM3MDM4MDU4ZWE0MDY1NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBW2B2d4T80sLdnWBM1FEcH1QhaY
JcfjQp12ZCj+zVt1PfSupP8UXz41WRQ+D3ix/tkboqvc+Rfwi9gW+9G37G4vwKYa
Ikz3/kofVlVwOmUPfcH6gzCkLk464Ull0gKOsXC+N1NoLBOf6hfpWmnVCbCop66O
Pp/K/t1wt5xuCd8Qjkch6aEea7qzl0QG7Oia0cMbNZnL14kRq5ezIyekBiH3RtCj
yxcuFa7wDDpRTaWJFY6LfqmV/yX+jzma3UC0yVxUF4ORyioNCEb4oynavrqOnmoB
6O8kANYr+E/EauFEdgXOkhVPLI6C9mD8yVbJ6S2XpbU3EbRa3SN0OVBHzQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIeOYkNhNOtI+6q8w3A4BY6kBlY/MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvaDQ1aVEyRTA2MGo3cXJ6RGNEZ0ZqcVFHVmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKgsLhv/w
AwcEKgsLh//AAwcEKgtwhv/wAwcEKgtwh//wMA0GCSqGSIb3DQEBCwUAA4IBAQBh
cm6yaMz/lm+DAbF9npC4D1Bgdgs+ujDN+L3fXJXYfxibxGtxFIJUeLrqJTXSYRoa
fcDAtSJbah1WgAVsZ8rnxjp5V0govHWUiAGml5DjfW265Z1kLi8Kck/MwFnHRdhR
aNIZE6UwFkqP5t7yNGLW/dIy6eDrSQOrxsYgd7XjopyMj/oyrEySNipW/MXGaX6S
BbYHAAuChOFKP3jCSKe+HWyBwfBHGMsyBc5NFzixB1gKctdtMNFeDxMH+o4vGv9P
W2rbBUwXzemL7q1ylW+114E8AE+3EBWb2cUxkLdvpR8pF8xupFo4U+z8AvGacQey
gO/BOPvk8c4X+aBSXueL
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:13:38 2025 by rpki-client