Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ie4mfeZI3rRPfBxRH7Mf7R_c3AA.roa
File: ie4mfeZI3rRPfBxRH7Mf7R_c3AA.roa (raw, json)
Hash identifier: GCyzuA2y+luJED9rYA1mq4v1FJ6xb/nPE0xK+pkn/nw=
Subject key identifier: 89:EE:26:7D:E6:48:DE:B4:4F:7C:1C:51:1F:B3:1F:ED:1F:DC:DC:00
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42567D3B7B50FFF0A136546C7D7DF2B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ie4mfeZI3rRPfBxRH7Mf7R_c3AA.roa
Signing time: Mon 01 Jan 2024 08:30:34 +0000
ROA not before: Mon 01 Jan 2024 08:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205036
IP address blocks: 2a0b:b87:ffe2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:67:d3:b7:b5:0f:ff:0a:13:65:46:c7:d7:df:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89ee267de648deb44f7c1c511fb31fed1fdcdc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:e6:2d:22:76:9a:88:f6:e1:f4:9e:72:8a:
65:7d:82:30:5c:37:fd:37:37:d0:35:7a:dc:d6:8a:
c6:77:dc:3d:a8:60:fb:01:82:1d:45:52:ca:80:d4:
85:70:0a:b0:02:34:38:e9:6f:0b:2e:5d:51:ef:08:
79:51:a1:f1:ca:4e:3a:38:fa:e3:f9:f4:99:c0:0c:
60:f8:81:8e:51:4b:1f:61:4b:8e:de:05:4a:c8:62:
8d:88:c4:4a:cc:14:ed:86:38:80:5e:0e:10:b1:a1:
05:18:32:b7:1e:ab:49:4e:3a:d5:88:c3:e2:d7:01:
cb:7d:c2:83:54:df:ef:23:5a:2d:22:6d:9f:f8:85:
dc:2a:b5:b3:6c:50:5f:ae:ae:34:95:62:28:56:fb:
e9:0b:22:9f:25:15:f4:00:32:7a:6c:8b:85:77:50:
d9:5f:56:d4:fa:4d:0a:7b:04:91:01:47:f8:07:65:
e0:e8:82:83:3a:b3:14:7f:b0:54:30:36:5d:8e:33:
28:64:89:7c:08:f5:ee:d9:e2:1d:0a:d8:70:77:64:
6b:2a:23:15:88:db:46:17:a0:ed:13:d3:f4:ae:2c:
ea:78:05:9f:35:c5:09:bf:32:36:af:83:2a:24:0d:
17:3d:6e:17:62:eb:50:c3:a1:f5:79:37:07:42:2a:
14:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EE:26:7D:E6:48:DE:B4:4F:7C:1C:51:1F:B3:1F:ED:1F:DC:DC:00
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ie4mfeZI3rRPfBxRH7Mf7R_c3AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe2::/48
Signature Algorithm: sha256WithRSAEncryption
c7:ed:a2:7d:a7:21:fa:91:cd:a7:e8:f0:42:ed:15:ad:1d:48:
5b:a4:a0:fe:fe:a4:af:e7:5d:4c:ff:92:42:05:0c:f2:91:4b:
6b:04:eb:3b:db:55:51:80:d8:e7:be:83:11:2f:be:af:b7:b1:
b9:89:c6:f8:44:d9:9a:d6:15:f9:5b:3c:10:f7:a8:9a:d5:d1:
3d:c7:87:b0:7a:9b:69:ea:42:79:81:c7:5e:c0:e1:65:35:46:
93:1d:e7:cc:d1:5f:93:e7:2a:80:40:51:ac:31:10:8c:97:ea:
ff:e1:90:cd:47:eb:94:32:f5:fd:9f:a6:a6:b6:56:5a:ed:e5:
cd:ff:b4:0e:99:76:29:1f:d6:af:80:f9:3d:cc:f0:9f:d2:5e:
4f:76:49:99:97:d5:ad:f8:88:fe:62:4e:2c:ba:1f:71:13:a2:
fb:ba:57:61:9a:42:b8:f5:0f:0d:ed:dd:ea:7d:a7:6b:94:c4:
fd:60:a8:a4:3c:aa:f8:83:92:25:c6:93:b3:eb:4d:a6:7b:ed:
34:d2:03:cb:cf:ea:96:2c:6f:62:8a:94:97:6d:71:26:a9:08:
37:02:05:dd:58:e3:e1:f3:23:87:db:2a:5b:b5:ed:c9:d3:a5:
d1:fc:46:5a:dc:f5:83:c1:13:49:38:38:21:4b:78:f5:5f:90:
e9:90:25:5d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJWfTt7UP/woTZUbH198rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWVlMjY3ZGU2NDhkZWI0NGY3YzFjNTExZmIzMWZlZDFmZGNkYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluDmLSJ2moj24fSecoplfYIwXDf9
NzfQNXrc1orGd9w9qGD7AYIdRVLKgNSFcAqwAjQ46W8LLl1R7wh5UaHxyk46OPrj
+fSZwAxg+IGOUUsfYUuO3gVKyGKNiMRKzBTthjiAXg4QsaEFGDK3HqtJTjrViMPi
1wHLfcKDVN/vI1otIm2f+IXcKrWzbFBfrq40lWIoVvvpCyKfJRX0ADJ6bIuFd1DZ
X1bU+k0KewSRAUf4B2Xg6IKDOrMUf7BUMDZdjjMoZIl8CPXu2eIdCthwd2RrKiMV
iNtGF6DtE9P0rizqeAWfNcUJvzI2r4MqJA0XPW4XYutQw6H1eTcHQioU/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFInuJn3mSN60T3wcUR+zH+0f3NwAMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvaWU0bWZlWkkzclJQZkJ4Ukg3TWY3Ul9jM0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//i
MA0GCSqGSIb3DQEBCwUAA4IBAQDH7aJ9pyH6kc2n6PBC7RWtHUhbpKD+/qSv511M
/5JCBQzykUtrBOs721VRgNjnvoMRL76vt7G5icb4RNma1hX5WzwQ96ia1dE9x4ew
eptp6kJ5gcdewOFlNUaTHefM0V+T5yqAQFGsMRCMl+r/4ZDNR+uUMvX9n6amtlZa
7eXN/7QOmXYpH9avgPk9zPCf0l5PdkmZl9Wt+Ij+Yk4suh9xE6L7uldhmkK49Q8N
7d3qfadrlMT9YKikPKr4g5IlxpOz602me+000gPLz+qWLG9iipSXbXEmqQg3AgXd
WOPh8yOH2ypbte3J06XR/EZa3PWDwRNJODghS3j1X5DpkCVd
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:33 2025 by rpki-client