Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/gA5ufNfy6aAtQLo5xisFpgjmmIA.roa
File: gA5ufNfy6aAtQLo5xisFpgjmmIA.roa (raw, json)
Hash identifier: lCTpbMWUn/qlWUO71NRhxJtdGqLbfBQ56mZ+Vhr5GVU=
Subject key identifier: 80:0E:6E:7C:D7:F2:E9:A0:2D:40:BA:39:C6:2B:05:A6:08:E6:98:80
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 018CC8023DE5FC12475BDF2F6B0D83C2109A
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/gA5ufNfy6aAtQLo5xisFpgjmmIA.roa
Signing time: Tue 02 Jan 2024 02:30:39 +0000
ROA not before: Tue 02 Jan 2024 02:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210004
IP address blocks: 194.0.5.0/24 maxlen: 24
2001:678:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:3d:e5:fc:12:47:5b:df:2f:6b:0d:83:c2:10:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 2 02:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=800e6e7cd7f2e9a02d40ba39c62b05a608e69880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ac:e0:72:77:7e:d5:be:3a:58:44:28:0c:d7:
84:2d:04:1e:75:1b:07:46:7b:8f:5c:84:3b:7b:4b:
4a:ca:6d:47:67:58:13:9a:24:4f:b3:4a:11:54:3a:
50:0a:37:64:64:09:8c:4e:46:8c:de:d1:6f:e5:84:
f9:4c:eb:c1:93:bc:3c:52:3b:af:a7:d3:b2:78:51:
99:2b:17:53:46:a8:81:ca:1a:1d:fe:60:b2:d5:21:
66:2c:0e:a1:8f:02:c1:b0:0f:44:d2:12:3b:34:f4:
e0:51:1b:ab:d9:16:be:f4:fe:dc:18:77:a9:9f:8f:
e3:fe:97:77:95:1a:ca:6d:b9:e6:27:5e:6d:71:82:
8f:7d:5c:d1:ce:35:75:62:95:00:6b:ea:e7:94:f4:
1f:b0:eb:a1:cf:0f:e2:22:93:78:25:ac:5e:cc:c9:
4d:b3:b2:15:2c:79:ef:c7:c5:2f:18:65:59:84:dc:
eb:a2:a3:fb:30:12:e6:17:3e:fa:72:9c:b0:e0:a6:
62:84:4e:f9:12:ac:dd:a3:4f:17:05:f3:0b:99:03:
39:52:51:33:66:ba:ed:fe:49:a3:89:14:49:fe:af:
40:f3:14:bf:fc:74:ae:e9:12:e0:f9:a2:b9:e9:12:
8f:27:ef:88:0b:08:92:8d:55:cf:77:1e:9d:f2:be:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0E:6E:7C:D7:F2:E9:A0:2D:40:BA:39:C6:2B:05:A6:08:E6:98:80
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/gA5ufNfy6aAtQLo5xisFpgjmmIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.5.0/24
IPv6:
2001:678:8::/48
Signature Algorithm: sha256WithRSAEncryption
aa:eb:63:76:7e:67:91:1a:e6:7c:07:3e:a8:e6:94:6a:15:3d:
7e:fc:17:34:f3:d0:0f:56:2f:f2:3b:17:1b:53:4b:56:2c:5e:
ab:2f:04:e6:dd:87:b3:a9:07:2c:06:12:e0:20:fa:e2:76:74:
a0:38:dd:70:35:ce:98:69:59:60:32:fe:98:c0:f8:bc:7f:c3:
9d:95:12:00:99:84:1f:ca:0a:db:34:52:2e:4b:94:9b:a2:db:
45:eb:f9:87:87:32:77:2a:96:6e:a9:c8:e7:5b:29:06:78:48:
cf:5f:17:0d:6b:7c:ec:f8:58:01:fb:64:00:a3:58:73:29:a8:
d2:ac:4f:d6:a3:2c:fc:c3:20:62:8a:5d:4d:5b:52:3b:42:20:
7e:4d:66:2d:80:cc:e7:32:7b:cb:b6:5d:d2:99:e8:a8:01:41:
da:e3:af:2d:d8:d8:89:bd:4d:74:53:2d:31:16:36:a8:ec:63:
ac:3c:95:a0:7b:99:50:66:5c:78:a4:4c:ef:f0:2f:e2:7c:d1:
c5:19:41:89:82:23:7d:53:c9:ab:b8:35:f0:ab:10:78:e8:ed:
02:cc:1d:fb:fc:3e:07:19:02:05:14:1b:4d:df:da:b0:16:37:
fe:cc:f7:06:ac:67:9e:49:fe:38:27:ed:de:86:a0:22:8e:d7:
0a:41:8b:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAj3l/BJHW98vaw2DwhCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjQwMTAyMDIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBlNmU3Y2Q3ZjJlOWEwMmQ0MGJhMzljNjJiMDVhNjA4ZTY5ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlazgcnd+1b46WEQoDNeELQQedRsH
RnuPXIQ7e0tKym1HZ1gTmiRPs0oRVDpQCjdkZAmMTkaM3tFv5YT5TOvBk7w8Ujuv
p9OyeFGZKxdTRqiByhod/mCy1SFmLA6hjwLBsA9E0hI7NPTgURur2Ra+9P7cGHep
n4/j/pd3lRrKbbnmJ15tcYKPfVzRzjV1YpUAa+rnlPQfsOuhzw/iIpN4JaxezMlN
s7IVLHnvx8UvGGVZhNzroqP7MBLmFz76cpyw4KZihE75Eqzdo08XBfMLmQM5UlEz
Zrrt/kmjiRRJ/q9A8xS//HSu6RLg+aK56RKPJ++ICwiSjVXPdx6d8r7ALwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIAObnzX8umgLUC6OcYrBaYI5piAMB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvZ0E1dWZOZnk2YUF0UUxvNXhpc0ZwZ2ptbUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAFMA8E
AgACMAkDBwAgAQZ4AAgwDQYJKoZIhvcNAQELBQADggEBAKrrY3Z+Z5Ea5nwHPqjm
lGoVPX78FzTz0A9WL/I7FxtTS1YsXqsvBObdh7OpBywGEuAg+uJ2dKA43XA1zphp
WWAy/pjA+Lx/w52VEgCZhB/KCts0Ui5LlJui20Xr+YeHMncqlm6pyOdbKQZ4SM9f
Fw1rfOz4WAH7ZACjWHMpqNKsT9ajLPzDIGKKXU1bUjtCIH5NZi2AzOcye8u2XdKZ
6KgBQdrjry3Y2Im9TXRTLTEWNqjsY6w8laB7mVBmXHikTO/wL+J80cUZQYmCI31T
yau4NfCrEHjo7QLMHfv8PgcZAgUUG03f2rAWN/7M9wasZ55J/jgn7d6GoCKO1wpB
ixM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 17:07:31 2025 by rpki-client