Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1-q6Gx7_Jx0RNixfVCpKaDeY8lmo.roa
File: 1-q6Gx7_Jx0RNixfVCpKaDeY8lmo.roa (raw, json)
Hash identifier: oJlfwPWRmIAmSHoNmAWggqzgU1+wvYLox6YQ/PzNY+M=
Subject key identifier: FA:AE:86:C7:BF:C9:C7:44:4D:8B:17:D5:0A:92:9A:0D:E6:3C:96:6A
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC8013F2007AB4F1AE130C49A6E0A701C
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1-q6Gx7_Jx0RNixfVCpKaDeY8lmo.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398788
IP address blocks: 2a01:488:bb12::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3f:20:07:ab:4f:1a:e1:30:c4:9a:6e:0a:70:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faae86c7bfc9c7444d8b17d50a929a0de63c966a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:78:b0:9d:06:af:99:02:0b:5f:1a:58:e5:
c0:cf:18:4d:19:ec:da:dd:a9:7a:2f:f3:02:0e:f7:
b5:ab:b2:80:28:b4:08:8c:6d:99:10:9d:a9:2e:68:
ef:75:76:29:de:7b:be:65:35:99:8f:93:6a:84:4e:
1b:c1:67:ae:27:0c:77:b7:64:99:ff:76:d9:bc:97:
72:13:38:7c:67:44:ba:05:76:2e:93:a2:27:f0:21:
07:47:d7:26:2d:5d:0e:ae:02:57:44:49:13:0d:18:
64:8c:a7:90:75:bf:75:9d:3e:0c:92:70:37:96:ad:
75:39:3d:af:3e:1c:d9:dd:d2:9d:74:54:01:2a:17:
a3:87:b7:16:d0:e8:d1:97:27:93:92:92:06:a2:c2:
62:56:ee:77:0a:c9:47:85:ce:56:26:77:6a:97:b3:
29:86:21:9b:fb:b7:b4:42:7d:14:29:ad:36:37:9d:
8b:c1:cb:d0:21:6c:6c:2e:f1:a8:55:9e:a7:3a:31:
9d:a5:09:e7:3f:d8:54:45:63:21:be:23:0f:ee:e3:
83:fa:44:11:6e:00:6b:e2:97:1a:a3:6a:1e:ee:dc:
ae:9c:57:13:3c:12:7d:87:96:ad:0a:fd:9a:01:c7:
90:03:4e:b4:bd:63:d8:47:de:72:ca:b0:39:2b:b4:
46:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AE:86:C7:BF:C9:C7:44:4D:8B:17:D5:0A:92:9A:0D:E6:3C:96:6A
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/1-q6Gx7_Jx0RNixfVCpKaDeY8lmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb12::/48
Signature Algorithm: sha256WithRSAEncryption
95:1c:e2:4e:44:84:49:61:12:af:12:70:14:05:94:f8:0b:ad:
8b:5e:b8:20:bb:cc:5c:ac:52:4d:71:60:d8:1f:2f:b2:8b:20:
a1:b5:2c:22:5e:cc:27:03:59:75:15:14:7d:d4:84:19:0b:45:
99:82:2a:76:20:45:22:42:24:a3:f7:04:d4:72:02:7d:aa:1a:
1e:7b:fc:d4:b8:3d:46:d5:d8:3e:4f:42:3e:ac:be:22:13:1c:
98:cf:57:d8:23:0b:89:25:13:3f:ca:3f:89:b8:43:53:6a:54:
27:68:e7:17:e6:7d:a8:da:36:6b:da:45:56:98:9c:7f:f1:7f:
d0:87:cb:48:bd:79:da:4b:1c:92:89:75:4e:d6:5e:21:5d:be:
7f:ba:e4:1a:5a:de:05:31:a7:a7:51:0f:df:bd:3d:cd:99:4f:
74:d8:d1:50:56:75:4b:a6:cd:c5:9a:f6:94:28:0d:9c:44:41:
02:01:1d:77:ee:59:16:2e:6c:5a:76:be:00:1b:78:b7:63:69:
cf:40:a3:dd:8c:5c:85:be:6b:0f:d2:47:ca:da:8c:fc:0c:00:
f9:9f:10:d9:1c:a1:e7:19:e6:ac:1a:b7:a3:47:f3:41:52:2f:
d1:5f:15:af:38:87:4e:df:d1:6f:5d:47:eb:29:f3:83:ff:ea:
19:ee:df:37
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzIAT8gB6tPGuEwxJpuCnAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFlODZjN2JmYzljNzQ0NGQ4YjE3ZDUwYTkyOWEwZGU2M2M5NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Z4sJ0Gr5kCC18aWOXAzxhNGeza
3al6L/MCDve1q7KAKLQIjG2ZEJ2pLmjvdXYp3nu+ZTWZj5NqhE4bwWeuJwx3t2SZ
/3bZvJdyEzh8Z0S6BXYuk6In8CEHR9cmLV0OrgJXREkTDRhkjKeQdb91nT4MknA3
lq11OT2vPhzZ3dKddFQBKhejh7cW0OjRlyeTkpIGosJiVu53CslHhc5WJndql7Mp
hiGb+7e0Qn0UKa02N52LwcvQIWxsLvGoVZ6nOjGdpQnnP9hURWMhviMP7uOD+kQR
bgBr4pcao2oe7tyunFcTPBJ9h5atCv2aAceQA060vWPYR95yyrA5K7RG7QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPquhse/ycdETYsX1QqSmg3mPJZqMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvMS1xNkd4N19KeDBSTml4ZlZDcEthRGVZOGxtby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdk
MS8xL3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBIi7
EjANBgkqhkiG9w0BAQsFAAOCAQEAlRziTkSESWESrxJwFAWU+Auti164ILvMXKxS
TXFg2B8vsosgobUsIl7MJwNZdRUUfdSEGQtFmYIqdiBFIkIko/cE1HICfaoaHnv8
1Lg9RtXYPk9CPqy+IhMcmM9X2CMLiSUTP8o/ibhDU2pUJ2jnF+Z9qNo2a9pFVpic
f/F/0IfLSL152ksckol1TtZeIV2+f7rkGlreBTGnp1EP3709zZlPdNjRUFZ1S6bN
xZr2lCgNnERBAgEdd+5ZFi5sWna+ABt4t2Npz0Cj3Yxchb5rD9JHytqM/AwA+Z8Q
2Ryh5xnmrBq3o0fzQVIv0V8VrziHTt/Rb11H6ynzg//qGe7fNw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:55 2025 by rpki-client