Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/l_cY56pa6d0LmMIMvpFZH6Fq17k.roa
File: l_cY56pa6d0LmMIMvpFZH6Fq17k.roa (raw, json)
Hash identifier: oZAygx9nLBQOHY74hEhlXyxUEz61vCWUgXs+Fj/2WHM=
Subject key identifier: 97:F7:18:E7:AA:5A:E9:DD:0B:98:C2:0C:BE:91:59:1F:A1:6A:D7:B9
Certificate issuer: /CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Certificate serial: 019229DA59F7278B37EDE6508794CA2333F0
Authority key identifier: 3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/l_cY56pa6d0LmMIMvpFZH6Fq17k.roa
Signing time: Wed 25 Sep 2024 15:43:48 +0000
ROA not before: Wed 25 Sep 2024 15:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203343
IP address blocks: 2a0f:a5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Sep 2024 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:da:59:f7:27:8b:37:ed:e6:50:87:94:ca:23:33:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Validity
Not Before: Sep 25 15:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97f718e7aa5ae9dd0b98c20cbe91591fa16ad7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:04:5d:69:98:23:c1:32:57:ea:8b:ed:aa:93:
85:fd:72:c8:fe:f6:cb:62:40:53:be:c9:85:d3:ac:
c8:53:94:b0:49:55:26:20:80:c8:f2:be:89:1f:f0:
81:f3:87:49:86:c6:1a:ea:87:57:c8:3c:30:5d:63:
9d:2d:2d:7d:01:eb:32:19:b9:b6:86:70:54:33:c0:
6f:a0:f8:65:04:b5:8f:5d:61:21:d9:f1:87:1d:17:
17:b9:88:48:40:15:e2:c9:f4:8a:e6:3f:27:9a:2d:
0f:3d:91:65:b0:53:2a:c0:49:8c:72:39:ba:92:0e:
78:85:40:fe:3a:97:da:8e:ad:cf:fa:d7:28:ba:20:
57:9a:6a:0d:fe:97:33:ee:a2:5f:9d:91:28:74:55:
0c:65:15:4c:78:cc:f3:0c:ed:37:1a:fc:a4:86:34:
7c:aa:2d:a6:de:5b:a8:1c:59:37:80:97:d9:88:3a:
e7:4a:df:5c:87:16:6a:a4:3f:d0:eb:96:e2:0c:6d:
8c:7d:7a:b0:ce:9e:c6:ca:21:f6:6c:52:c8:8b:d7:
f2:5d:e6:23:81:61:01:4b:9e:50:84:a6:28:31:8d:
32:9e:71:30:fb:13:e7:e5:67:e5:c2:e6:65:1b:ae:
2c:99:f4:af:43:e1:62:4d:e4:f7:af:a0:50:6a:50:
bd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F7:18:E7:AA:5A:E9:DD:0B:98:C2:0C:BE:91:59:1F:A1:6A:D7:B9
X509v3 Authority Key Identifier:
keyid:3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/l_cY56pa6d0LmMIMvpFZH6Fq17k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a5c0::/32
Signature Algorithm: sha256WithRSAEncryption
95:b5:38:46:ef:d8:35:39:12:23:9f:a9:1d:ed:43:f0:c0:8d:
6d:ad:40:8b:ca:7d:f2:f4:95:99:eb:a8:ca:76:42:43:ba:42:
f9:df:3c:1d:18:d5:2f:2e:c0:82:6f:cd:fb:a0:6f:2e:9a:37:
47:89:c0:06:05:27:35:f0:e8:2e:13:6b:c5:58:f5:a1:70:45:
e1:42:5d:0e:36:f5:b8:55:76:aa:6c:32:fc:39:b3:5c:30:5e:
f9:5c:af:61:a7:e9:68:8b:db:2e:ba:97:37:b4:a0:9e:67:97:
6e:62:4a:eb:f4:dc:68:5b:aa:10:7e:36:78:31:e8:4d:d9:6c:
3c:72:13:b2:38:bc:e2:8d:5a:20:b8:45:a6:7a:79:df:59:bf:
24:b4:66:aa:3e:07:e3:af:7e:28:ad:f1:98:72:36:14:17:eb:
07:dd:3d:e8:dd:76:29:4d:28:65:21:fd:bd:77:74:1f:8c:79:
a2:d9:4c:d3:77:82:41:20:d9:c7:b7:40:e3:f0:66:bf:61:a6:
eb:6a:23:79:bd:29:2e:99:fe:b4:26:ce:cf:6b:27:85:7c:c9:
14:30:7b:07:ca:cb:72:c3:3e:47:65:3d:4f:77:0e:fd:a3:5f:
c6:3f:83:16:b9:c8:c5:2f:ca:7b:5a:6f:86:89:18:db:24:0a:
28:c6:00:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIp2ln3J4s37eZQh5TKIzPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMWM5MzhiYjIwNmEzODk2ZDA2NGMwODUyZmE5ODg1ZmYy
Y2ViZDkwHhcNMjQwOTI1MTU0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Y3MThlN2FhNWFlOWRkMGI5OGMyMGNiZTkxNTkxZmExNmFkN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwRdaZgjwTJX6ovtqpOF/XLI/vbL
YkBTvsmF06zIU5SwSVUmIIDI8r6JH/CB84dJhsYa6odXyDwwXWOdLS19AesyGbm2
hnBUM8BvoPhlBLWPXWEh2fGHHRcXuYhIQBXiyfSK5j8nmi0PPZFlsFMqwEmMcjm6
kg54hUD+Opfajq3P+tcouiBXmmoN/pcz7qJfnZEodFUMZRVMeMzzDO03GvykhjR8
qi2m3luoHFk3gJfZiDrnSt9chxZqpD/Q65biDG2MfXqwzp7GyiH2bFLIi9fyXeYj
gWEBS55QhKYoMY0ynnEw+xPn5WflwuZlG64smfSvQ+FiTeT3r6BQalC9NwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJf3GOeqWundC5jCDL6RWR+hate5MB8GA1UdIwQY
MBaAFD8ck4uyBqOJbQZMCFL6mIX/LOvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQt
ZTA1MjYwMzNhNDg0LzEvbF9jWTU2cGE2ZDBMbU1JTXZwRlpINkZxMTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQtZTA1MjYwMzNhNDg0
LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+lwDAN
BgkqhkiG9w0BAQsFAAOCAQEAlbU4Ru/YNTkSI5+pHe1D8MCNba1Ai8p98vSVmeuo
ynZCQ7pC+d88HRjVLy7Agm/N+6BvLpo3R4nABgUnNfDoLhNrxVj1oXBF4UJdDjb1
uFV2qmwy/DmzXDBe+VyvYafpaIvbLrqXN7SgnmeXbmJK6/TcaFuqEH42eDHoTdls
PHITsji84o1aILhFpnp531m/JLRmqj4H469+KK3xmHI2FBfrB9096N12KU0oZSH9
vXd0H4x5otlM03eCQSDZx7dA4/Bmv2Gm62ojeb0pLpn+tCbOz2snhXzJFDB7B8rL
csM+R2U9T3cO/aNfxj+DFrnIxS/Ke1pvhokY2yQKKMYAHQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:20:34 2025 by rpki-client