Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/vnhFO9mk6KGcIRqVGkaTxg0zqks.roa
File: vnhFO9mk6KGcIRqVGkaTxg0zqks.roa (raw, json)
Hash identifier: ZloWakmkC4Kf/gmKHlPxhCy/mcQMOImXcJeRJ+foq94=
Subject key identifier: BE:78:45:3B:D9:A4:E8:A1:9C:21:1A:95:1A:46:93:C6:0D:33:AA:4B
Certificate issuer: /CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Certificate serial: 0194258F97A0D5CDF284818D4BCB01D39930
Authority key identifier: EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/vnhFO9mk6KGcIRqVGkaTxg0zqks.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211338
IP address blocks: 2a0d:2406:3000::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Mar 2025 12:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:97:a0:d5:cd:f2:84:81:8d:4b:cb:01:d3:99:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be78453bd9a4e8a19c211a951a4693c60d33aa4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ef:91:b7:c8:a7:9a:e7:03:b2:6c:55:06:7c:
40:9e:16:a2:4b:c4:00:5b:60:24:8c:91:8e:9a:52:
65:4f:5f:3a:82:28:ff:da:9d:52:41:65:35:72:d9:
e2:15:28:78:f1:36:73:77:74:ea:d0:d8:a9:b0:41:
a8:8d:a2:0a:65:1a:67:cb:97:a2:96:3d:34:f6:5e:
22:74:be:e4:65:4a:57:8c:e9:9a:b0:f5:43:9e:d9:
21:b7:24:1c:ef:f9:d3:2b:30:81:d4:04:8b:26:51:
29:fa:54:a9:f9:43:6b:86:30:00:99:a7:c8:62:f5:
89:b5:53:f5:d5:d9:ce:46:85:5b:38:2a:05:24:6e:
50:be:16:36:41:2a:74:21:8b:f1:3c:c9:39:3b:10:
24:a0:7b:df:4a:3e:38:e0:a0:56:a9:81:c4:c0:6d:
75:fd:f0:04:c5:10:61:fd:ca:82:63:50:0b:8b:a8:
43:e5:64:26:5e:05:51:15:c5:95:94:a8:b9:25:ea:
e6:16:4a:54:b4:15:7a:e9:86:94:cc:14:11:56:f7:
26:8d:55:48:e7:66:29:ab:2c:84:38:dd:18:50:08:
d4:ae:22:e8:27:13:f6:88:88:84:27:42:d0:e8:fc:
a5:e6:d0:14:7e:c0:7a:41:9a:6e:cb:57:75:92:c8:
49:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:78:45:3B:D9:A4:E8:A1:9C:21:1A:95:1A:46:93:C6:0D:33:AA:4B
X509v3 Authority Key Identifier:
keyid:EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/vnhFO9mk6KGcIRqVGkaTxg0zqks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2406:3000::/48
Signature Algorithm: sha256WithRSAEncryption
55:dd:78:aa:b8:3a:df:74:e4:f8:dc:4f:af:09:3c:0b:f5:ac:
e9:98:62:04:f0:cc:27:a2:ca:66:4b:93:79:b7:c6:e3:3d:03:
56:14:db:ae:ae:66:d8:89:5a:a5:ac:f3:8c:58:cb:8f:9f:4b:
c3:1b:a8:35:be:31:f3:a3:03:33:f3:3f:90:c6:4d:6a:6b:65:
b1:e2:54:d6:d3:ab:ae:9b:9b:9b:b9:32:6c:62:b6:7f:2c:49:
b8:32:24:d6:6b:5c:94:08:0c:b4:87:48:69:2b:60:8e:ae:92:
9f:be:75:91:6d:66:ff:2a:f3:da:bc:23:41:e4:e3:16:07:08:
ae:5c:66:1e:a0:a6:93:64:73:0c:32:1c:bc:84:fb:a5:26:82:
0a:45:b2:2e:91:66:61:3a:49:70:24:e4:f2:52:f1:98:26:35:
50:81:db:31:df:bb:be:66:fb:37:73:b7:54:44:d2:84:b8:ba:
8d:e9:2b:da:7a:c1:01:9f:9f:ad:12:0a:ba:e6:08:7b:35:2e:
35:5d:ef:db:db:45:cc:fc:82:ab:cf:a6:78:6b:76:2d:f5:34:
dc:05:ee:36:80:98:e4:4d:fc:4b:c8:5e:d2:da:69:60:8c:0a:
53:ed:28:13:1c:40:3b:68:1d:39:6e:cd:dd:11:81:10:14:84:
64:7b:0e:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlj5eg1c3yhIGNS8sB05kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGZiMDYxYTk0MjZlNGZiMjg4NWQ4MjI4Njc1NzJhMWI1
OGE0YzAwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc4NDUzYmQ5YTRlOGExOWMyMTFhOTUxYTQ2OTNjNjBkMzNhYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8e+Rt8inmucDsmxVBnxAnhaiS8QA
W2AkjJGOmlJlT186gij/2p1SQWU1ctniFSh48TZzd3Tq0NipsEGojaIKZRpny5ei
lj009l4idL7kZUpXjOmasPVDntkhtyQc7/nTKzCB1ASLJlEp+lSp+UNrhjAAmafI
YvWJtVP11dnORoVbOCoFJG5QvhY2QSp0IYvxPMk5OxAkoHvfSj444KBWqYHEwG11
/fAExRBh/cqCY1ALi6hD5WQmXgVRFcWVlKi5JermFkpUtBV66YaUzBQRVvcmjVVI
52YpqyyEON0YUAjUriLoJxP2iIiEJ0LQ6Pyl5tAUfsB6QZpuy1d1kshJtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL54RTvZpOihnCEalRpGk8YNM6pLMB8GA1UdIwQY
MBaAFOxPsGGpQm5PsohdgihnVyobWKTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEt
Y2U1NzE1MDY5NWE5LzEvdm5oRk85bWs2S0djSVJxVkdrYVR4ZzB6cWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEtY2U1NzE1MDY5NWE5
LzEvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0kBjAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBV3XiquDrfdOT43E+vCTwL9azpmGIE8Mwnospm
S5N5t8bjPQNWFNuurmbYiVqlrPOMWMuPn0vDG6g1vjHzowMz8z+Qxk1qa2Wx4lTW
06uum5ubuTJsYrZ/LEm4MiTWa1yUCAy0h0hpK2COrpKfvnWRbWb/KvPavCNB5OMW
BwiuXGYeoKaTZHMMMhy8hPulJoIKRbIukWZhOklwJOTyUvGYJjVQgdsx37u+Zvs3
c7dURNKEuLqN6SvaesEBn5+tEgq65gh7NS41Xe/b20XM/IKrz6Z4a3Yt9TTcBe42
gJjkTfxLyF7S2mlgjApT7SgTHEA7aB05bs3dEYEQFIRkew6J
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:46 2025 by rpki-client