Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ba3mqPCXjxkIONASHWlvEE0eIE8.roa
File: ba3mqPCXjxkIONASHWlvEE0eIE8.roa (raw, json)
Hash identifier: xSPP/1vBDNGNYJB38rMzjgKOGKuFJeD9lmYmohwIEjY=
Subject key identifier: 6D:AD:E6:A8:F0:97:8F:19:08:38:D0:12:1D:69:6F:10:4D:1E:20:4F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DC72BA49D837237ED71689FF5222
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ba3mqPCXjxkIONASHWlvEE0eIE8.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199459
IP address blocks: 2a0a:280:2800::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:dc:72:ba:49:d8:37:23:7e:d7:16:89:ff:52:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dade6a8f0978f190838d0121d696f104d1e204f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2e:02:5a:ee:a0:92:78:43:0a:db:86:ec:3c:
6f:f6:77:92:0d:58:48:0f:91:8a:90:1b:1b:5c:37:
62:3a:b5:93:ab:53:b0:ed:8a:87:23:da:e2:bf:34:
fe:8d:fa:3a:bf:02:8c:47:23:1b:52:69:3c:6b:91:
2c:eb:22:cc:1c:8e:28:96:ba:7d:0b:5b:c5:29:d5:
1c:d8:23:d3:ff:70:56:93:69:0b:95:f7:42:41:2b:
2d:1c:be:60:0e:c7:20:20:63:f8:b6:96:7d:8c:77:
3d:9d:97:96:03:4e:c8:8a:5f:25:b7:59:d7:54:78:
52:39:71:3a:03:66:e0:ed:bb:cf:18:bf:b2:8c:67:
8a:2f:09:d2:61:9b:b3:cd:9e:a7:df:17:73:23:52:
e2:f8:00:4a:d0:fa:e6:bf:6c:41:93:57:3f:78:46:
ab:e0:6f:3d:6c:8f:0e:0c:21:3f:ee:98:07:58:db:
12:b9:ba:ba:75:8a:c0:52:6b:53:7c:98:3d:6a:77:
a4:29:b7:d9:ef:60:fd:ad:da:fa:11:33:02:f6:02:
ea:d2:69:ec:6f:60:8e:f4:97:28:af:5f:23:d2:2b:
e1:e1:8a:a3:3d:d9:e2:8f:b4:02:91:87:fe:80:c7:
0c:20:62:67:53:94:c5:06:11:fa:ea:d8:bd:64:af:
2a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AD:E6:A8:F0:97:8F:19:08:38:D0:12:1D:69:6F:10:4D:1E:20:4F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ba3mqPCXjxkIONASHWlvEE0eIE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2800::/40
Signature Algorithm: sha256WithRSAEncryption
04:49:f2:05:ee:2a:c3:74:f5:48:2b:96:a9:8f:33:cc:d7:a9:
ed:bf:1e:ef:2f:10:39:5a:79:c4:80:b9:3f:e7:cf:97:ab:6b:
c3:3b:74:61:49:0e:3b:0a:66:1b:5e:bd:df:f0:f5:ad:88:dd:
1a:0a:47:41:a9:c4:66:1a:e6:40:d3:08:4e:24:cd:51:b0:29:
2c:21:de:16:31:c2:8c:26:a7:ef:3b:84:96:9f:3f:b5:cf:fe:
18:a8:24:7a:17:e7:ba:d9:c6:62:d9:74:83:af:5f:e2:49:f8:
a5:cd:fa:c3:c6:35:1f:d8:ac:fd:88:79:72:56:dd:6b:d9:95:
bd:fc:01:0e:f5:c2:2b:4c:a1:bc:fd:28:09:a9:0f:2e:cc:a7:
18:f8:6e:9c:e1:40:84:cb:9a:78:c6:f4:f6:37:bb:bb:59:a6:
3f:2d:f0:d3:94:f0:e2:28:ef:21:b4:35:76:74:bb:a1:21:72:
06:91:7b:2c:89:24:f4:b6:a3:17:5e:da:da:9b:4a:77:ec:fa:
f2:fd:12:ec:66:93:bb:7f:30:ba:a9:07:dc:b4:18:c0:cd:f5:
8a:b2:fa:22:fa:93:f0:77:5f:69:37:d2:63:ca:97:75:60:f8:
49:8b:fe:de:ca:f3:88:bb:59:e7:ae:a7:63:7a:47:b4:70:d7:
d8:27:33:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIdxyuknYNyN+1xaJ/1IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFkZTZhOGYwOTc4ZjE5MDgzOGQwMTIxZDY5NmYxMDRkMWUyMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2C4CWu6gknhDCtuG7Dxv9neSDVhI
D5GKkBsbXDdiOrWTq1Ow7YqHI9rivzT+jfo6vwKMRyMbUmk8a5Es6yLMHI4olrp9
C1vFKdUc2CPT/3BWk2kLlfdCQSstHL5gDscgIGP4tpZ9jHc9nZeWA07Iil8lt1nX
VHhSOXE6A2bg7bvPGL+yjGeKLwnSYZuzzZ6n3xdzI1Li+ABK0Prmv2xBk1c/eEar
4G89bI8ODCE/7pgHWNsSubq6dYrAUmtTfJg9anekKbfZ72D9rdr6ETMC9gLq0mns
b2CO9Jcor18j0ivh4YqjPdnij7QCkYf+gMcMIGJnU5TFBhH66ti9ZK8qiQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG2t5qjwl48ZCDjQEh1pbxBNHiBPMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvYmEzbXFQQ1hqeGtJT05BU0hXbHZFRTBlSUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCgw
DQYJKoZIhvcNAQELBQADggEBAARJ8gXuKsN09UgrlqmPM8zXqe2/Hu8vEDlaecSA
uT/nz5era8M7dGFJDjsKZhtevd/w9a2I3RoKR0GpxGYa5kDTCE4kzVGwKSwh3hYx
wowmp+87hJafP7XP/hioJHoX57rZxmLZdIOvX+JJ+KXN+sPGNR/YrP2IeXJW3WvZ
lb38AQ71witMobz9KAmpDy7Mpxj4bpzhQITLmnjG9PY3u7tZpj8t8NOU8OIo7yG0
NXZ0u6EhcgaReyyJJPS2oxde2tqbSnfs+vL9Euxmk7t/MLqpB9y0GMDN9Yqy+iL6
k/B3X2k30mPKl3Vg+EmL/t7K84i7Weeup2N6R7Rw19gnM0k=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:51:29 2025 by rpki-client