Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/pTeulQvFFNnjqRjeTfnPDhTn3PQ.roa
File: pTeulQvFFNnjqRjeTfnPDhTn3PQ.roa (raw, json)
Hash identifier: JgjxNVAOso4SOrPDiFH/aQ+UTiz4hGmE9gcDE35bYKY=
Subject key identifier: A5:37:AE:95:0B:C5:14:D9:E3:A9:18:DE:4D:F9:CF:0E:14:E7:DC:F4
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 018CC2DABB3E4D3FEBBC048F61C2BAF33B92
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/pTeulQvFFNnjqRjeTfnPDhTn3PQ.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211380
IP address blocks: 2a0c:5707:ff04::/48 maxlen: 48
2a0c:5707:ff01::/48 maxlen: 48
2a0c:5707:ff00::/40 maxlen: 48
2a0c:5707:ff02::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bb:3e:4d:3f:eb:bc:04:8f:61:c2:ba:f3:3b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a537ae950bc514d9e3a918de4df9cf0e14e7dcf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:c6:dd:75:40:09:79:8a:42:81:76:ec:45:
14:17:ef:1f:f4:f7:38:85:fc:d5:08:22:d7:d0:fb:
7a:eb:c3:93:80:aa:d2:b9:77:bd:dc:e1:76:c3:2a:
6d:9c:19:42:38:74:54:1f:a2:d2:42:1a:9f:cb:1d:
bd:28:b1:97:45:86:c8:73:61:c9:7a:e4:ff:7a:5a:
0d:1b:26:d6:cf:41:66:15:f1:cb:ce:0e:86:50:f8:
02:82:b6:9b:b8:24:29:ac:09:bb:04:4b:b5:ab:9c:
f9:92:39:0c:9d:2f:06:3c:4d:24:ee:f6:d8:4d:1a:
9e:d4:7c:aa:9e:3f:b6:57:06:3a:f7:c3:98:47:e0:
e7:d2:f9:c7:a7:a7:07:20:11:c9:4a:f6:89:e0:31:
65:1a:cf:5e:ca:e5:5c:c4:e4:bb:62:ef:d3:9c:84:
86:03:2f:ce:c6:a3:75:c4:ca:8d:09:1d:e8:d6:15:
1e:cb:8c:9f:ae:41:7b:3e:56:fa:1f:73:3e:f9:31:
36:f5:b2:f5:07:e3:60:02:1e:b9:cc:35:21:61:8a:
4f:b8:3d:bd:e2:ce:78:75:42:40:19:95:5b:e7:08:
51:92:12:11:9a:64:f7:ca:47:a7:bb:77:c4:59:c7:
7a:53:61:e4:31:6c:01:4f:86:91:9e:dc:92:2b:91:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:37:AE:95:0B:C5:14:D9:E3:A9:18:DE:4D:F9:CF:0E:14:E7:DC:F4
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/pTeulQvFFNnjqRjeTfnPDhTn3PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:5707:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
8f:83:88:2b:24:bd:34:01:40:09:d5:8b:fa:81:fe:cb:bc:6b:
ef:26:9f:1d:80:d9:50:2f:03:21:2e:44:01:a8:1a:33:95:26:
3f:cc:8e:0b:1c:8a:75:87:d9:14:21:0b:63:34:5a:df:03:70:
a7:7d:c8:59:1b:3d:26:e7:07:1b:13:56:59:88:ea:11:27:76:
35:3e:45:63:10:50:3a:d5:2e:5a:9e:62:9b:5a:26:7c:db:b8:
7e:b3:74:e5:a9:84:a1:62:7f:62:16:75:54:62:71:b5:91:44:
0e:3d:3d:76:e4:01:fd:6e:43:0e:45:c3:18:22:08:62:2f:f2:
aa:80:75:14:b0:69:48:f2:6a:a1:ae:20:5e:bd:a3:9d:f9:27:
77:42:7b:01:47:8a:84:73:bc:4b:14:38:02:84:9a:eb:43:df:
71:a8:96:ca:75:5e:11:44:50:05:bf:2f:fd:ef:f6:8c:98:5b:
e0:63:10:c1:b5:7c:0e:c4:28:ec:64:c2:d1:0a:23:4a:b6:a6:
e0:d6:4e:a6:8e:38:42:ad:ff:c3:48:d4:15:44:c5:6f:c3:37:
d1:3e:60:92:78:1a:a0:42:86:28:ac:ff:0a:e2:18:e1:94:48:
2b:72:34:22:5e:c6:f1:c9:32:8a:fb:3a:00:fa:e8:e7:a8:fd:
77:9b:74:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzC2rs+TT/rvASPYcK68zuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTM3YWU5NTBiYzUxNGQ5ZTNhOTE4ZGU0ZGY5Y2YwZTE0ZTdkY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNnG3XVACXmKQoF27EUUF+8f9Pc4
hfzVCCLX0Pt668OTgKrSuXe93OF2wyptnBlCOHRUH6LSQhqfyx29KLGXRYbIc2HJ
euT/eloNGybWz0FmFfHLzg6GUPgCgrabuCQprAm7BEu1q5z5kjkMnS8GPE0k7vbY
TRqe1Hyqnj+2VwY698OYR+Dn0vnHp6cHIBHJSvaJ4DFlGs9eyuVcxOS7Yu/TnISG
Ay/OxqN1xMqNCR3o1hUey4yfrkF7Plb6H3M++TE29bL1B+NgAh65zDUhYYpPuD29
4s54dUJAGZVb5whRkhIRmmT3ykenu3fEWcd6U2HkMWwBT4aRntySK5EIRQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKU3rpULxRTZ46kY3k35zw4U59z0MB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvcFRldWxRdkZGTm5qcVJqZVRmblBEaFRuM1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgxXB/8w
DQYJKoZIhvcNAQELBQADggEBAI+DiCskvTQBQAnVi/qB/su8a+8mnx2A2VAvAyEu
RAGoGjOVJj/MjgscinWH2RQhC2M0Wt8DcKd9yFkbPSbnBxsTVlmI6hEndjU+RWMQ
UDrVLlqeYptaJnzbuH6zdOWphKFif2IWdVRicbWRRA49PXbkAf1uQw5FwxgiCGIv
8qqAdRSwaUjyaqGuIF69o535J3dCewFHioRzvEsUOAKEmutD33Golsp1XhFEUAW/
L/3v9oyYW+BjEMG1fA7EKOxkwtEKI0q2puDWTqaOOEKt/8NI1BVExW/DN9E+YJJ4
GqBChiis/wriGOGUSCtyNCJexvHJMor7OgD66Oeo/XebdHE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:40 2025 by rpki-client