Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/v85r47gS0-KR4ui2wKtWQKBN5VU.roa
File: v85r47gS0-KR4ui2wKtWQKBN5VU.roa (raw, json)
Hash identifier: u+Bsn76b9199L+53EUaa6us3POQP/VbBY2V2SUGIsV4=
Subject key identifier: BF:CE:6B:E3:B8:12:D3:E2:91:E2:E8:B6:C0:AB:56:40:A0:4D:E5:55
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018CC4254FE8A0DF6F79D66538C897417634
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/v85r47gS0-KR4ui2wKtWQKBN5VU.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35052
IP address blocks: 2001:678:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:e8:a0:df:6f:79:d6:65:38:c8:97:41:76:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfce6be3b812d3e291e2e8b6c0ab5640a04de555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:61:e1:cf:a5:89:12:0e:e0:a3:b3:90:6e:9c:
06:b6:6f:73:f4:db:80:b5:a3:5b:08:f5:d3:96:e5:
c9:c9:51:4e:d2:f5:90:62:db:48:d4:01:50:39:a6:
5f:ea:88:08:4a:57:1b:c4:df:b7:62:df:1e:5e:10:
44:e9:ef:aa:dc:3f:89:14:e0:df:9d:ee:c2:09:71:
66:7c:6e:af:93:fc:b6:99:b4:c4:ca:35:f0:a9:4b:
e5:a7:26:39:44:51:66:93:79:90:f9:10:a8:ab:f3:
4f:3b:fe:b1:bb:a4:fb:26:a6:62:6d:85:9c:f3:e2:
e8:e6:3f:3b:c6:6f:3f:7e:91:f1:48:62:e5:5c:76:
6b:a3:eb:65:d7:c4:80:05:e0:55:86:88:3b:97:e9:
49:a7:25:98:3d:74:99:f6:64:d2:33:b2:69:8f:64:
16:78:98:9a:b4:99:e3:5b:e8:cd:f4:7d:2d:e4:74:
5c:ee:aa:fb:9e:19:77:b9:75:fb:de:43:10:13:b3:
8e:22:92:e7:62:84:7b:e7:0b:fa:3d:e2:48:84:30:
4b:b0:74:db:37:7b:a1:e9:1a:9e:f4:2f:fb:d8:8f:
80:c5:fd:a2:9a:04:43:c7:ec:71:9f:7b:eb:0f:12:
cf:50:ea:96:1d:3a:76:bf:68:f5:2c:1e:6d:1e:26:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CE:6B:E3:B8:12:D3:E2:91:E2:E8:B6:C0:AB:56:40:A0:4D:E5:55
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/v85r47gS0-KR4ui2wKtWQKBN5VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1c::/48
Signature Algorithm: sha256WithRSAEncryption
22:46:e2:6f:09:9a:f4:a5:9a:ab:91:cc:2d:4e:47:3a:b4:47:
80:94:9c:d2:9b:e4:08:2b:cf:b8:81:eb:6d:0f:2b:d0:80:3a:
2c:78:61:e2:b5:f9:a9:d1:88:ea:52:03:3b:92:6c:79:0f:b6:
12:93:49:84:a5:bd:dd:47:d5:5e:b1:09:7a:04:aa:8d:28:fe:
17:4e:89:4f:af:13:23:94:d0:d6:60:e6:54:f0:a1:8e:c1:12:
bb:5c:1a:54:5d:d2:18:e0:62:7f:b1:d6:8d:dc:db:7f:ba:90:
c7:43:28:1a:4f:3f:37:b3:16:83:05:47:32:49:7b:d7:b7:a7:
b6:7a:6f:94:3e:23:2a:9f:37:2c:7f:d3:22:12:79:79:a9:57:
4c:0e:a5:76:8d:b0:a4:08:cd:f9:af:ab:fb:55:90:f1:81:49:
bb:9a:b3:47:b7:69:6c:f9:46:d3:7d:5b:b6:19:1d:90:38:f3:
5e:f1:0d:11:89:27:c5:67:85:ad:92:77:d5:a1:c6:28:f5:7d:
76:92:ee:ec:9d:b9:47:5d:db:a5:d8:c0:ef:01:d1:75:cf:cd:
c0:44:3a:99:14:6f:f7:f2:d5:d0:ae:fb:b3:c0:f4:69:68:5c:
63:5d:f3:ee:f8:bf:ba:c4:7d:1e:16:d1:26:3a:23:be:5d:19:
fd:54:f4:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJU/ooN9vedZlOMiXQXY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNlNmJlM2I4MTJkM2UyOTFlMmU4YjZjMGFiNTY0MGEwNGRlNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2Hhz6WJEg7go7OQbpwGtm9z9NuA
taNbCPXTluXJyVFO0vWQYttI1AFQOaZf6ogISlcbxN+3Yt8eXhBE6e+q3D+JFODf
ne7CCXFmfG6vk/y2mbTEyjXwqUvlpyY5RFFmk3mQ+RCoq/NPO/6xu6T7JqZibYWc
8+Lo5j87xm8/fpHxSGLlXHZro+tl18SABeBVhog7l+lJpyWYPXSZ9mTSM7Jpj2QW
eJiatJnjW+jN9H0t5HRc7qr7nhl3uXX73kMQE7OOIpLnYoR75wv6PeJIhDBLsHTb
N3uh6Rqe9C/72I+Axf2imgRDx+xxn3vrDxLPUOqWHTp2v2j1LB5tHiYy9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL/Oa+O4EtPikeLotsCrVkCgTeVVMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvdjg1cjQ3Z1MwLUtSNHVpMndLdFdRS0JONVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAAc
MA0GCSqGSIb3DQEBCwUAA4IBAQAiRuJvCZr0pZqrkcwtTkc6tEeAlJzSm+QIK8+4
gettDyvQgDoseGHitfmp0YjqUgM7kmx5D7YSk0mEpb3dR9VesQl6BKqNKP4XTolP
rxMjlNDWYOZU8KGOwRK7XBpUXdIY4GJ/sdaN3Nt/upDHQygaTz83sxaDBUcySXvX
t6e2em+UPiMqnzcsf9MiEnl5qVdMDqV2jbCkCM35r6v7VZDxgUm7mrNHt2ls+UbT
fVu2GR2QOPNe8Q0RiSfFZ4WtknfVocYo9X12ku7snblHXdul2MDvAdF1z83ARDqZ
FG/38tXQrvuzwPRpaFxjXfPu+L+6xH0eFtEmOiO+XRn9VPQW
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:45:50 2025 by rpki-client