Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/017f89-9130-4a4e-8547-f3b9741d1d4f/1/p2VzljyIf7LvNMX0sxnsxfW8r3g.roa
File: p2VzljyIf7LvNMX0sxnsxfW8r3g.roa (raw, json)
Hash identifier: u4zSF+HUGYwx5CX4seLQpFdH/lDcVRqW/fJnqV/Pr3A=
Subject key identifier: A7:65:73:96:3C:88:7F:B2:EF:34:C5:F4:B3:19:EC:C5:F5:BC:AF:78
Certificate issuer: /CN=ff2a50eedfe78040209d6c0ab95f83b5460398dd
Certificate serial: 018CC7934F9AFF367579D7EC79BF14466411
Authority key identifier: FF:2A:50:EE:DF:E7:80:40:20:9D:6C:0A:B9:5F:83:B5:46:03:98:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ypQ7t_ngEAgnWwKuV-DtUYDmN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/017f89-9130-4a4e-8547-f3b9741d1d4f/1/p2VzljyIf7LvNMX0sxnsxfW8r3g.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207076
IP address blocks: 2001:67c:1430::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4f:9a:ff:36:75:79:d7:ec:79:bf:14:46:64:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff2a50eedfe78040209d6c0ab95f83b5460398dd
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a76573963c887fb2ef34c5f4b319ecc5f5bcaf78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:89:26:fb:fd:31:09:c1:ab:39:ca:96:46:
ad:ad:35:99:f7:25:b4:36:3e:26:d0:6b:2a:f2:e9:
f8:a4:16:fc:c2:23:b2:05:59:b2:12:27:3f:e8:47:
a9:3e:06:15:b0:ab:44:88:75:63:11:ba:78:04:d6:
03:64:a8:85:39:10:f0:9d:8b:62:da:6b:b7:99:cf:
f0:95:7f:cc:ee:03:a2:ea:15:79:8c:85:1f:5c:5f:
11:d6:de:6a:76:6a:3d:aa:73:4a:82:a1:59:93:71:
67:74:64:4b:b9:da:7e:37:b6:fe:96:d8:cc:71:b8:
70:a6:53:c9:54:47:2f:4a:9d:51:cf:36:e1:df:85:
28:95:06:8c:2c:49:17:87:9b:57:b8:45:85:20:40:
c7:83:c1:55:5b:16:56:86:c4:f9:86:0a:08:45:8f:
c9:8c:46:51:5b:86:8b:e7:40:75:dd:a5:88:8a:a2:
4a:82:6f:b0:49:ef:08:39:e1:b9:3b:9a:01:12:a6:
0b:12:c7:b1:3a:bf:79:8c:60:c8:c5:68:5d:af:4c:
63:d9:52:c1:13:79:d6:b4:d0:07:1b:77:21:3a:e5:
26:a0:fc:29:4f:12:51:5f:5d:05:06:e2:57:0d:a3:
64:d6:61:ca:81:63:fe:8d:f3:9f:74:7b:e2:6b:f4:
30:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:65:73:96:3C:88:7F:B2:EF:34:C5:F4:B3:19:EC:C5:F5:BC:AF:78
X509v3 Authority Key Identifier:
keyid:FF:2A:50:EE:DF:E7:80:40:20:9D:6C:0A:B9:5F:83:B5:46:03:98:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypQ7t_ngEAgnWwKuV-DtUYDmN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/017f89-9130-4a4e-8547-f3b9741d1d4f/1/p2VzljyIf7LvNMX0sxnsxfW8r3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/017f89-9130-4a4e-8547-f3b9741d1d4f/1/_ypQ7t_ngEAgnWwKuV-DtUYDmN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1430::/48
Signature Algorithm: sha256WithRSAEncryption
68:24:b6:ef:90:57:b2:2f:06:1a:40:c6:1d:3f:04:28:81:32:
7c:5d:a0:76:15:af:68:0e:0c:3c:97:07:7e:f5:d9:d3:c5:ec:
22:03:af:a1:e0:41:a3:1b:7a:ed:e0:05:3d:f1:c8:00:4a:4c:
41:3e:46:00:55:c9:7b:bf:f1:c0:10:99:c3:d3:6d:40:d8:67:
97:e9:57:fd:42:d5:a9:c6:37:3f:e2:e8:f7:ba:4f:7f:aa:de:
99:1c:11:fc:a8:6a:0c:db:f8:5a:29:d0:23:d3:8a:4a:e1:d2:
19:7d:19:62:5f:d0:dd:89:83:da:35:e0:29:df:f9:d1:70:1d:
1e:bd:20:31:d0:b0:7c:57:d9:42:21:9c:b8:da:1d:69:62:14:
be:d7:24:10:a7:05:da:f6:b6:4d:5e:9d:4d:65:d8:1a:af:84:
b7:98:fd:78:c2:7d:81:25:13:8b:27:78:15:5e:b8:63:c9:23:
ba:94:cd:52:fb:00:6f:ed:e6:91:18:58:1e:6f:2e:59:80:be:
5b:e1:6d:4a:45:05:ca:64:85:f6:26:63:ad:55:df:86:0b:66:
0f:4a:3d:4e:e6:70:f8:9f:09:f7:7a:f9:8b:9c:5c:bd:7f:78:
7d:ab:6d:6f:a5:45:89:1f:75:36:bf:24:4d:46:52:a4:ad:2b:
98:be:22:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHk0+a/zZ1edfseb8URmQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1MGVlZGZlNzgwNDAyMDlkNmMwYWI5NWY4M2I1NDYw
Mzk4ZGQwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY1NzM5NjNjODg3ZmIyZWYzNGM1ZjRiMzE5ZWNjNWY1YmNhZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAaJJvv9MQnBqznKlkatrTWZ9yW0
Nj4m0Gsq8un4pBb8wiOyBVmyEic/6EepPgYVsKtEiHVjEbp4BNYDZKiFORDwnYti
2mu3mc/wlX/M7gOi6hV5jIUfXF8R1t5qdmo9qnNKgqFZk3FndGRLudp+N7b+ltjM
cbhwplPJVEcvSp1Rzzbh34UolQaMLEkXh5tXuEWFIEDHg8FVWxZWhsT5hgoIRY/J
jEZRW4aL50B13aWIiqJKgm+wSe8IOeG5O5oBEqYLEsexOr95jGDIxWhdr0xj2VLB
E3nWtNAHG3chOuUmoPwpTxJRX10FBuJXDaNk1mHKgWP+jfOfdHvia/QwqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKdlc5Y8iH+y7zTF9LMZ7MX1vK94MB8GA1UdIwQY
MBaAFP8qUO7f54BAIJ1sCrlfg7VGA5jdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwUTd0X25nRUFnbld3S3VWLUR0VVlEbU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMTdmODktOTEzMC00YTRlLTg1NDct
ZjNiOTc0MWQxZDRmLzEvcDJWemxqeUlmN0x2Tk1YMHN4bnN4Zlc4cjNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMTdmODktOTEzMC00YTRlLTg1NDctZjNiOTc0MWQxZDRm
LzEvX3lwUTd0X25nRUFnbld3S3VWLUR0VVlEbU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBQw
MA0GCSqGSIb3DQEBCwUAA4IBAQBoJLbvkFeyLwYaQMYdPwQogTJ8XaB2Fa9oDgw8
lwd+9dnTxewiA6+h4EGjG3rt4AU98cgASkxBPkYAVcl7v/HAEJnD021A2GeX6Vf9
QtWpxjc/4uj3uk9/qt6ZHBH8qGoM2/haKdAj04pK4dIZfRliX9DdiYPaNeAp3/nR
cB0evSAx0LB8V9lCIZy42h1pYhS+1yQQpwXa9rZNXp1NZdgar4S3mP14wn2BJROL
J3gVXrhjySO6lM1S+wBv7eaRGFgeby5ZgL5b4W1KRQXKZIX2JmOtVd+GC2YPSj1O
5nD4nwn3evmLnFy9f3h9q21vpUWJH3U2vyRNRlKkrSuYviIA
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:56 2025 by rpki-client