Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/n3ZeJRCX_aniJAvLIV9L26ONEHc.roa
File: n3ZeJRCX_aniJAvLIV9L26ONEHc.roa (raw, json)
Hash identifier: 43rx+QN7bYqmrnALF61Qn+ktxU8e7YDNFuVrTB7WMqg=
Subject key identifier: 9F:76:5E:25:10:97:FD:A9:E2:24:0B:CB:21:5F:4B:DB:A3:8D:10:77
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 0192036959490C7E294874585AEF7BB8FF31
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/n3ZeJRCX_aniJAvLIV9L26ONEHc.roa
Signing time: Wed 18 Sep 2024 04:34:48 +0000
ROA not before: Wed 18 Sep 2024 04:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394996
IP address blocks: 2a03:b0c0:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:03:69:59:49:0c:7e:29:48:74:58:5a:ef:7b:b8:ff:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Sep 18 04:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f765e251097fda9e2240bcb215f4bdba38d1077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:2a:50:cf:27:9e:cb:e9:39:ab:87:24:91:
30:92:40:ff:69:bd:c5:80:fd:6d:d2:c0:e7:74:e9:
ee:5e:b9:ef:ea:00:e9:41:31:6e:5d:0e:78:8c:96:
02:8c:d1:53:11:a0:33:2b:22:6f:6c:6b:f5:56:31:
38:34:c8:ef:6f:b6:b9:70:fb:3a:79:ed:69:4e:81:
63:17:e2:7c:ca:00:23:64:65:a7:35:de:73:23:86:
c1:71:f5:41:e0:66:0b:41:08:7d:3d:98:0f:f7:55:
77:02:11:f3:cb:fe:a9:a4:34:72:f0:06:ce:db:e1:
59:52:b4:bf:15:56:b1:0c:c8:79:60:04:24:c9:04:
b3:91:13:43:53:62:09:b2:72:99:4d:e6:19:41:ec:
c3:5f:4f:dd:8b:12:47:ec:43:a8:f7:92:74:68:6c:
ba:dc:6c:3c:81:f3:f6:ab:ec:b1:f6:f8:2e:e5:f3:
57:7a:8b:bb:09:b2:ca:c2:00:44:ec:b1:f0:ae:be:
ad:ea:44:c7:78:ef:02:d4:8d:2d:76:20:62:c8:aa:
7e:1f:46:86:b7:f3:f6:ae:d8:75:b9:f1:e3:60:71:
a7:0c:3e:ff:45:94:24:2d:96:e3:cf:f9:51:5d:92:
1f:3b:6b:07:da:4d:f6:f9:02:95:f2:37:e5:4c:5e:
96:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:76:5E:25:10:97:FD:A9:E2:24:0B:CB:21:5F:4B:DB:A3:8D:10:77
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/n3ZeJRCX_aniJAvLIV9L26ONEHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b0c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
20:5b:b5:09:e3:07:23:3c:23:9b:44:49:36:58:e7:7c:fa:5d:
b6:fd:48:52:9a:de:1e:18:d4:4a:7d:98:64:90:97:58:7d:20:
87:99:30:1b:69:1d:94:10:01:d9:34:09:90:1c:0a:61:7f:ae:
78:03:0b:75:c3:a0:3c:bb:7f:9d:dc:43:5d:c3:94:96:7e:e9:
be:4a:84:23:6c:74:c0:7e:ad:84:a6:7f:4c:73:a4:3c:a8:32:
55:59:ed:e6:8a:74:0c:78:5c:ea:9e:b3:b2:11:5f:1f:67:df:
6f:46:8a:a1:b3:89:96:c3:e8:9b:a9:80:1d:6e:2d:87:16:da:
a6:b5:42:43:19:b9:e4:19:7f:79:84:b5:3b:58:23:6d:7e:18:
ef:e0:4a:34:28:13:0a:ca:b5:b5:60:e0:91:7c:2a:62:04:7d:
ce:fc:ee:aa:7a:04:ff:22:37:9a:30:b0:1d:ba:34:9b:ed:56:
60:82:ab:3c:f2:62:5a:1a:55:b6:f5:45:2d:51:bb:f5:76:14:
72:07:41:1c:11:75:26:a3:65:fe:fd:95:09:27:f2:31:7c:e6:
89:19:d7:4a:cf:e7:40:f1:cb:95:4a:a5:64:4e:d5:e4:02:91:
16:98:22:67:be:a3:4e:fe:8b:4b:fa:0c:39:01:d0:f4:cc:77:
e4:23:db:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZIDaVlJDH4pSHRYWu97uP8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjQwOTE4MDQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjc2NWUyNTEwOTdmZGE5ZTIyNDBiY2IyMTVmNGJkYmEzOGQxMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxAqUM8nnsvpOauHJJEwkkD/ab3F
gP1t0sDndOnuXrnv6gDpQTFuXQ54jJYCjNFTEaAzKyJvbGv1VjE4NMjvb7a5cPs6
ee1pToFjF+J8ygAjZGWnNd5zI4bBcfVB4GYLQQh9PZgP91V3AhHzy/6ppDRy8AbO
2+FZUrS/FVaxDMh5YAQkyQSzkRNDU2IJsnKZTeYZQezDX0/dixJH7EOo95J0aGy6
3Gw8gfP2q+yx9vgu5fNXeou7CbLKwgBE7LHwrr6t6kTHeO8C1I0tdiBiyKp+H0aG
t/P2rth1ufHjYHGnDD7/RZQkLZbjz/lRXZIfO2sH2k32+QKV8jflTF6WSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ92XiUQl/2p4iQLyyFfS9ujjRB3MB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvbjNaZUpSQ1hfYW5pSkF2TElWOUwyNk9ORUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOwwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQAgW7UJ4wcjPCObREk2WOd8+l22/UhSmt4eGNRK
fZhkkJdYfSCHmTAbaR2UEAHZNAmQHAphf654Awt1w6A8u3+d3ENdw5SWfum+SoQj
bHTAfq2Epn9Mc6Q8qDJVWe3minQMeFzqnrOyEV8fZ99vRoqhs4mWw+ibqYAdbi2H
FtqmtUJDGbnkGX95hLU7WCNtfhjv4Eo0KBMKyrW1YOCRfCpiBH3O/O6qegT/Ijea
MLAdujSb7VZggqs88mJaGlW29UUtUbv1dhRyB0EcEXUmo2X+/ZUJJ/IxfOaJGddK
z+dA8cuVSqVkTtXkApEWmCJnvqNO/otL+gw5AdD0zHfkI9tX
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:51 2025 by rpki-client