Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Nd0wpw2pS-aM4kicKDwT2wc-JEw.roa
File: Nd0wpw2pS-aM4kicKDwT2wc-JEw.roa (raw, json)
Hash identifier: ZnzklcGq3TLtBWWWCIPXABQkhBRmyHYhpTJIXuXegAQ=
Subject key identifier: 35:DD:30:A7:0D:A9:4B:E6:8C:E2:48:9C:28:3C:13:DB:07:3E:24:4C
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0193735721ED62A086BB3BA8CA4147CEB210
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Nd0wpw2pS-aM4kicKDwT2wc-JEw.roa
Signing time: Thu 28 Nov 2024 15:15:10 +0000
ROA not before: Thu 28 Nov 2024 15:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213791
IP address blocks: 2a0c:b641:d60::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:57:21:ed:62:a0:86:bb:3b:a8:ca:41:47:ce:b2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 28 15:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35dd30a70da94be68ce2489c283c13db073e244c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e0:4c:9e:2c:44:da:32:af:20:52:c8:df:4a:
57:64:e9:97:23:5f:9b:38:c3:89:ee:b2:d3:4b:cd:
1f:9e:ac:8d:58:b3:58:cf:85:f9:3b:69:8a:3d:b3:
bc:25:94:c1:fe:8e:a6:59:2b:64:da:59:0b:79:e6:
13:e8:3b:9f:f7:89:5d:84:5f:e2:e3:06:ce:37:c4:
3a:d4:59:3c:57:3b:76:f7:54:cc:97:0b:5f:fa:85:
bd:93:d6:d3:cf:44:37:42:20:42:28:b4:7b:c7:fb:
61:a0:50:9f:b1:a5:b1:c6:c3:39:45:91:89:bd:3e:
93:72:1a:37:a0:8f:19:89:00:cf:0d:6d:c1:e2:3c:
0b:4b:96:ab:e2:bd:43:ad:fd:b0:4b:0b:1c:9e:f9:
b2:30:c5:d0:ff:b2:a9:b1:9f:ef:eb:3c:24:48:08:
d5:0a:bb:3c:12:1e:d9:c5:f4:cf:a2:97:a2:8b:1e:
47:7f:7f:6e:d4:58:24:64:0e:d2:d3:02:84:26:f1:
0a:74:ff:ac:d5:cd:ad:6f:1b:dc:ac:e9:28:82:96:
6b:28:fa:15:76:87:fe:13:a2:30:3f:b2:9f:04:5b:
76:26:3a:02:d2:f6:63:b4:a7:ca:cc:6d:61:f1:f6:
4a:5d:25:12:1d:b5:78:e7:82:bf:97:bb:cd:0e:1e:
8b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DD:30:A7:0D:A9:4B:E6:8C:E2:48:9C:28:3C:13:DB:07:3E:24:4C
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Nd0wpw2pS-aM4kicKDwT2wc-JEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:d60::/44
Signature Algorithm: sha256WithRSAEncryption
35:01:32:0a:c2:74:b7:de:1e:ec:67:80:8b:b7:88:fe:fe:22:
c2:e8:83:aa:ba:73:20:b8:02:6a:5a:b3:f8:d5:81:b6:08:ab:
45:c2:71:a0:f0:1f:46:3d:c5:11:da:92:1c:98:26:02:dc:32:
c8:13:5e:00:48:b4:4c:66:06:97:ed:5f:a2:6c:6c:33:8d:b8:
53:09:f3:85:51:e1:6f:e4:63:e8:85:8d:2f:41:2d:ff:bc:4a:
da:79:15:8d:93:76:2a:19:01:7d:70:a5:a8:9d:86:f2:28:c1:
92:7d:d8:98:1a:7a:7b:bb:10:62:ad:5d:57:75:ed:31:cf:fe:
15:bc:4a:ed:05:48:7a:12:42:27:cf:d6:15:28:36:fe:9a:e8:
b3:95:8a:25:50:14:de:1f:94:cd:39:ed:6f:b4:bb:98:f7:cc:
90:32:19:33:fc:00:05:f5:a7:b0:2e:7c:ef:22:ed:5f:a4:09:
5a:34:ea:cb:11:38:d2:6c:72:fa:3c:d3:0f:7e:8b:be:ce:eb:
9b:a8:48:8e:e7:fb:b6:da:26:83:13:5b:3a:3f:ce:89:c9:ff:
00:f6:ac:2d:d3:05:53:ed:21:eb:9e:19:67:3a:0f:02:bd:7a:
61:97:f9:51:9d:f4:b7:c1:cc:15:0d:c6:d7:53:b3:c4:0b:3c:
4d:bf:ea:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNzVyHtYqCGuzuoykFHzrIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQxMTI4MTUxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRkMzBhNzBkYTk0YmU2OGNlMjQ4OWMyODNjMTNkYjA3M2UyNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleBMnixE2jKvIFLI30pXZOmXI1+b
OMOJ7rLTS80fnqyNWLNYz4X5O2mKPbO8JZTB/o6mWStk2lkLeeYT6Duf94ldhF/i
4wbON8Q61Fk8Vzt291TMlwtf+oW9k9bTz0Q3QiBCKLR7x/thoFCfsaWxxsM5RZGJ
vT6Tcho3oI8ZiQDPDW3B4jwLS5ar4r1Drf2wSwscnvmyMMXQ/7KpsZ/v6zwkSAjV
Crs8Eh7ZxfTPopeiix5Hf39u1FgkZA7S0wKEJvEKdP+s1c2tbxvcrOkogpZrKPoV
dof+E6IwP7KfBFt2JjoC0vZjtKfKzG1h8fZKXSUSHbV454K/l7vNDh6L2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDXdMKcNqUvmjOJInCg8E9sHPiRMMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTmQwd3B3MnBTLWFNNGtpY0tEd1Qyd2MtSkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQ1g
MA0GCSqGSIb3DQEBCwUAA4IBAQA1ATIKwnS33h7sZ4CLt4j+/iLC6IOqunMguAJq
WrP41YG2CKtFwnGg8B9GPcUR2pIcmCYC3DLIE14ASLRMZgaX7V+ibGwzjbhTCfOF
UeFv5GPohY0vQS3/vEraeRWNk3YqGQF9cKWonYbyKMGSfdiYGnp7uxBirV1Xde0x
z/4VvErtBUh6EkInz9YVKDb+muizlYolUBTeH5TNOe1vtLuY98yQMhkz/AAF9aew
LnzvIu1fpAlaNOrLETjSbHL6PNMPfou+zuubqEiO5/u22iaDE1s6P86Jyf8A9qwt
0wVT7SHrnhlnOg8CvXphl/lRnfS3wcwVDcbXU7PECzxNv+pL
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:28 2025 by rpki-client