Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ST1lfIGCV2KEs2R_12S3wwJYYYc.roa
File: ST1lfIGCV2KEs2R_12S3wwJYYYc.roa (raw, json)
Hash identifier: gdYnQyHP4lVBaw+6k/IOfTd7dno54AYfNNt3i+YcpnI=
Subject key identifier: 49:3D:65:7C:81:82:57:62:84:B3:64:7F:D7:64:B7:C3:02:58:61:87
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC80175CE34BE83D1D39A4F4EE71FA4B2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ST1lfIGCV2KEs2R_12S3wwJYYYc.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211227
IP address blocks: 2a0c:b641:1d0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 13:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:75:ce:34:be:83:d1:d3:9a:4f:4e:e7:1f:a4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=493d657c8182576284b3647fd764b7c302586187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7c:81:d2:ab:1d:ed:a5:51:50:49:95:23:cb:
d7:24:b0:bd:e4:fc:2c:77:6e:98:f5:f3:34:07:0d:
e6:69:a8:33:24:4e:5d:81:b2:60:64:c3:8d:55:22:
5e:93:89:32:13:b1:06:7d:fd:d0:b1:b2:bb:6c:cd:
48:35:9b:bc:7f:b4:db:bf:c4:e0:31:f1:d1:30:2c:
43:30:2e:c3:17:cc:0e:a8:87:1e:ed:94:ec:7c:10:
5f:3f:9d:e8:c0:d6:24:a2:e0:08:2c:25:ce:0f:3f:
f9:ce:65:1f:01:00:8d:8d:cb:07:66:02:85:52:1a:
03:ec:f8:a4:06:0f:9c:91:b6:18:aa:8b:48:c4:f6:
d7:00:81:3f:d8:61:1d:6f:71:b1:57:b4:14:8b:3d:
29:31:ca:e7:05:7a:25:c9:eb:e3:e3:b4:cb:a1:e8:
2f:d5:c4:c2:71:b3:dc:37:27:f2:e3:5e:47:f4:91:
64:04:a8:3c:ec:25:9b:75:30:cd:8f:5d:a8:de:90:
f2:6e:5c:3e:20:80:09:cb:72:6a:a5:ac:60:d8:9d:
7a:d5:68:15:a6:fb:09:e9:bd:3d:96:70:87:79:bc:
d1:b3:05:93:fc:09:c9:95:3c:23:62:73:e6:79:52:
7b:4b:bb:46:42:2a:74:23:c1:56:90:d5:e3:2a:6b:
b1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3D:65:7C:81:82:57:62:84:B3:64:7F:D7:64:B7:C3:02:58:61:87
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ST1lfIGCV2KEs2R_12S3wwJYYYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:1d0::/44
Signature Algorithm: sha256WithRSAEncryption
95:d7:8f:73:28:0f:a4:51:76:15:a6:e4:71:b6:79:c2:7c:47:
26:00:db:2e:0c:27:99:d5:29:44:b7:6f:6e:33:ca:03:7b:f7:
fc:cb:64:c5:92:c5:c3:68:9b:e5:f2:8a:54:a5:3c:97:98:14:
6a:68:cd:17:b5:39:88:c8:40:9f:0d:ed:20:a3:bd:55:5a:35:
7a:6f:9b:b5:81:24:12:c0:22:4e:ac:fe:e3:09:93:10:01:1c:
c3:cb:c6:3e:13:b0:16:0b:84:aa:23:8c:cd:2f:fa:00:a1:3c:
0c:92:ab:15:48:4e:af:d0:77:ab:bf:f7:3a:7c:ce:0f:e5:e4:
1f:46:d8:9f:c0:87:18:d0:98:3c:e8:63:29:12:af:71:8c:2e:
d6:46:6c:a2:aa:bb:e3:d3:f3:b4:d0:6b:76:0d:7d:2b:44:52:
91:1a:d9:7d:2b:2f:2e:db:50:09:27:86:3c:1d:95:dd:3f:15:
a5:d0:51:d2:95:df:a0:e9:a4:80:8b:e6:ff:5e:96:68:80:02:
25:eb:e3:f8:a1:a5:28:de:30:77:06:ca:32:7f:a6:33:16:6c:
a4:69:48:1c:d2:c8:86:82:65:b3:de:e0:db:b0:2d:df:dd:2e:
71:53:d9:bd:53:25:bc:e5:a8:0b:db:87:97:b8:7a:c6:ca:b6:
b5:f2:3b:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAXXONL6D0dOaT07nH6SyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNkNjU3YzgxODI1NzYyODRiMzY0N2ZkNzY0YjdjMzAyNTg2MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunyB0qsd7aVRUEmVI8vXJLC95Pws
d26Y9fM0Bw3maagzJE5dgbJgZMONVSJek4kyE7EGff3QsbK7bM1INZu8f7Tbv8Tg
MfHRMCxDMC7DF8wOqIce7ZTsfBBfP53owNYkouAILCXODz/5zmUfAQCNjcsHZgKF
UhoD7PikBg+ckbYYqotIxPbXAIE/2GEdb3GxV7QUiz0pMcrnBXolyevj47TLoegv
1cTCcbPcNyfy415H9JFkBKg87CWbdTDNj12o3pDyblw+IIAJy3Jqpaxg2J161WgV
pvsJ6b09lnCHebzRswWT/AnJlTwjYnPmeVJ7S7tGQip0I8FWkNXjKmuxBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEk9ZXyBgldihLNkf9dkt8MCWGGHMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvU1QxbGZJR0NWMktFczJSXzEyUzN3d0pZWVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCV149zKA+kUXYVpuRxtnnCfEcmANsuDCeZ1SlE
t29uM8oDe/f8y2TFksXDaJvl8opUpTyXmBRqaM0XtTmIyECfDe0go71VWjV6b5u1
gSQSwCJOrP7jCZMQARzDy8Y+E7AWC4SqI4zNL/oAoTwMkqsVSE6v0Herv/c6fM4P
5eQfRtifwIcY0Jg86GMpEq9xjC7WRmyiqrvj0/O00Gt2DX0rRFKRGtl9Ky8u21AJ
J4Y8HZXdPxWl0FHSld+g6aSAi+b/XpZogAIl6+P4oaUo3jB3Bsoyf6YzFmykaUgc
0siGgmWz3uDbsC3f3S5xU9m9UyW85agL24eXuHrGyra18jvy
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:51 2025 by rpki-client