Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xjTXOaBbGfBHvS0No6_KQNcwFEo.roa
File: xjTXOaBbGfBHvS0No6_KQNcwFEo.roa (raw, json)
Hash identifier: 90GmHKTLyZThIjA3yeIcrLzUQYJ67sHoSOnGlWdVyBw=
Subject key identifier: C6:34:D7:39:A0:5B:19:F0:47:BD:2D:0D:A3:AF:CA:40:D7:30:14:4A
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC80161A3DAEE7A9B0EB1061D03ECA8E8
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xjTXOaBbGfBHvS0No6_KQNcwFEo.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206592
IP address blocks: 2a0c:b641:3f0::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Jun 2024 09:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:61:a3:da:ee:7a:9b:0e:b1:06:1d:03:ec:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c634d739a05b19f047bd2d0da3afca40d730144a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:9b:78:d6:42:08:4f:0d:62:35:ad:27:d9:
91:14:f9:5a:63:00:a3:d4:51:0b:9e:f0:f8:08:40:
db:69:d5:68:0b:8a:88:5f:b8:c1:a8:59:82:46:e6:
5e:76:e7:13:b7:0e:6b:d6:c0:95:eb:22:79:f2:fc:
17:2e:2f:eb:78:d6:fc:a8:41:57:44:3d:37:61:63:
5e:e8:03:61:9f:50:d0:08:81:45:9f:c6:36:e1:b9:
e4:96:30:25:99:54:c9:62:16:7c:b6:06:e0:78:01:
16:a3:6d:27:89:28:c4:d1:83:42:b7:4e:b1:de:01:
97:12:42:db:eb:a1:eb:ab:c5:62:da:43:55:af:95:
f5:65:fd:51:f8:f5:b9:a2:30:e6:85:cc:1c:63:42:
a8:7c:0f:40:35:5a:be:e2:ca:f6:8d:8f:03:56:ca:
dd:8f:55:f3:c9:28:79:54:ae:43:d1:79:7d:00:b7:
3d:6c:1b:b6:ae:c4:8b:23:29:94:e1:38:b9:0a:d0:
03:67:05:ec:ef:01:a7:39:97:70:b0:ff:2b:91:d7:
c5:0b:a8:d2:51:e7:0f:6b:7a:6f:5f:a1:d1:44:1c:
9b:db:ab:62:a0:8a:57:2e:e2:7d:33:07:72:f2:7f:
7b:e4:33:2d:d0:c5:9a:fd:05:80:96:50:22:18:9e:
30:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:34:D7:39:A0:5B:19:F0:47:BD:2D:0D:A3:AF:CA:40:D7:30:14:4A
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xjTXOaBbGfBHvS0No6_KQNcwFEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:3f0::/44
Signature Algorithm: sha256WithRSAEncryption
9e:2d:2a:aa:28:b0:4e:f7:e9:9b:cd:29:df:67:66:c9:ad:97:
25:c5:31:a2:55:40:e2:14:c4:40:b9:b4:13:93:0a:e4:21:e8:
51:ba:4c:f4:9f:ec:f5:d9:0e:18:1b:26:64:fc:3f:97:b1:94:
91:eb:49:2f:df:de:1c:79:7a:8e:3b:34:5a:55:1a:2b:de:33:
27:d0:0c:bf:a3:85:6b:49:2d:ea:c4:c7:f9:5c:12:4d:0a:f1:
a5:5e:10:11:bb:07:84:da:45:7d:15:c7:30:80:d4:a0:34:bb:
e8:df:53:cf:c7:36:c4:7a:be:6f:a5:dd:37:98:90:1e:ac:71:
14:80:32:18:e1:bc:c2:8b:3f:9b:7f:34:79:13:7a:cc:c5:ce:
83:d9:a5:e8:0b:09:0c:5d:fc:79:22:0f:e5:a4:45:3d:49:8d:
5a:a8:6e:c1:ec:88:7b:5b:ff:d5:a3:00:fb:7e:fe:c8:03:b1:
08:86:77:83:05:52:e1:c8:a6:ee:e5:77:b9:3b:c3:fd:db:92:
8a:7d:98:1c:57:17:54:58:9b:55:90:8b:91:6b:10:6f:1b:5f:
57:9e:e5:29:a9:d0:3e:78:c7:65:90:6a:a6:c3:46:3a:81:e8:
20:4c:e0:52:da:12:51:71:7f:a5:23:71:88:d5:eb:6a:0a:a5:
16:90:38:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAWGj2u56mw6xBh0D7KjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM0ZDczOWEwNWIxOWYwNDdiZDJkMGRhM2FmY2E0MGQ3MzAxNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8ubeNZCCE8NYjWtJ9mRFPlaYwCj
1FELnvD4CEDbadVoC4qIX7jBqFmCRuZeducTtw5r1sCV6yJ58vwXLi/reNb8qEFX
RD03YWNe6ANhn1DQCIFFn8Y24bnkljAlmVTJYhZ8tgbgeAEWo20niSjE0YNCt06x
3gGXEkLb66Hrq8Vi2kNVr5X1Zf1R+PW5ojDmhcwcY0KofA9ANVq+4sr2jY8DVsrd
j1XzySh5VK5D0Xl9ALc9bBu2rsSLIymU4Ti5CtADZwXs7wGnOZdwsP8rkdfFC6jS
UecPa3pvX6HRRByb26tioIpXLuJ9Mwdy8n975DMt0MWa/QWAllAiGJ4wpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMY01zmgWxnwR70tDaOvykDXMBRKMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveGpUWE9hQmJHZkJIdlMwTm82X0tRTmN3RkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQPw
MA0GCSqGSIb3DQEBCwUAA4IBAQCeLSqqKLBO9+mbzSnfZ2bJrZclxTGiVUDiFMRA
ubQTkwrkIehRukz0n+z12Q4YGyZk/D+XsZSR60kv394ceXqOOzRaVRor3jMn0Ay/
o4VrSS3qxMf5XBJNCvGlXhARuweE2kV9FccwgNSgNLvo31PPxzbEer5vpd03mJAe
rHEUgDIY4bzCiz+bfzR5E3rMxc6D2aXoCwkMXfx5Ig/lpEU9SY1aqG7B7Ih7W//V
owD7fv7IA7EIhneDBVLhyKbu5Xe5O8P925KKfZgcVxdUWJtVkIuRaxBvG19XnuUp
qdA+eMdlkGqmw0Y6geggTOBS2hJRcX+lI3GI1etqCqUWkDj/
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:15 2025 by rpki-client