Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/1zgUWd8LUb9m1CmRohHESCyYSA8.roa
File: 1zgUWd8LUb9m1CmRohHESCyYSA8.roa (raw, json)
Hash identifier: qcv/tGoV8UC5mp33xfT7aXTzWEkpJmmWh8y75lyw4hg=
Subject key identifier: D7:38:14:59:DF:0B:51:BF:66:D4:29:91:A2:11:C4:48:2C:98:48:0F
Certificate issuer: /CN=ee9f79ab1d59847ff1f2e961218c159af264d835
Certificate serial: 018CC2DB28E7DD33EA81FD20DB9E4ABBE012
Authority key identifier: EE:9F:79:AB:1D:59:84:7F:F1:F2:E9:61:21:8C:15:9A:F2:64:D8:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7p95qx1ZhH_x8ulhIYwVmvJk2DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/1zgUWd8LUb9m1CmRohHESCyYSA8.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210660
IP address blocks: 2001:678:cdc::/48 maxlen: 128
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:28:e7:dd:33:ea:81:fd:20:db:9e:4a:bb:e0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee9f79ab1d59847ff1f2e961218c159af264d835
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7381459df0b51bf66d42991a211c4482c98480f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9f:a9:b7:06:f6:40:f5:57:f6:7e:24:eb:fd:
9e:f4:df:57:c1:ca:4f:d1:91:72:cd:2e:f0:19:df:
a4:19:6e:4a:ea:2c:ff:f6:b3:41:49:2b:4a:b2:bd:
6e:c2:ee:70:c4:98:c8:c5:ed:f0:e4:3a:e9:6f:81:
a7:d4:cd:88:55:40:dd:97:9c:51:36:0b:a4:4c:f8:
b8:02:82:c7:41:22:a8:f7:b8:e3:63:e7:cb:05:20:
1d:86:6e:86:03:e0:7b:13:e4:57:9b:16:33:ef:14:
71:ba:e8:9e:f4:a6:04:a2:19:94:3f:09:e8:c1:40:
fd:5a:55:0c:17:9d:3d:92:17:fe:9f:c7:f8:d6:ad:
c1:ae:28:1c:fb:a2:04:af:9e:a4:91:09:3c:35:16:
bc:19:dc:08:e4:5d:34:64:5a:ea:98:67:2e:0d:5b:
f7:4a:33:4f:33:a4:8c:d5:60:08:b3:29:33:ab:e0:
98:4f:5e:6b:a9:ec:bc:77:f8:c7:9c:d8:46:d3:33:
94:84:bf:ac:82:89:60:d4:93:f9:00:19:f7:df:74:
92:82:72:5d:23:0e:dc:6b:a4:c8:a1:15:ce:22:c9:
14:6d:b3:ba:09:26:44:88:86:42:5a:04:a1:4f:1d:
0c:f3:4f:16:8d:6f:da:77:e9:a3:00:8d:f1:67:76:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:38:14:59:DF:0B:51:BF:66:D4:29:91:A2:11:C4:48:2C:98:48:0F
X509v3 Authority Key Identifier:
keyid:EE:9F:79:AB:1D:59:84:7F:F1:F2:E9:61:21:8C:15:9A:F2:64:D8:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7p95qx1ZhH_x8ulhIYwVmvJk2DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/1zgUWd8LUb9m1CmRohHESCyYSA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/57ca76-3457-46ed-9324-ea7a17128a05/1/7p95qx1ZhH_x8ulhIYwVmvJk2DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cdc::/48
Signature Algorithm: sha256WithRSAEncryption
07:62:b9:fe:fe:29:3a:df:84:39:92:92:22:24:5d:41:11:98:
93:9d:e5:67:11:ea:24:f4:fd:2d:7a:c4:77:32:ea:11:bd:81:
a2:d7:fc:16:a6:76:03:07:5c:39:3f:d5:c4:4a:b0:cc:96:e4:
e5:37:88:08:cf:47:a6:96:b4:52:3e:70:4c:07:8e:55:42:3a:
60:53:45:a5:9b:ae:df:71:23:3d:cb:c2:23:5c:55:1e:74:a6:
1b:b2:3e:73:6f:f6:a2:61:26:a5:b3:0b:4c:86:af:61:5d:39:
f2:39:47:27:52:47:69:a8:65:06:bd:83:ee:9b:94:ce:1c:60:
74:6d:5a:78:56:e0:0e:46:0e:c3:05:4f:6f:19:b3:2d:34:db:
06:03:22:fe:46:dd:02:19:85:dc:64:94:e6:78:41:19:7f:ad:
a5:a0:df:47:ca:32:cd:95:dc:35:49:75:ac:9c:74:b8:d4:de:
01:72:a1:94:5f:7d:46:e7:a5:38:31:09:7f:4d:2c:1d:c8:26:
2c:74:f2:36:e7:c0:23:0b:57:e3:21:0a:09:17:63:85:85:fc:
ad:c1:dd:a1:7c:c7:de:92:3f:12:2e:05:97:94:f6:be:f5:67:
ae:82:08:43:30:be:87:cf:c6:4c:21:fb:6f:9d:75:f1:6b:63:
62:a4:42:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2yjn3TPqgf0g255Ku+ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOWY3OWFiMWQ1OTg0N2ZmMWYyZTk2MTIxOGMxNTlhZjI2
NGQ4MzUwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM4MTQ1OWRmMGI1MWJmNjZkNDI5OTFhMjExYzQ0ODJjOTg0ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip+ptwb2QPVX9n4k6/2e9N9XwcpP
0ZFyzS7wGd+kGW5K6iz/9rNBSStKsr1uwu5wxJjIxe3w5Drpb4Gn1M2IVUDdl5xR
NgukTPi4AoLHQSKo97jjY+fLBSAdhm6GA+B7E+RXmxYz7xRxuuie9KYEohmUPwno
wUD9WlUMF509khf+n8f41q3Brigc+6IEr56kkQk8NRa8GdwI5F00ZFrqmGcuDVv3
SjNPM6SM1WAIsykzq+CYT15rqey8d/jHnNhG0zOUhL+sgolg1JP5ABn333SSgnJd
Iw7ca6TIoRXOIskUbbO6CSZEiIZCWgShTx0M808WjW/ad+mjAI3xZ3ZHmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNc4FFnfC1G/ZtQpkaIRxEgsmEgPMB8GA1UdIwQY
MBaAFO6feasdWYR/8fLpYSGMFZryZNg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3A5NXF4MVpoSF94OHVsaElZd1ZtdkprMkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81N2NhNzYtMzQ1Ny00NmVkLTkzMjQt
ZWE3YTE3MTI4YTA1LzEvMXpnVVdkOExVYjltMUNtUm9oSEVTQ3lZU0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81N2NhNzYtMzQ1Ny00NmVkLTkzMjQtZWE3YTE3MTI4YTA1
LzEvN3A5NXF4MVpoSF94OHVsaElZd1ZtdkprMkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAzc
MA0GCSqGSIb3DQEBCwUAA4IBAQAHYrn+/ik634Q5kpIiJF1BEZiTneVnEeok9P0t
esR3MuoRvYGi1/wWpnYDB1w5P9XESrDMluTlN4gIz0emlrRSPnBMB45VQjpgU0Wl
m67fcSM9y8IjXFUedKYbsj5zb/aiYSalswtMhq9hXTnyOUcnUkdpqGUGvYPum5TO
HGB0bVp4VuAORg7DBU9vGbMtNNsGAyL+Rt0CGYXcZJTmeEEZf62loN9HyjLNldw1
SXWsnHS41N4BcqGUX31G56U4MQl/TSwdyCYsdPI258AjC1fjIQoJF2OFhfytwd2h
fMfekj8SLgWXlPa+9WeugghDML6Hz8ZMIftvnXXxa2NipEJY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:29 2025 by rpki-client