Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/iVJqoNqsVRCmaqWmL9rIRpejpJk.roa
File: iVJqoNqsVRCmaqWmL9rIRpejpJk.roa (raw, json)
Hash identifier: CTyEfyFRWfjgqIRsclCyt8oAuVEMntGw04uLPqQFwXI=
Subject key identifier: 89:52:6A:A0:DA:AC:55:10:A6:6A:A5:A6:2F:DA:C8:46:97:A3:A4:99
Certificate issuer: /CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Certificate serial: 018CC9BC36977D71FECFF5D734488A03F9B3
Authority key identifier: E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/iVJqoNqsVRCmaqWmL9rIRpejpJk.roa
Signing time: Tue 02 Jan 2024 10:33:24 +0000
ROA not before: Tue 02 Jan 2024 10:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200044
IP address blocks: 2a00:eb9::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:36:97:7d:71:fe:cf:f5:d7:34:48:8a:03:f9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Validity
Not Before: Jan 2 10:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89526aa0daac5510a66aa5a62fdac84697a3a499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:01:99:c6:d5:2f:0e:0b:a5:5a:39:ce:20:3b:
8d:6f:27:15:66:ec:6e:dc:35:24:2a:d4:3f:5e:c6:
02:79:46:47:c0:72:f3:c0:4a:9a:48:a5:d1:95:d1:
f7:4e:d2:d3:16:2a:8b:ba:a1:ac:6c:99:76:45:ff:
05:46:36:3f:bc:05:a1:5b:df:8b:01:78:6f:e3:92:
9f:fa:18:94:5a:73:1c:98:4c:3a:68:2e:99:1a:fd:
58:63:66:83:d0:c3:e5:15:b0:52:b8:3b:4d:5e:71:
c8:d3:bc:b1:92:48:13:24:30:4e:d7:2f:48:ec:9a:
84:79:9f:15:b5:25:00:15:fa:59:6e:f9:c6:41:ca:
74:7c:01:e4:9b:a2:07:a9:44:d7:30:7d:a2:73:49:
aa:97:e9:ba:b0:9e:95:d8:5d:b5:e8:7a:dc:43:89:
7d:6c:2b:17:2e:f1:4a:00:2a:0e:16:f9:52:f9:96:
99:de:fd:35:38:71:b2:84:14:c1:3d:fa:b6:a2:2a:
a5:3c:8c:e5:a5:6e:51:e4:fe:2c:83:fc:f0:64:33:
04:48:a8:4c:aa:d1:79:f8:8e:ec:ab:79:44:48:90:
ec:e2:64:26:3e:9c:13:54:bc:36:67:c0:89:86:85:
db:e3:82:42:a3:47:d5:c6:0d:25:fb:30:1b:fc:cc:
dc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:52:6A:A0:DA:AC:55:10:A6:6A:A5:A6:2F:DA:C8:46:97:A3:A4:99
X509v3 Authority Key Identifier:
keyid:E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/iVJqoNqsVRCmaqWmL9rIRpejpJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:eb9::/32
Signature Algorithm: sha256WithRSAEncryption
1c:03:2f:cc:17:27:41:50:eb:dd:f4:39:55:6e:ee:b7:1e:1a:
16:f9:53:4f:5d:a5:da:bc:01:71:6a:d6:a2:eb:fa:11:29:a5:
b5:16:1f:ca:c4:8f:da:40:ad:ca:67:ed:04:d9:40:41:4e:49:
be:97:89:da:31:38:73:4e:3f:a3:0b:23:b7:c9:1b:cc:02:7e:
37:fe:2b:16:b9:76:77:fb:a6:31:8b:09:d2:93:f0:bd:71:68:
8e:07:9e:0a:40:7e:64:52:02:ca:83:1f:0d:0e:34:a2:81:0d:
ca:71:02:05:53:2f:88:60:d7:c1:72:8d:01:a4:f4:34:66:4c:
72:b6:c9:27:7c:72:41:2a:e8:37:24:9c:51:b8:fb:1d:11:59:
8c:1c:a0:80:60:fe:89:1b:56:1f:22:bb:2a:11:e2:27:aa:e2:
70:92:d7:68:27:a5:0f:58:bb:c0:fd:09:a8:bc:d9:2c:c0:b6:
c2:dd:fe:c7:21:6f:2c:1f:e3:50:08:94:30:c1:e0:ae:5c:77:
56:ca:21:b1:86:90:8d:ae:f9:dc:f4:fb:0f:0f:6d:b6:37:ba:
95:07:b3:ef:f3:0f:40:b3:cc:d2:4f:e9:4d:11:51:71:78:cd:
96:82:58:c0:9b:46:c9:87:2f:2e:2c:9b:cc:bc:7d:77:a4:ac:
bb:5c:06:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvDaXfXH+z/XXNEiKA/mzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzU5MmYxZWI0MWQ2Yzg5M2NkMGRkNzJiNjNmYzM0ZWU1
NTM1MzMwHhcNMjQwMTAyMTAzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUyNmFhMGRhYWM1NTEwYTY2YWE1YTYyZmRhYzg0Njk3YTNhNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQGZxtUvDgulWjnOIDuNbycVZuxu
3DUkKtQ/XsYCeUZHwHLzwEqaSKXRldH3TtLTFiqLuqGsbJl2Rf8FRjY/vAWhW9+L
AXhv45Kf+hiUWnMcmEw6aC6ZGv1YY2aD0MPlFbBSuDtNXnHI07yxkkgTJDBO1y9I
7JqEeZ8VtSUAFfpZbvnGQcp0fAHkm6IHqUTXMH2ic0mql+m6sJ6V2F216HrcQ4l9
bCsXLvFKACoOFvlS+ZaZ3v01OHGyhBTBPfq2oiqlPIzlpW5R5P4sg/zwZDMESKhM
qtF5+I7sq3lESJDs4mQmPpwTVLw2Z8CJhoXb44JCo0fVxg0l+zAb/MzcdQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIlSaqDarFUQpmqlpi/ayEaXo6SZMB8GA1UdIwQY
MBaAFOl1kvHrQdbIk80N1ytj/DTuVTUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAt
MDVmOTBhZDI0ZjNlLzEvaVZKcW9OcXNWUkNtYXFXbUw5cklScGVqcEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80MjIxN2UtZWFkMC00NmJlLThhZDAtMDVmOTBhZDI0ZjNl
LzEvNlhXUzhldEIxc2lUelEzWEsyUDhOTzVWTlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAOuTAN
BgkqhkiG9w0BAQsFAAOCAQEAHAMvzBcnQVDr3fQ5VW7utx4aFvlTT12l2rwBcWrW
ouv6ESmltRYfysSP2kCtymftBNlAQU5JvpeJ2jE4c04/owsjt8kbzAJ+N/4rFrl2
d/umMYsJ0pPwvXFojgeeCkB+ZFICyoMfDQ40ooENynECBVMviGDXwXKNAaT0NGZM
crbJJ3xyQSroNyScUbj7HRFZjByggGD+iRtWHyK7KhHiJ6ricJLXaCelD1i7wP0J
qLzZLMC2wt3+xyFvLB/jUAiUMMHgrlx3VsohsYaQja753PT7Dw9ttje6lQez7/MP
QLPM0k/pTRFRcXjNloJYwJtGyYcvLiybzLx9d6Ssu1wGCQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:54 2025 by rpki-client