Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/V_1S2U6laNL7GpfpyhBbFhnbwnA.roa
File: V_1S2U6laNL7GpfpyhBbFhnbwnA.roa (raw, json)
Hash identifier: ShHDEa00x6v9VHYxdA6v1hUj48oEhsCaEe5iuYORr2M=
Subject key identifier: 57:FD:52:D9:4E:A5:68:D2:FB:1A:97:E9:CA:10:5B:16:19:DB:C2:70
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0191F9A50BC40BA6B5334437F8111E8DB36E
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/V_1S2U6laNL7GpfpyhBbFhnbwnA.roa
Signing time: Mon 16 Sep 2024 07:03:48 +0000
ROA not before: Mon 16 Sep 2024 07:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211521
IP address blocks: 2a0a:c743:1::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 17 Sep 2024 07:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:a5:0b:c4:0b:a6:b5:33:44:37:f8:11:1e:8d:b3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Sep 16 07:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57fd52d94ea568d2fb1a97e9ca105b1619dbc270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1f:6b:fc:32:32:6f:c0:d3:f4:a5:d4:94:15:
b7:11:d6:61:cd:91:8b:40:1c:73:25:82:3d:6e:9d:
df:0e:6f:3e:d4:91:b4:fd:a9:0f:25:4f:1f:9b:75:
4e:b7:72:d9:df:0e:60:82:b2:dd:83:c1:2b:44:7b:
18:f6:c3:57:d8:62:19:22:7e:34:6e:e4:5c:da:0b:
6c:66:b1:57:74:12:69:ab:3e:0c:b2:c8:f1:ae:b6:
a9:7c:70:0d:bd:3f:99:22:b0:fd:23:f1:e4:35:3f:
4f:52:b3:a7:d7:c8:28:33:11:65:be:80:fd:74:07:
82:fd:ee:8b:fd:61:f0:86:8c:23:fb:b8:72:d7:92:
b0:78:b7:40:7c:18:9a:7b:6d:b3:a5:7b:03:77:6d:
96:d1:81:f6:36:68:8d:9c:e0:40:f2:7d:52:2f:94:
e9:e2:43:d8:fe:fb:c2:62:9f:d7:66:26:e6:c2:af:
54:48:6a:26:6c:3e:8e:4a:2e:00:4c:8a:97:54:a8:
9d:46:d4:5c:32:35:21:1d:de:04:04:8f:9a:89:2d:
24:74:53:7d:d5:d8:1b:d1:7a:04:22:15:14:3c:d2:
5c:6f:56:5f:08:ee:22:f9:56:83:a3:45:3a:6b:14:
df:a5:0e:f3:b7:16:7e:db:cf:df:f3:e2:c6:e7:62:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FD:52:D9:4E:A5:68:D2:FB:1A:97:E9:CA:10:5B:16:19:DB:C2:70
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/V_1S2U6laNL7GpfpyhBbFhnbwnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c743:1::/64
Signature Algorithm: sha256WithRSAEncryption
2d:7b:3a:03:cc:ad:60:d4:d8:cc:ba:20:cf:1c:34:8a:ae:94:
5e:e1:9e:76:71:92:3e:67:42:cf:b6:4e:76:aa:1e:29:17:8e:
7a:3f:5e:fd:34:a8:49:85:10:cb:31:3a:f7:46:72:b8:72:36:
5e:11:c5:a8:9b:07:90:bd:dc:26:12:49:3d:c3:6a:04:3d:32:
d3:55:ee:8a:b7:6f:b6:63:4c:88:02:81:ad:89:9b:68:a5:01:
a3:11:af:52:ed:d5:a4:e0:b4:1d:dd:ee:c7:31:e9:af:40:69:
e2:99:7f:a0:53:ea:ca:64:45:fb:c0:11:de:ec:d8:6a:4f:5c:
b8:50:6e:e4:bb:e1:df:43:e6:51:42:2f:4d:6b:6a:5f:f8:e5:
5a:c3:a2:b9:5a:7c:f1:3f:b3:76:8f:91:9f:05:09:ce:8a:4d:
56:3c:d3:5d:81:c8:ac:a6:9f:ee:4d:f3:24:4f:f2:e8:01:3b:
8a:10:cd:42:27:3f:28:86:5a:2e:55:bd:ce:8e:2b:a9:85:32:
93:41:78:0f:6b:35:6b:13:f3:a5:55:8b:76:41:09:85:3a:43:
0a:c7:43:22:73:f4:61:61:7c:e7:61:5b:d8:7a:f7:3d:8c:c2:
20:3e:fd:06:55:59:fc:f8:8b:fe:7f:b2:58:26:8d:7e:6b:d0:
76:72:d0:f2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZH5pQvEC6a1M0Q3+BEejbNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwOTE2MDcwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2ZkNTJkOTRlYTU2OGQyZmIxYTk3ZTljYTEwNWIxNjE5ZGJjMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix9r/DIyb8DT9KXUlBW3EdZhzZGL
QBxzJYI9bp3fDm8+1JG0/akPJU8fm3VOt3LZ3w5ggrLdg8ErRHsY9sNX2GIZIn40
buRc2gtsZrFXdBJpqz4MssjxrrapfHANvT+ZIrD9I/HkNT9PUrOn18goMxFlvoD9
dAeC/e6L/WHwhowj+7hy15KweLdAfBiae22zpXsDd22W0YH2NmiNnOBA8n1SL5Tp
4kPY/vvCYp/XZibmwq9USGombD6OSi4ATIqXVKidRtRcMjUhHd4EBI+aiS0kdFN9
1dgb0XoEIhUUPNJcb1ZfCO4i+VaDo0U6axTfpQ7ztxZ+28/f8+LG52I27QIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFFf9UtlOpWjS+xqX6coQWxYZ28JwMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvVl8xUzJVNmxhTkw3R3BmcHloQmJGaG5id25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKgrHQwAB
AAAwDQYJKoZIhvcNAQELBQADggEBAC17OgPMrWDU2My6IM8cNIqulF7hnnZxkj5n
Qs+2TnaqHikXjno/Xv00qEmFEMsxOvdGcrhyNl4RxaibB5C93CYSST3DagQ9MtNV
7oq3b7ZjTIgCga2Jm2ilAaMRr1Lt1aTgtB3d7scx6a9AaeKZf6BT6spkRfvAEd7s
2GpPXLhQbuS74d9D5lFCL01ral/45VrDorlafPE/s3aPkZ8FCc6KTVY8012ByKym
n+5N8yRP8ugBO4oQzUInPyiGWi5Vvc6OK6mFMpNBeA9rNWsT86VVi3ZBCYU6QwrH
QyJz9GFhfOdhW9h69z2MwiA+/QZVWfz4i/5/slgmjX5r0HZy0PI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:56 2025 by rpki-client