Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/AtveoMEfvepUaXuLEIBi_aFLNRE.roa
File: AtveoMEfvepUaXuLEIBi_aFLNRE.roa (raw, json)
Hash identifier: ZSmwE2KGPg7QHvdqHjrGKNciYhMvqQ7AKTIZq413uJo=
Subject key identifier: 02:DB:DE:A0:C1:1F:BD:EA:54:69:7B:8B:10:80:62:FD:A1:4B:35:11
Certificate issuer: /CN=044aacab9a49e143de68979ad156b42dabddde8c
Certificate serial: 018CC6B7D7275C84AF69F4EDD92B817B59EC
Authority key identifier: 04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/AtveoMEfvepUaXuLEIBi_aFLNRE.roa
Signing time: Mon 01 Jan 2024 20:29:46 +0000
ROA not before: Mon 01 Jan 2024 20:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 2a07:2e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d7:27:5c:84:af:69:f4:ed:d9:2b:81:7b:59:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044aacab9a49e143de68979ad156b42dabddde8c
Validity
Not Before: Jan 1 20:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02dbdea0c11fbdea54697b8b108062fda14b3511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f3:1e:70:f2:ba:c6:fa:12:a1:c9:c8:56:7d:
cd:81:63:68:80:65:1a:74:f8:f0:c0:f2:3e:59:ce:
5b:6c:fa:fe:31:a7:c9:0b:87:75:a1:5d:40:29:e3:
58:5b:61:48:ee:8b:77:ef:bf:f8:85:5c:41:fd:6c:
09:0c:5a:17:39:1c:21:c4:bf:48:fe:da:e9:8e:8e:
ec:66:90:97:e4:db:c2:5c:72:3c:45:35:31:ed:44:
55:93:56:4c:30:15:2f:c7:28:2d:d5:12:83:5d:6b:
a0:d8:2c:a6:10:e2:57:79:dd:0c:9e:15:6d:57:26:
4b:03:3c:85:13:23:40:00:32:7b:e0:60:3f:60:de:
9b:59:ab:fa:01:45:c2:ec:93:74:b2:73:63:43:2a:
6b:cf:85:bf:4f:a2:a7:57:5b:c6:f6:4c:35:ff:c0:
06:b3:e4:31:bd:f2:84:ff:1b:f3:a9:de:c1:1b:57:
69:ee:66:44:96:77:70:0c:9b:d6:ba:ff:a3:ec:b2:
ee:cb:14:ff:47:7b:d8:4d:c4:3d:f1:8d:8d:53:3c:
48:6e:3d:68:0b:f6:89:a0:97:12:ce:14:bd:20:e9:
bf:cb:9f:af:1d:9f:3f:7d:ae:0b:c2:1e:fd:96:26:
97:a0:de:16:74:da:d6:7f:67:ef:19:e2:e2:42:45:
a3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DB:DE:A0:C1:1F:BD:EA:54:69:7B:8B:10:80:62:FD:A1:4B:35:11
X509v3 Authority Key Identifier:
keyid:04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/AtveoMEfvepUaXuLEIBi_aFLNRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/BEqsq5pJ4UPeaJea0Va0Lavd3ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
1e:e0:b8:b3:79:41:f6:4d:c5:75:16:62:d5:fd:01:fb:72:38:
ad:87:e5:db:8c:e5:71:48:00:52:ed:01:3d:98:ed:96:87:26:
23:53:f4:8d:4f:80:d4:19:23:11:1a:55:3f:db:10:92:3b:2c:
0f:a5:52:44:a4:4f:3c:b5:38:e8:85:e9:d3:a1:19:04:2e:4c:
22:93:a6:73:bd:59:32:84:3a:d9:fa:1f:80:0a:51:bb:c8:d3:
03:08:63:e7:c1:45:8a:cf:97:ce:5d:23:06:55:0b:68:58:aa:
c5:12:6f:6e:ba:0d:9d:19:0e:0d:09:63:77:b7:ec:a1:46:9f:
65:f0:4f:f8:25:5c:10:94:c6:89:5a:fc:e2:2b:5c:77:1a:d9:
73:1d:1f:86:fe:f3:2d:67:35:79:a3:41:0b:0b:0b:4d:16:4d:
7b:c1:a1:d2:66:71:5e:1e:a8:42:4b:ed:e0:4e:8a:07:ac:96:
a3:bb:58:67:73:74:6d:3c:6d:ca:10:87:07:4f:3d:9f:79:e6:
50:e2:ac:71:95:f2:ac:48:4a:e4:63:a5:71:19:d2:d1:9c:34:
09:88:df:a6:27:fd:6b:6d:43:c1:16:0f:b0:e6:a9:6a:8a:cd:
05:fc:c1:d0:47:12:e0:31:68:37:4c:58:c2:fd:67:cb:71:22:
93:1f:1e:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGt9cnXISvafTt2SuBe1nsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGFhY2FiOWE0OWUxNDNkZTY4OTc5YWQxNTZiNDJkYWJk
ZGRlOGMwHhcNMjQwMTAxMjAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmRiZGVhMGMxMWZiZGVhNTQ2OTdiOGIxMDgwNjJmZGExNGIzNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/MecPK6xvoSocnIVn3NgWNogGUa
dPjwwPI+Wc5bbPr+MafJC4d1oV1AKeNYW2FI7ot377/4hVxB/WwJDFoXORwhxL9I
/trpjo7sZpCX5NvCXHI8RTUx7URVk1ZMMBUvxygt1RKDXWug2CymEOJXed0MnhVt
VyZLAzyFEyNAADJ74GA/YN6bWav6AUXC7JN0snNjQyprz4W/T6KnV1vG9kw1/8AG
s+QxvfKE/xvzqd7BG1dp7mZElndwDJvWuv+j7LLuyxT/R3vYTcQ98Y2NUzxIbj1o
C/aJoJcSzhS9IOm/y5+vHZ8/fa4Lwh79liaXoN4WdNrWf2fvGeLiQkWjcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFALb3qDBH73qVGl7ixCAYv2hSzURMB8GA1UdIwQY
MBaAFARKrKuaSeFD3miXmtFWtC2r3d6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDIt
M2JiOTI2ODc2MDJjLzEvQXR2ZW9NRWZ2ZXBVYVh1TEVJQmlfYUZMTlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDItM2JiOTI2ODc2MDJj
LzEvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgcuQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHuC4s3lB9k3FdRZi1f0B+3I4rYfl24zlcUgAUu0B
PZjtlocmI1P0jU+A1BkjERpVP9sQkjssD6VSRKRPPLU46IXp06EZBC5MIpOmc71Z
MoQ62fofgApRu8jTAwhj58FFis+Xzl0jBlULaFiqxRJvbroNnRkODQljd7fsoUaf
ZfBP+CVcEJTGiVr84itcdxrZcx0fhv7zLWc1eaNBCwsLTRZNe8Gh0mZxXh6oQkvt
4E6KB6yWo7tYZ3N0bTxtyhCHB089n3nmUOKscZXyrEhK5GOlcRnS0Zw0CYjfpif9
a21DwRYPsOapaorNBfzB0EcS4DFoN0xYwv1ny3Eikx8eTA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:26:35 2025 by rpki-client