Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/U28QZ36XzCIZvBS6eGc4xGjlRTg.roa
File: U28QZ36XzCIZvBS6eGc4xGjlRTg.roa (raw, json)
Hash identifier: 1FgqRvPWms/xUvdchaJkIoMn4BDS0ZMDnTXhHoDeoHQ=
Subject key identifier: 53:6F:10:67:7E:97:CC:22:19:BC:14:BA:78:67:38:C4:68:E5:45:38
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 0193507E3B0B9E77D35D133BC1F47B30E859
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/U28QZ36XzCIZvBS6eGc4xGjlRTg.roa
Signing time: Thu 21 Nov 2024 20:51:10 +0000
ROA not before: Thu 21 Nov 2024 20:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214342
IP address blocks: 2a09:be87::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:7e:3b:0b:9e:77:d3:5d:13:3b:c1:f4:7b:30:e8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Nov 21 20:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=536f10677e97cc2219bc14ba786738c468e54538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5b:3f:83:39:2a:b2:bc:b9:ac:e0:51:d3:25:
d2:f6:59:58:4b:57:c5:39:cb:38:52:ca:1d:48:28:
a1:d7:db:38:17:0c:56:0e:89:c1:fa:a2:b5:ae:ee:
dc:08:4e:a9:84:fa:46:e9:a8:9e:90:79:47:dd:d3:
ea:98:37:03:f9:ce:68:55:86:a1:20:0f:66:7d:fc:
5c:fa:31:99:52:3d:cf:b2:ed:d7:c7:ad:d3:c7:c6:
84:30:bc:aa:ed:5d:78:6e:fc:87:da:9b:39:9a:35:
58:61:97:b4:5a:f5:7e:cc:1c:3f:43:39:c1:6c:1c:
fd:06:ca:34:a6:d9:25:6d:bf:3d:f7:53:b8:f9:ec:
2c:0e:0a:01:48:32:ea:09:41:b0:40:9b:c9:0b:39:
06:07:13:9a:80:69:f2:23:32:ba:24:d3:3c:ef:48:
6d:bd:85:a1:91:21:90:fa:28:a9:ae:98:9d:9b:ae:
7a:06:e1:33:3d:b1:23:75:06:d8:f3:72:5f:58:56:
f1:5b:f9:07:7e:de:e6:e4:9e:fa:0c:ee:82:5f:17:
89:1c:de:d6:2c:c0:e9:dd:7b:6e:a4:6c:13:6e:69:
24:bf:e3:8d:71:eb:3b:af:a6:9b:4c:17:f8:0b:48:
c0:18:69:5a:2d:cc:e9:a9:2b:a3:98:95:71:30:07:
0b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6F:10:67:7E:97:CC:22:19:BC:14:BA:78:67:38:C4:68:E5:45:38
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/U28QZ36XzCIZvBS6eGc4xGjlRTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be87::/32
Signature Algorithm: sha256WithRSAEncryption
65:1c:64:7a:e3:e0:20:76:00:09:17:10:73:60:8f:98:88:ed:
9a:b7:79:18:a9:98:39:fb:74:c9:18:fc:ef:e0:f7:52:ea:49:
56:8d:45:dd:97:3d:97:92:c1:fd:59:f9:f4:e2:59:33:0b:1d:
6d:d2:05:67:9a:eb:57:3f:29:ba:2f:0e:1b:8f:a8:6f:c3:bf:
40:52:29:9b:cf:e5:06:30:d9:33:25:df:de:e3:87:7f:9e:77:
4f:2a:3f:07:af:27:97:11:10:a1:53:01:20:be:b1:bc:c9:64:
fb:a0:b6:48:c7:cb:38:f0:de:11:a5:bc:ce:89:0b:f2:af:a1:
72:1a:c5:30:c0:5c:71:af:d7:aa:ef:90:da:61:1b:53:b9:dd:
42:ae:76:5a:da:c9:f0:d6:c0:45:1c:99:7c:26:b6:a1:44:67:
05:fb:71:57:2e:10:55:1e:67:b1:9b:c1:98:db:41:36:9a:da:
f6:54:7b:b9:5a:0b:c0:e2:7b:37:ad:68:86:89:51:35:f1:12:
51:88:1c:29:ab:cd:22:2c:d5:ce:38:94:3a:8d:9d:60:63:39:
5b:26:c9:8f:2c:54:b7:29:7c:59:af:4b:e5:5a:ca:3e:7c:db:
a2:76:ce:05:1d:6c:d6:a9:e9:e1:9b:db:4d:a9:2b:32:39:f3:
7a:df:a9:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNQfjsLnnfTXRM7wfR7MOhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQxMTIxMjA1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZmMTA2NzdlOTdjYzIyMTliYzE0YmE3ODY3MzhjNDY4ZTU0NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFs/gzkqsry5rOBR0yXS9llYS1fF
Ocs4UsodSCih19s4FwxWDonB+qK1ru7cCE6phPpG6aiekHlH3dPqmDcD+c5oVYah
IA9mffxc+jGZUj3Psu3Xx63Tx8aEMLyq7V14bvyH2ps5mjVYYZe0WvV+zBw/QznB
bBz9Bso0ptklbb8991O4+ewsDgoBSDLqCUGwQJvJCzkGBxOagGnyIzK6JNM870ht
vYWhkSGQ+iiprpidm656BuEzPbEjdQbY83JfWFbxW/kHft7m5J76DO6CXxeJHN7W
LMDp3XtupGwTbmkkv+ONces7r6abTBf4C0jAGGlaLczpqSujmJVxMAcLnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFNvEGd+l8wiGbwUunhnOMRo5UU4MB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvVTI4UVozNlh6Q0ladkJTNmVHYzR4R2psUlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgm+hzAN
BgkqhkiG9w0BAQsFAAOCAQEAZRxkeuPgIHYACRcQc2CPmIjtmrd5GKmYOft0yRj8
7+D3UupJVo1F3Zc9l5LB/Vn59OJZMwsdbdIFZ5rrVz8pui8OG4+ob8O/QFIpm8/l
BjDZMyXf3uOHf553Tyo/B68nlxEQoVMBIL6xvMlk+6C2SMfLOPDeEaW8zokL8q+h
chrFMMBcca/Xqu+Q2mEbU7ndQq52WtrJ8NbARRyZfCa2oURnBftxVy4QVR5nsZvB
mNtBNpra9lR7uVoLwOJ7N61oholRNfESUYgcKavNIizVzjiUOo2dYGM5WybJjyxU
tyl8Wa9L5VrKPnzbonbOBR1s1qnp4ZvbTakrMjnzet+pXA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:39:38 2025 by rpki-client