Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/nUe7ir7j2OZjQpgmC72h9ZS4qHE.roa
File: nUe7ir7j2OZjQpgmC72h9ZS4qHE.roa (raw, json)
Hash identifier: eHreNn2l+ib+ipIPYrvV/Lt7VMr2WwW5e2gLlA5rzZ8=
Subject key identifier: 9D:47:BB:8A:BE:E3:D8:E6:63:42:98:26:0B:BD:A1:F5:94:B8:A8:71
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018DCC86E298D49F34BF045EB893A79D8D1F
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/nUe7ir7j2OZjQpgmC72h9ZS4qHE.roa
Signing time: Wed 21 Feb 2024 16:36:48 +0000
ROA not before: Wed 21 Feb 2024 16:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0d:87c0::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:86:e2:98:d4:9f:34:bf:04:5e:b8:93:a7:9d:8d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Feb 21 16:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d47bb8abee3d8e6634298260bbda1f594b8a871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:d2:1b:31:22:e1:94:80:60:f8:70:8b:ec:
47:80:76:97:e3:41:fd:ad:c1:75:ea:ee:25:6e:7b:
c6:dc:a3:bb:6b:f6:94:75:c1:2a:2e:6c:43:cd:52:
7e:70:23:86:95:03:f5:9d:1e:28:6c:0d:d7:bd:69:
d0:40:65:d5:7b:7b:d5:d0:be:d2:0f:09:0c:d1:b3:
b1:cc:0e:15:a1:05:3b:d4:ad:17:65:a9:19:04:c0:
3d:bc:f7:c4:15:6d:97:62:61:0c:3d:55:2c:db:1e:
37:a6:63:d3:de:68:0d:9e:c2:92:80:0a:b6:43:f6:
16:11:9b:0d:5a:94:04:0b:b7:12:cf:50:50:03:c5:
0b:49:2b:46:08:55:05:f1:a1:93:7f:22:f1:8c:5e:
3d:02:6f:b9:44:e5:7e:31:06:bc:ac:d4:58:22:68:
e4:a6:40:41:a6:06:b1:df:60:a5:8f:9e:f7:0a:a7:
f7:de:64:68:15:27:98:c2:a0:77:da:66:06:c9:16:
44:b0:bf:a3:53:ca:3c:08:51:e3:7e:8c:1b:83:74:
32:96:25:09:9f:48:2b:2d:f9:88:31:c8:fb:b2:f1:
31:3b:fe:57:bd:cc:f2:4d:2f:58:f5:10:ef:b1:96:
84:05:b2:fa:dd:21:be:ee:14:2f:b0:f6:b7:5e:5e:
bc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:47:BB:8A:BE:E3:D8:E6:63:42:98:26:0B:BD:A1:F5:94:B8:A8:71
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/nUe7ir7j2OZjQpgmC72h9ZS4qHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:68:65:6c:8c:49:f9:7f:46:b4:8e:e1:d1:39:30:6a:6a:bf:
f1:3d:ec:4a:a6:94:9e:11:1d:c0:2f:bd:e9:27:bd:08:d5:f4:
fd:26:1c:7a:58:b1:e2:bf:f5:88:08:ec:99:8c:35:21:fe:e5:
63:1f:b6:fe:e0:a6:55:c2:a0:eb:a4:a0:ab:5e:8f:a4:bf:6e:
a5:34:28:ef:79:e0:cc:8b:9f:c4:0e:de:6f:2e:f3:7e:d9:e7:
43:49:66:8e:f6:47:97:37:1a:25:00:da:28:bb:9f:04:63:c1:
0e:af:7f:0f:87:94:8b:3c:4e:ad:05:81:f1:e6:92:f9:e0:67:
39:4d:4e:61:a1:e4:0d:4f:fe:81:ec:ab:e2:92:1e:59:8a:63:
63:27:74:ab:ac:ab:42:1c:f6:1c:f5:99:7a:8d:97:58:09:da:
6b:d4:74:b8:fe:c5:8e:15:68:61:3f:80:62:37:d8:5c:53:ec:
38:36:3c:f4:1f:86:c8:7b:f2:e1:40:07:08:bd:7e:52:22:5c:
32:38:59:8a:47:5b:a4:e2:80:7e:08:5c:76:11:bb:bf:38:12:
25:e4:8a:1f:f3:5d:32:ab:a6:e1:1f:64:88:b1:33:c4:28:0b:
b1:a5:1f:b7:4b:8c:ef:a2:c5:55:4b:7f:f1:63:3d:20:16:38:
0d:b2:2d:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3MhuKY1J80vwReuJOnnY0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMjIxMTYzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ3YmI4YWJlZTNkOGU2NjM0Mjk4MjYwYmJkYTFmNTk0YjhhODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk37SGzEi4ZSAYPhwi+xHgHaX40H9
rcF16u4lbnvG3KO7a/aUdcEqLmxDzVJ+cCOGlQP1nR4obA3XvWnQQGXVe3vV0L7S
DwkM0bOxzA4VoQU71K0XZakZBMA9vPfEFW2XYmEMPVUs2x43pmPT3mgNnsKSgAq2
Q/YWEZsNWpQEC7cSz1BQA8ULSStGCFUF8aGTfyLxjF49Am+5ROV+MQa8rNRYImjk
pkBBpgax32Clj573Cqf33mRoFSeYwqB32mYGyRZEsL+jU8o8CFHjfowbg3QyliUJ
n0grLfmIMcj7svExO/5XvczyTS9Y9RDvsZaEBbL63SG+7hQvsPa3Xl68iQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ1Hu4q+49jmY0KYJgu9ofWUuKhxMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvblVlN2lyN2oyT1pqUXBnbUM3Mmg5WlM0cUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2HwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbGhlbIxJ+X9GtI7h0Tkwamq/8T3sSqaUnhEdwC+9
6Se9CNX0/SYcelix4r/1iAjsmYw1If7lYx+2/uCmVcKg66Sgq16PpL9upTQo73ng
zIufxA7eby7zftnnQ0lmjvZHlzcaJQDaKLufBGPBDq9/D4eUizxOrQWB8eaS+eBn
OU1OYaHkDU/+geyr4pIeWYpjYyd0q6yrQhz2HPWZeo2XWAnaa9R0uP7FjhVoYT+A
YjfYXFPsODY89B+GyHvy4UAHCL1+UiJcMjhZikdbpOKAfghcdhG7vzgSJeSKH/Nd
Mqum4R9kiLEzxCgLsaUft0uM76LFVUt/8WM9IBY4DbIt7Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:39 2025 by rpki-client