Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/rmTw4bo4YPxI3-oLW9DEHu3wUwI.roa
File: rmTw4bo4YPxI3-oLW9DEHu3wUwI.roa (raw, json)
Hash identifier: oz9l5/UHiBxbKnkQImNW14CCzH/+iZEybxkAkjFgxZA=
Subject key identifier: AE:64:F0:E1:BA:38:60:FC:48:DF:EA:0B:5B:D0:C4:1E:ED:F0:53:02
Certificate issuer: /CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Certificate serial: 018CC64B0BF724AFA41C0EE8B78654E28A71
Authority key identifier: F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/rmTw4bo4YPxI3-oLW9DEHu3wUwI.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202352
IP address blocks: 2a05:6584::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0b:f7:24:af:a4:1c:0e:e8:b7:86:54:e2:8a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae64f0e1ba3860fc48dfea0b5bd0c41eedf05302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:e0:a6:80:8a:a4:c7:fe:80:63:4d:be:c2:
f3:3c:a2:4e:e4:22:28:fb:83:01:3c:03:5b:e0:04:
53:40:3a:38:cc:16:de:9c:13:99:a5:61:49:5e:36:
fd:56:96:42:9f:2c:5f:ce:99:68:50:3f:db:03:19:
b2:42:f0:a3:0a:66:cc:4d:71:4d:46:f6:d2:b2:ec:
3b:57:b6:e8:66:0b:0f:26:77:5a:f5:80:98:fb:1e:
ab:f0:d6:f4:a4:5a:1f:1d:c2:ad:d0:d3:bd:e0:b2:
b9:47:43:cd:16:87:b9:dc:71:8c:af:b6:df:0d:97:
51:62:bd:78:0f:70:be:ff:67:a1:89:75:1e:5c:b5:
fc:4c:d6:4f:77:10:be:bc:a0:42:26:da:be:d5:0f:
a7:48:4a:52:b5:cc:d9:d6:5c:2d:6e:f9:08:09:7f:
c7:fd:7b:f4:2f:2f:00:ae:d7:d8:14:52:63:95:ff:
98:35:56:8b:4c:32:78:f2:4b:27:29:2b:b2:c4:e2:
3c:91:3d:90:32:09:c8:33:e1:7f:14:9c:03:d9:ce:
92:ef:5e:e5:d3:ed:7f:e2:c1:d0:e7:76:8d:91:21:
94:0a:ef:a3:3c:ab:9c:62:4e:27:d1:d7:6f:ea:54:
c9:f4:11:d1:da:36:55:d5:9c:f6:16:e1:7a:8d:be:
5a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:F0:E1:BA:38:60:FC:48:DF:EA:0B:5B:D0:C4:1E:ED:F0:53:02
X509v3 Authority Key Identifier:
keyid:F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/rmTw4bo4YPxI3-oLW9DEHu3wUwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6584::/32
Signature Algorithm: sha256WithRSAEncryption
56:08:16:79:3b:22:7d:9b:82:cd:8f:37:3f:d8:21:01:d4:03:
98:49:b4:42:69:64:f6:c7:03:22:53:d5:51:66:0b:fa:83:a9:
6a:39:18:a3:99:d8:dd:74:db:4e:aa:de:09:85:f0:38:bb:f4:
5d:26:ac:36:68:0d:ce:18:4a:fc:61:23:4d:9f:6c:50:ac:ca:
5d:e8:17:7a:16:ef:3f:be:33:52:74:a6:1f:18:d9:76:a8:e3:
63:26:18:49:a0:d2:d8:a9:18:44:c2:f5:36:c8:7d:a9:e1:bd:
a4:b4:5c:2b:12:51:bf:58:c4:39:a9:74:fe:5e:28:7b:87:4f:
66:5a:48:d8:d2:c9:73:89:db:66:ad:f7:2b:4a:8c:19:63:f2:
84:38:18:d2:b9:65:ea:32:93:bf:da:e4:86:53:99:82:c8:df:
67:34:ca:56:30:d7:7b:0f:2a:41:fb:cb:ca:28:6e:22:34:2a:
31:d4:0e:98:34:25:71:13:38:fe:86:54:c7:79:06:ab:68:10:
62:1f:94:d2:df:ea:41:6f:3f:ec:b9:92:a0:85:45:ea:b7:30:
65:74:43:fd:e7:1d:24:53:3e:d5:9f:84:7e:c7:a2:b3:cb:1a:
4f:16:bc:fd:9d:80:c1:4e:cc:d2:75:47:70:56:e8:c2:0d:00:
dc:07:1b:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSwv3JK+kHA7ot4ZU4opxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2M5M2RkYjFhMTcxNTFjNTZmMjJkY2FmMzFkZDgyMjk0
NjM3NDIwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY0ZjBlMWJhMzg2MGZjNDhkZmVhMGI1YmQwYzQxZWVkZjA1MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCHgpoCKpMf+gGNNvsLzPKJO5CIo
+4MBPANb4ARTQDo4zBbenBOZpWFJXjb9VpZCnyxfzploUD/bAxmyQvCjCmbMTXFN
RvbSsuw7V7boZgsPJnda9YCY+x6r8Nb0pFofHcKt0NO94LK5R0PNFoe53HGMr7bf
DZdRYr14D3C+/2ehiXUeXLX8TNZPdxC+vKBCJtq+1Q+nSEpStczZ1lwtbvkICX/H
/Xv0Ly8ArtfYFFJjlf+YNVaLTDJ48ksnKSuyxOI8kT2QMgnIM+F/FJwD2c6S717l
0+1/4sHQ53aNkSGUCu+jPKucYk4n0ddv6lTJ9BHR2jZV1Zz2FuF6jb5a3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK5k8OG6OGD8SN/qC1vQxB7t8FMCMB8GA1UdIwQY
MBaAFPJ8k92xoXFRxW8i3K8x3YIpRjdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5Mjkt
MzZlMGM4YWZlMjZhLzEvcm1UdzRibzRZUHhJMy1vTFc5REVIdTN3VXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5MjktMzZlMGM4YWZlMjZh
LzEvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgVlhDAN
BgkqhkiG9w0BAQsFAAOCAQEAVggWeTsifZuCzY83P9ghAdQDmEm0Qmlk9scDIlPV
UWYL+oOpajkYo5nY3XTbTqreCYXwOLv0XSasNmgNzhhK/GEjTZ9sUKzKXegXehbv
P74zUnSmHxjZdqjjYyYYSaDS2KkYRML1Nsh9qeG9pLRcKxJRv1jEOal0/l4oe4dP
ZlpI2NLJc4nbZq33K0qMGWPyhDgY0rll6jKTv9rkhlOZgsjfZzTKVjDXew8qQfvL
yihuIjQqMdQOmDQlcRM4/oZUx3kGq2gQYh+U0t/qQW8/7LmSoIVF6rcwZXRD/ecd
JFM+1Z+Efseis8saTxa8/Z2AwU7M0nVHcFbowg0A3AcbHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:35 2025 by rpki-client