Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4qftpIAdQbg1YEL6rma0VXQgAxY.roa
File: 4qftpIAdQbg1YEL6rma0VXQgAxY.roa (raw, json)
Hash identifier: bUzWcJF6xrYZtZ0kCnyjHzNsSj2KkJEepQPKPlgYZrI=
Subject key identifier: E2:A7:ED:A4:80:1D:41:B8:35:60:42:FA:AE:66:B4:55:74:20:03:16
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0C6E57BF89ECBBC675959679F068
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4qftpIAdQbg1YEL6rma0VXQgAxY.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203531
IP address blocks: 2a05:b0c6:1000::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0c:6e:57:bf:89:ec:bb:c6:75:95:96:79:f0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2a7eda4801d41b8356042faae66b45574200316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:2c:11:3c:e7:2a:09:c6:a1:7f:37:81:02:
95:70:2b:9d:59:d4:d0:3a:e9:96:dd:97:7f:9a:03:
74:21:53:70:8b:5a:29:68:47:af:19:0f:50:b3:c2:
1b:21:7d:2e:0c:58:e1:23:86:a9:3f:66:07:19:5e:
32:e5:bc:7f:fb:05:80:73:61:e2:9b:98:ea:53:5d:
7b:a5:bc:4e:f9:69:3c:fb:87:a2:c4:34:03:f5:d7:
f6:c4:ed:9a:06:51:93:a6:73:76:69:33:9a:dc:f2:
f9:0b:bd:b4:4a:37:d4:15:d0:bb:67:be:ce:70:55:
8b:16:66:61:9e:e5:09:4d:15:db:17:3a:1e:93:58:
2a:20:74:d2:0a:51:45:b6:ea:6c:31:5b:13:f1:fd:
d4:ea:3c:91:95:d4:d9:ef:81:57:b6:26:a4:2b:f4:
1c:61:72:2c:2d:20:df:16:5a:a7:f9:c0:b3:29:bd:
24:78:92:90:25:32:3e:df:0c:2c:ae:8b:5d:a4:a7:
3f:d3:c5:c2:98:12:58:e3:c2:46:69:49:be:5b:ef:
3d:91:df:f4:4b:54:2f:29:02:77:c9:6c:8a:0f:40:
21:c6:ca:e6:17:e9:d2:f1:65:a6:ca:37:3e:1b:c6:
83:fb:c6:cf:ff:8e:cb:81:e4:c0:64:32:74:74:fe:
a7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A7:ED:A4:80:1D:41:B8:35:60:42:FA:AE:66:B4:55:74:20:03:16
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/4qftpIAdQbg1YEL6rma0VXQgAxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:1000::/44
Signature Algorithm: sha256WithRSAEncryption
38:c3:28:dd:fa:8f:ef:9e:32:bf:90:3a:9d:75:ae:91:32:61:
97:f6:47:04:31:6e:f8:5a:5d:6a:9d:ad:bd:92:bd:f0:ea:8c:
f2:d0:7d:8a:5d:a5:50:2f:c8:54:50:ec:d1:3b:49:c8:45:5f:
b5:6f:9c:ed:74:03:de:27:36:67:fe:a0:1c:d1:df:67:6f:f8:
ab:06:8c:5e:bf:56:3f:78:7f:66:c2:79:e7:47:11:9f:77:8e:
d4:31:22:b5:fd:c3:07:25:75:99:40:be:ae:59:1b:5e:83:4f:
9b:92:f8:61:86:78:27:bc:20:8a:54:e1:38:7d:7f:84:35:4c:
ef:41:60:57:e8:3a:e7:1d:45:80:60:f9:87:21:63:93:40:5b:
61:d0:4d:ef:3d:ae:7b:c9:35:ef:4f:b8:23:08:50:f0:d1:d2:
26:3a:70:c1:38:00:98:97:85:f9:b0:e6:38:7c:94:53:dc:30:
45:c5:b3:2f:8e:6b:24:a2:31:99:f5:a3:93:8b:2f:bc:9a:1b:
99:ae:e5:2a:54:d6:32:42:d4:db:8d:b5:f8:e8:d7:dc:3b:54:
53:29:42:3f:0b:da:c4:3b:40:8a:88:ab:7e:1b:52:cf:a1:b0:
a1:c0:ff:25:a0:4f:bb:68:73:f5:10:85:4a:8c:be:5c:07:3e:
66:f3:4f:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3AxuV7+J7LvGdZWWefBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE3ZWRhNDgwMWQ0MWI4MzU2MDQyZmFhZTY2YjQ1NTc0MjAwMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2wsETznKgnGoX83gQKVcCudWdTQ
OumW3Zd/mgN0IVNwi1opaEevGQ9Qs8IbIX0uDFjhI4apP2YHGV4y5bx/+wWAc2Hi
m5jqU117pbxO+Wk8+4eixDQD9df2xO2aBlGTpnN2aTOa3PL5C720SjfUFdC7Z77O
cFWLFmZhnuUJTRXbFzoek1gqIHTSClFFtupsMVsT8f3U6jyRldTZ74FXtiakK/Qc
YXIsLSDfFlqn+cCzKb0keJKQJTI+3wwsrotdpKc/08XCmBJY48JGaUm+W+89kd/0
S1QvKQJ3yWyKD0AhxsrmF+nS8WWmyjc+G8aD+8bP/47LgeTAZDJ0dP6n7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOKn7aSAHUG4NWBC+q5mtFV0IAMWMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvNHFmdHBJQWRRYmcxWUVMNnJtYTBWWFFnQXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgWwxhAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4wyjd+o/vnjK/kDqdda6RMmGX9kcEMW74Wl1q
na29kr3w6ozy0H2KXaVQL8hUUOzRO0nIRV+1b5ztdAPeJzZn/qAc0d9nb/irBoxe
v1Y/eH9mwnnnRxGfd47UMSK1/cMHJXWZQL6uWRteg0+bkvhhhngnvCCKVOE4fX+E
NUzvQWBX6DrnHUWAYPmHIWOTQFth0E3vPa57yTXvT7gjCFDw0dImOnDBOACYl4X5
sOY4fJRT3DBFxbMvjmskojGZ9aOTiy+8mhuZruUqVNYyQtTbjbX46NfcO1RTKUI/
C9rEO0CKiKt+G1LPobChwP8loE+7aHP1EIVKjL5cBz5m80+K
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:21 2025 by rpki-client