Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/bAAJpt8ieh5uGw8RWTJn_Z0FOL4.roa
File: bAAJpt8ieh5uGw8RWTJn_Z0FOL4.roa (raw, json)
Hash identifier: zfc0g8GzZ2gJyv7A93t0EwQiCRdcJ6gs2fstW6AeX64=
Subject key identifier: 6C:00:09:A6:DF:22:7A:1E:6E:1B:0F:11:59:32:67:FD:9D:05:38:BE
Certificate issuer: /CN=13669c0c085cc978a372a0e4f05648398e1e7fe8
Certificate serial: 0193555B58628F52F49E5D39AB5434ADEBA9
Authority key identifier: 13:66:9C:0C:08:5C:C9:78:A3:72:A0:E4:F0:56:48:39:8E:1E:7F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2acDAhcyXijcqDk8FZIOY4ef-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/bAAJpt8ieh5uGw8RWTJn_Z0FOL4.roa
Signing time: Fri 22 Nov 2024 19:31:09 +0000
ROA not before: Fri 22 Nov 2024 19:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a01:f340::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:5b:58:62:8f:52:f4:9e:5d:39:ab:54:34:ad:eb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13669c0c085cc978a372a0e4f05648398e1e7fe8
Validity
Not Before: Nov 22 19:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c0009a6df227a1e6e1b0f11593267fd9d0538be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:36:29:fe:ea:e8:21:8b:2a:f9:8c:fc:8a:4f:
50:f3:c3:ec:39:40:b3:38:de:90:a6:b7:ba:a4:85:
0d:90:ca:90:a6:a9:81:f8:cd:73:f6:be:59:a1:78:
95:bf:ac:aa:3d:31:bc:ef:0d:fb:07:04:94:b9:69:
37:6c:47:e5:27:2a:d2:5e:2f:a8:45:2f:52:fe:66:
d0:13:04:e5:b5:88:b6:3a:cd:99:86:b2:3a:d1:71:
f6:12:f6:29:07:9f:a3:a2:19:23:79:2f:af:94:50:
00:b3:c8:6c:a9:1b:23:7f:f7:9a:67:b7:f4:7a:71:
a3:3b:d9:3d:69:cc:cb:b9:86:9f:8e:d4:2a:cf:7c:
f6:c7:b6:e5:0c:36:94:b9:ee:be:7c:1e:91:c6:3a:
5a:72:cd:87:a6:3f:6f:c9:04:f6:ae:c2:94:32:fe:
73:70:e2:2b:fc:6c:09:a6:c9:3d:aa:98:09:51:97:
93:df:70:16:18:5e:f9:a3:98:f3:fd:15:c7:ac:f7:
9e:bc:d6:10:ef:26:5f:e3:46:34:0c:28:ca:a1:9d:
31:eb:27:01:58:85:9f:7b:73:ad:d7:af:8c:6d:10:
f8:d4:e2:ab:88:46:b6:8d:c1:30:5a:6e:ff:3e:a7:
14:29:5e:8e:de:12:e4:81:f7:68:22:6e:01:eb:fd:
20:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:00:09:A6:DF:22:7A:1E:6E:1B:0F:11:59:32:67:FD:9D:05:38:BE
X509v3 Authority Key Identifier:
keyid:13:66:9C:0C:08:5C:C9:78:A3:72:A0:E4:F0:56:48:39:8E:1E:7F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2acDAhcyXijcqDk8FZIOY4ef-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/bAAJpt8ieh5uGw8RWTJn_Z0FOL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e393d8-1252-4c27-baaa-53b04342783d/1/E2acDAhcyXijcqDk8FZIOY4ef-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f340::/29
Signature Algorithm: sha256WithRSAEncryption
c1:a4:b3:1a:47:35:2d:79:97:85:b1:f1:13:38:36:5b:4c:90:
27:07:4c:86:dd:be:f0:c1:5a:47:19:71:60:11:d9:23:b1:a0:
60:1d:86:68:43:0b:81:52:22:68:a6:44:d7:2b:fe:e4:26:af:
7c:d6:f8:05:6c:b0:71:72:c6:0c:75:4f:f9:48:61:18:75:e1:
fe:9e:8e:6d:d1:31:e5:04:0a:5c:d8:af:4f:34:a3:05:b0:e6:
d4:3a:16:2b:e9:a7:b3:99:d2:6e:cd:41:a2:bc:c7:55:01:f1:
2c:6b:9f:70:a1:14:23:e7:c5:9b:a6:cd:a2:3b:32:6b:47:98:
63:72:f4:b7:d7:59:7b:1b:63:47:8c:a2:f4:49:e6:10:94:e8:
ab:9e:13:2d:b6:13:61:42:8c:11:45:60:c0:54:04:07:14:05:
d4:59:10:8b:fd:99:dc:3b:78:1e:21:e7:c6:ee:60:57:35:7d:
97:f4:cf:8f:9c:6c:25:af:fb:e7:50:aa:7a:13:99:d2:be:27:
1a:e2:4d:bc:5a:a8:18:13:ad:29:f2:50:0c:7b:32:8f:89:32:
37:b3:6f:6b:0d:ab:8c:8c:95:99:2c:41:0c:d2:05:5b:e8:6e:
72:6a:3a:04:4b:86:68:49:72:75:56:52:63:85:9c:be:03:c9:
13:a0:d8:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNVW1hij1L0nl05q1Q0reupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjY5YzBjMDg1Y2M5NzhhMzcyYTBlNGYwNTY0ODM5OGUx
ZTdmZTgwHhcNMjQxMTIyMTkzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAwMDlhNmRmMjI3YTFlNmUxYjBmMTE1OTMyNjdmZDlkMDUzOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zYp/uroIYsq+Yz8ik9Q88PsOUCz
ON6Qpre6pIUNkMqQpqmB+M1z9r5ZoXiVv6yqPTG87w37BwSUuWk3bEflJyrSXi+o
RS9S/mbQEwTltYi2Os2ZhrI60XH2EvYpB5+johkjeS+vlFAAs8hsqRsjf/eaZ7f0
enGjO9k9aczLuYafjtQqz3z2x7blDDaUue6+fB6Rxjpacs2Hpj9vyQT2rsKUMv5z
cOIr/GwJpsk9qpgJUZeT33AWGF75o5jz/RXHrPeevNYQ7yZf40Y0DCjKoZ0x6ycB
WIWfe3Ot16+MbRD41OKriEa2jcEwWm7/PqcUKV6O3hLkgfdoIm4B6/0g8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGwACabfInoebhsPEVkyZ/2dBTi+MB8GA1UdIwQY
MBaAFBNmnAwIXMl4o3Kg5PBWSDmOHn/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhY0RBaGN5WGlqY3FEazhGWklPWTRlZi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMzkzZDgtMTI1Mi00YzI3LWJhYWEt
NTNiMDQzNDI3ODNkLzEvYkFBSnB0OGllaDV1R3c4UldUSm5fWjBGT0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMzkzZDgtMTI1Mi00YzI3LWJhYWEtNTNiMDQzNDI3ODNk
LzEvRTJhY0RBaGN5WGlqY3FEazhGWklPWTRlZi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHzQDAN
BgkqhkiG9w0BAQsFAAOCAQEAwaSzGkc1LXmXhbHxEzg2W0yQJwdMht2+8MFaRxlx
YBHZI7GgYB2GaEMLgVIiaKZE1yv+5CavfNb4BWywcXLGDHVP+UhhGHXh/p6ObdEx
5QQKXNivTzSjBbDm1DoWK+mns5nSbs1BorzHVQHxLGufcKEUI+fFm6bNojsya0eY
Y3L0t9dZextjR4yi9EnmEJToq54TLbYTYUKMEUVgwFQEBxQF1FkQi/2Z3Dt4HiHn
xu5gVzV9l/TPj5xsJa/751CqehOZ0r4nGuJNvFqoGBOtKfJQDHsyj4kyN7Nvaw2r
jIyVmSxBDNIFW+hucmo6BEuGaElydVZSY4WcvgPJE6DYwQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:32:24 2025 by rpki-client