Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/XGVz_aUFjO2Zl5dSX8HvQ5PMp_o.roa
File: XGVz_aUFjO2Zl5dSX8HvQ5PMp_o.roa (raw, json)
Hash identifier: OUg5KJ2qZpcIHvGZ9z9kLqkG28wmtcJSqgxf8+kKdOc=
Subject key identifier: 5C:65:73:FD:A5:05:8C:ED:99:97:97:52:5F:C1:EF:43:93:CC:A7:FA
Certificate issuer: /CN=665e4d7ea8a3470c9703ee7551481c36f774febb
Certificate serial: 018F0CCB6A3E8F24D0E02CB45E0FDEF1D166
Authority key identifier: 66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/XGVz_aUFjO2Zl5dSX8HvQ5PMp_o.roa
Signing time: Tue 23 Apr 2024 21:10:08 +0000
ROA not before: Tue 23 Apr 2024 21:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215338
IP address blocks: 2a0e:6a87::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:cb:6a:3e:8f:24:d0:e0:2c:b4:5e:0f:de:f1:d1:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=665e4d7ea8a3470c9703ee7551481c36f774febb
Validity
Not Before: Apr 23 21:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c6573fda5058ced999797525fc1ef4393cca7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:26:21:a1:f9:ce:b6:2a:38:b8:06:87:d4:2f:
d1:f8:c0:ba:7d:09:37:4e:4d:ca:e4:f1:cb:03:aa:
77:12:1d:02:6f:19:07:26:a7:83:60:33:f9:6b:0b:
d8:72:a7:6a:5c:1f:46:79:b4:f5:85:1f:6d:8c:29:
b4:66:a1:e2:c9:31:5e:56:84:bb:d1:63:ab:ee:65:
50:af:47:77:08:17:76:23:1f:bd:57:3b:34:6e:ae:
ab:b1:80:af:ee:84:f5:33:1d:fb:16:58:5d:78:e0:
13:14:fb:4d:f0:fc:1b:4d:c8:d2:21:19:40:b5:2e:
38:c2:99:ba:99:ea:1f:21:cd:dd:4e:32:3a:3a:d4:
44:77:7d:88:da:14:82:bc:80:5e:1d:d5:f6:3a:f1:
39:f4:75:9c:d8:13:ab:1b:fb:11:c0:59:28:51:04:
01:6c:05:ca:f4:48:c9:1f:ea:dc:94:52:08:f6:0d:
ed:94:69:04:26:1b:50:68:12:a8:ee:2b:c1:67:13:
fd:e8:1b:e4:cd:2c:aa:9b:65:af:10:72:41:c3:ba:
5c:32:fd:9d:81:d5:da:1b:d0:8b:47:75:47:a0:fe:
d7:6e:7e:6b:d5:94:b8:eb:48:5e:65:41:03:8a:9a:
2b:fc:85:8a:fa:2d:4c:4a:db:41:fa:91:3f:75:87:
02:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:65:73:FD:A5:05:8C:ED:99:97:97:52:5F:C1:EF:43:93:CC:A7:FA
X509v3 Authority Key Identifier:
keyid:66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/XGVz_aUFjO2Zl5dSX8HvQ5PMp_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/Zl5NfqijRwyXA-51UUgcNvd0_rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:6a87::/32
Signature Algorithm: sha256WithRSAEncryption
5a:23:04:f0:21:79:17:ec:b0:dd:5f:b7:f8:3f:a8:f6:23:dc:
22:bd:d3:a0:85:5f:ba:1c:ea:41:4f:df:40:a1:85:49:72:74:
02:c5:37:20:ce:70:8f:aa:dd:cc:42:9e:4a:de:25:c8:13:ea:
f9:1e:1f:7f:a4:15:00:5a:e9:aa:e4:06:84:95:8b:f1:d2:46:
92:72:57:e0:9e:09:67:2e:87:ec:a1:c1:5d:50:bb:6a:e9:4c:
4a:96:a5:10:d4:6d:18:f5:35:bb:14:8d:be:8f:fc:b2:f3:b4:
40:e7:93:0e:75:b4:78:22:d7:e5:2e:4c:3e:44:02:cc:7d:24:
c4:d8:53:28:20:09:b6:68:3b:ba:12:2c:71:fb:64:0b:d7:ba:
d8:d0:38:03:78:d4:82:13:5f:31:b2:68:bb:3a:b9:cc:e4:2a:
ec:8d:6c:76:44:04:b5:60:f3:41:6f:5e:42:08:c8:cd:1d:e5:
69:ba:70:95:b3:f5:5d:19:69:ed:71:b3:97:d3:6c:b8:a0:ed:
cc:2f:8d:93:1e:83:b0:88:65:74:78:8b:3c:f8:94:07:32:c7:
dc:53:41:e5:54:28:f6:a9:22:e0:4b:c6:ee:19:c4:bf:44:de:
72:da:b1:f3:db:60:cf:a8:3e:2b:1b:7f:81:58:82:9f:be:ed:
fd:b1:4b:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8My2o+jyTQ4Cy0Xg/e8dFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NWU0ZDdlYThhMzQ3MGM5NzAzZWU3NTUxNDgxYzM2Zjc3
NGZlYmIwHhcNMjQwNDIzMjExMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY1NzNmZGE1MDU4Y2VkOTk5Nzk3NTI1ZmMxZWY0MzkzY2NhN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiYhofnOtio4uAaH1C/R+MC6fQk3
Tk3K5PHLA6p3Eh0CbxkHJqeDYDP5awvYcqdqXB9GebT1hR9tjCm0ZqHiyTFeVoS7
0WOr7mVQr0d3CBd2Ix+9Vzs0bq6rsYCv7oT1Mx37FlhdeOATFPtN8PwbTcjSIRlA
tS44wpm6meofIc3dTjI6OtREd32I2hSCvIBeHdX2OvE59HWc2BOrG/sRwFkoUQQB
bAXK9EjJH+rclFII9g3tlGkEJhtQaBKo7ivBZxP96BvkzSyqm2WvEHJBw7pcMv2d
gdXaG9CLR3VHoP7Xbn5r1ZS460heZUEDipor/IWK+i1MSttB+pE/dYcCqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFxlc/2lBYztmZeXUl/B70OTzKf6MB8GA1UdIwQY
MBaAFGZeTX6oo0cMlwPudVFIHDb3dP67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmIt
MTYyZWQ2MjRlMjgyLzEvWEdWel9hVUZqTzJabDVkU1g4SHZRNVBNcF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmItMTYyZWQ2MjRlMjgy
LzEvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5qhzAN
BgkqhkiG9w0BAQsFAAOCAQEAWiME8CF5F+yw3V+3+D+o9iPcIr3ToIVfuhzqQU/f
QKGFSXJ0AsU3IM5wj6rdzEKeSt4lyBPq+R4ff6QVAFrpquQGhJWL8dJGknJX4J4J
Zy6H7KHBXVC7aulMSpalENRtGPU1uxSNvo/8svO0QOeTDnW0eCLX5S5MPkQCzH0k
xNhTKCAJtmg7uhIscftkC9e62NA4A3jUghNfMbJouzq5zOQq7I1sdkQEtWDzQW9e
QgjIzR3labpwlbP1XRlp7XGzl9NsuKDtzC+Nkx6DsIhldHiLPPiUBzLH3FNB5VQo
9qki4EvG7hnEv0Tectqx89tgz6g+Kxt/gViCn77t/bFLyw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:08 2025 by rpki-client