Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/sYSXjbz_lBVO1VelLlGga4okcJY.roa
File: sYSXjbz_lBVO1VelLlGga4okcJY.roa (raw, json)
Hash identifier: 9wS27PQTsUsky6qaGRo7tlZAzMI00eBxKwykCnM4+sw=
Subject key identifier: B1:84:97:8D:BC:FF:94:15:4E:D5:57:A5:2E:51:A0:6B:8A:24:70:96
Certificate issuer: /CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Certificate serial: 018CC9BCEFBDEDC7254283A1079C9652ABF1
Authority key identifier: A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/sYSXjbz_lBVO1VelLlGga4okcJY.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12732
IP address blocks: 2a06:9380::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ef:bd:ed:c7:25:42:83:a1:07:9c:96:52:ab:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b184978dbcff94154ed557a52e51a06b8a247096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7e:a9:24:ae:8d:b9:8d:ab:49:ca:99:2a:03:
df:1d:b0:ad:4d:41:33:e5:4f:84:d0:15:0c:47:33:
35:10:4f:47:90:d3:e7:4c:03:3e:bf:47:85:61:93:
78:5f:52:37:eb:39:32:01:9c:c7:7a:3a:e7:df:a6:
af:c6:53:d0:4d:a9:3d:b1:3c:d3:fe:7e:18:69:5f:
7e:1a:7d:a6:c2:6f:6a:76:90:40:20:cc:3d:d1:85:
6d:d3:4b:88:96:66:10:c2:ac:c7:35:9c:9d:1b:a4:
af:64:13:48:f4:55:86:59:90:75:0c:a5:a3:1c:cb:
ac:f0:7d:c8:41:1c:ae:2e:8f:b8:19:66:c2:10:5b:
63:78:10:d7:4b:e1:24:44:86:a2:56:7f:4b:44:ea:
11:50:a2:e8:cd:2d:20:e5:89:ca:a6:07:e6:97:2b:
05:9f:f9:0c:34:95:68:6d:eb:d8:d6:cb:6d:aa:1f:
1f:ff:b4:26:e7:66:27:67:68:0f:ad:58:1d:4a:f5:
0b:5f:c5:00:e6:c6:43:33:cd:4f:b9:05:df:9e:0f:
c7:3a:43:a3:04:89:dc:79:bd:e4:10:8f:83:d3:3f:
f9:89:1f:39:11:b5:28:28:27:9b:ef:c3:95:23:00:
bc:58:39:ee:df:4a:4e:f6:ae:5a:36:d7:00:6b:4d:
12:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:84:97:8D:BC:FF:94:15:4E:D5:57:A5:2E:51:A0:6B:8A:24:70:96
X509v3 Authority Key Identifier:
keyid:A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/sYSXjbz_lBVO1VelLlGga4okcJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9380::/29
Signature Algorithm: sha256WithRSAEncryption
7d:59:83:11:31:48:98:69:6b:63:5c:fb:81:df:04:0c:4e:43:
51:d2:3d:b5:51:d0:bc:c2:8b:65:75:29:a0:87:66:9a:3f:eb:
07:86:6b:2e:e5:42:4b:18:83:e2:14:a9:b3:2b:de:d5:ba:bf:
5b:bc:e9:25:af:7c:86:2b:46:53:29:62:87:55:77:e5:61:ff:
21:c8:5c:0c:e9:b8:37:1d:ea:72:5d:7c:5a:60:12:a7:e9:b8:
7b:93:b9:1a:5c:dc:50:27:be:2e:fd:a0:d9:75:f5:8c:10:66:
a3:e7:db:0f:2d:97:2a:eb:08:b3:e2:09:5c:76:da:08:31:44:
09:dc:e4:7d:fc:06:ff:c0:16:f7:ec:c4:ae:99:34:d4:c0:60:
79:2c:be:ec:78:2e:70:6b:cd:03:f1:d1:bb:7c:46:40:1d:84:
92:ee:aa:d6:f4:e2:a2:4e:29:09:7a:ab:7a:98:74:5c:a1:e0:
72:e8:58:69:d4:77:37:88:d9:c6:4b:63:64:71:04:03:86:f7:
82:a6:77:79:82:28:ec:70:5e:ce:9b:2e:69:e9:f8:ae:c7:74:
24:57:94:1f:fc:59:c3:ae:28:4a:5d:65:69:49:17:f2:be:c6:
b5:02:b0:34:d1:56:9e:a5:8d:07:a2:42:b0:7c:de:ca:aa:e9:
2a:49:40:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvO+97cclQoOhB5yWUqvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MmQxNzhjOGU1M2Y1MjEzMWMxZmI2NDc0M2M5NjBjZjg5
N2ZkMGMwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTg0OTc4ZGJjZmY5NDE1NGVkNTU3YTUyZTUxYTA2YjhhMjQ3MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy36pJK6NuY2rScqZKgPfHbCtTUEz
5U+E0BUMRzM1EE9HkNPnTAM+v0eFYZN4X1I36zkyAZzHejrn36avxlPQTak9sTzT
/n4YaV9+Gn2mwm9qdpBAIMw90YVt00uIlmYQwqzHNZydG6SvZBNI9FWGWZB1DKWj
HMus8H3IQRyuLo+4GWbCEFtjeBDXS+EkRIaiVn9LROoRUKLozS0g5YnKpgfmlysF
n/kMNJVobevY1sttqh8f/7Qm52YnZ2gPrVgdSvULX8UA5sZDM81PuQXfng/HOkOj
BInceb3kEI+D0z/5iR85EbUoKCeb78OVIwC8WDnu30pO9q5aNtcAa00SfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLGEl428/5QVTtVXpS5RoGuKJHCWMB8GA1UdIwQY
MBaAFKctF4yOU/UhMcH7ZHQ8lgz4l/0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2Qt
MjhiOWQyNjFlY2IxLzEvc1lTWGpiel9sQlZPMVZlbExsR2dhNG9rY0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2QtMjhiOWQyNjFlY2Ix
LzEvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgaTgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfVmDETFImGlrY1z7gd8EDE5DUdI9tVHQvMKLZXUp
oIdmmj/rB4ZrLuVCSxiD4hSpsyve1bq/W7zpJa98hitGUylih1V35WH/IchcDOm4
Nx3qcl18WmASp+m4e5O5GlzcUCe+Lv2g2XX1jBBmo+fbDy2XKusIs+IJXHbaCDFE
CdzkffwG/8AW9+zErpk01MBgeSy+7HgucGvNA/HRu3xGQB2Eku6q1vTiok4pCXqr
eph0XKHgcuhYadR3N4jZxktjZHEEA4b3gqZ3eYIo7HBezpsuaen4rsd0JFeUH/xZ
w64oSl1laUkX8r7GtQKwNNFWnqWNB6JCsHzeyqrpKklAhg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:20 2025 by rpki-client