Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/01Bk7_x62zZZlDfPp53RuAemER8.roa
File: 01Bk7_x62zZZlDfPp53RuAemER8.roa (raw, json)
Hash identifier: CGPzplS2GsZw2Pn09j/7MrpGmkJlIeR2+7kzXxdV7f0=
Subject key identifier: D3:50:64:EF:FC:7A:DB:36:59:94:37:CF:A7:9D:D1:B8:07:A6:11:1F
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 01945633A1A1B53514EAD09433ACC29BCEA0
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/01Bk7_x62zZZlDfPp53RuAemER8.roa
Signing time: Sat 11 Jan 2025 16:30:11 +0000
ROA not before: Sat 11 Jan 2025 16:30:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
2a09:2b80:3::/48 maxlen: 48
2a09:2b80:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 16:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:56:33:a1:a1:b5:35:14:ea:d0:94:33:ac:c2:9b:ce:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Jan 11 16:30:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d35064effc7adb36599437cfa79dd1b807a6111f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:68:28:1e:40:2c:5c:3c:b6:b6:a5:83:9f:2d:
8a:d2:f5:9d:2e:50:7e:14:ec:43:ff:31:f1:19:bc:
37:b7:dc:7c:fe:f8:b6:0b:9e:c0:29:6a:4c:3c:ad:
3a:74:3b:35:e5:a2:89:4b:f9:02:e7:9e:3e:cf:55:
54:64:97:61:f2:af:7c:fb:34:cb:bd:06:c0:90:73:
bd:28:e9:e1:af:09:46:c7:5f:e3:b6:31:c4:dd:cd:
17:ec:83:eb:1b:01:55:e7:0e:4d:f5:19:29:33:ea:
96:fb:43:59:42:34:2d:86:d0:76:77:73:22:89:16:
f4:58:e0:f7:ac:04:9a:0b:72:9a:73:4f:43:8e:79:
64:9b:7b:5b:e6:24:7a:03:5a:0e:b1:91:69:d5:ab:
64:d5:a1:63:07:9d:a7:23:fa:42:e8:80:07:71:30:
8a:66:39:8c:bc:4e:1b:52:16:ea:f3:ae:d7:f9:b9:
6b:9b:7b:56:a5:0e:cb:a6:39:a7:3c:a3:a5:49:19:
67:30:32:5c:b2:ce:d6:f9:6a:1c:1a:1e:25:36:6e:
83:47:a5:1a:d0:ae:05:35:ce:c8:3d:63:88:5c:3c:
5e:d5:4c:d5:ab:b2:6c:0b:37:bc:e8:0e:92:4e:9a:
5a:3a:c1:bd:c4:f1:b5:da:04:39:6b:c7:e6:83:08:
36:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:50:64:EF:FC:7A:DB:36:59:94:37:CF:A7:9D:D1:B8:07:A6:11:1F
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/01Bk7_x62zZZlDfPp53RuAemER8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::-2a09:2b80:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:92:cf:48:15:43:20:4f:c6:0a:e1:b0:ba:a4:ae:d8:30:5f:
30:5b:a1:ee:52:76:8b:f1:96:da:64:3a:7b:ff:7b:34:a2:40:
f7:a3:68:37:19:68:fe:90:59:b6:a3:f0:ec:c9:6c:d0:ba:25:
95:d2:8e:3a:c5:4e:8d:3a:82:f3:ad:df:6d:a7:d9:af:eb:e2:
cb:e9:bc:0a:3e:98:be:dc:a5:f8:36:3c:de:55:f5:b9:ca:17:
8d:0d:40:b4:ba:fe:f2:4b:21:d0:8f:05:84:61:1f:71:88:ee:
41:a7:f8:fa:96:b1:08:8f:52:0e:23:a9:5e:6f:71:b5:3f:fd:
b5:89:f5:42:ca:88:fc:12:44:63:83:fc:4f:bb:fb:37:09:90:
95:2d:97:62:7e:4e:c8:5e:8f:73:1f:d1:c7:1a:68:3c:fe:2b:
2e:30:fb:81:1b:64:2b:ae:00:a5:04:fa:95:b0:c3:dc:bc:93:
f1:49:6d:55:6f:a0:89:c0:cf:82:43:95:ed:a7:ae:17:36:16:
c2:11:8f:06:4b:6e:4a:c5:f2:60:0a:4a:bd:39:5e:13:77:73:
6c:56:85:c9:8f:54:51:e2:cd:ee:27:6d:e4:ee:b5:9f:c5:9d:
4f:99:26:e4:63:b7:6c:26:9f:c4:91:07:27:b8:ce:18:5b:f0:
3f:3c:11:0b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRWM6GhtTUU6tCUM6zCm86gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMTExMTYzMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzUwNjRlZmZjN2FkYjM2NTk5NDM3Y2ZhNzlkZDFiODA3YTYxMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62goHkAsXDy2tqWDny2K0vWdLlB+
FOxD/zHxGbw3t9x8/vi2C57AKWpMPK06dDs15aKJS/kC554+z1VUZJdh8q98+zTL
vQbAkHO9KOnhrwlGx1/jtjHE3c0X7IPrGwFV5w5N9RkpM+qW+0NZQjQthtB2d3Mi
iRb0WOD3rASaC3Kac09Djnlkm3tb5iR6A1oOsZFp1atk1aFjB52nI/pC6IAHcTCK
ZjmMvE4bUhbq867X+blrm3tWpQ7LpjmnPKOlSRlnMDJcss7W+WocGh4lNm6DR6Ua
0K4FNc7IPWOIXDxe1UzVq7JsCze86A6STppaOsG9xPG12gQ5a8fmgwg2lwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNNQZO/8ets2WZQ3z6ed0bgHphEfMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvMDFCazdfeDYyelpabERmUHA1M1J1QWVtRVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqCSuA
AAIDBwAqCSuAAAQwDQYJKoZIhvcNAQELBQADggEBAIaSz0gVQyBPxgrhsLqkrtgw
XzBboe5SdovxltpkOnv/ezSiQPejaDcZaP6QWbaj8OzJbNC6JZXSjjrFTo06gvOt
322n2a/r4svpvAo+mL7cpfg2PN5V9bnKF40NQLS6/vJLIdCPBYRhH3GI7kGn+PqW
sQiPUg4jqV5vcbU//bWJ9ULKiPwSRGOD/E+7+zcJkJUtl2J+Tshej3Mf0ccaaDz+
Ky4w+4EbZCuuAKUE+pWww9y8k/FJbVVvoInAz4JDle2nrhc2FsIRjwZLbkrF8mAK
Sr05XhN3c2xWhcmPVFHize4nbeTutZ/FnU+ZJuRjt2wmn8SRBye4zhhb8D88EQs=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:59:41 2025 by rpki-client