Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/7UlcmhwuUbuTDOZZFvp3SNXSlc4.roa
File: 7UlcmhwuUbuTDOZZFvp3SNXSlc4.roa (raw, json)
Hash identifier: dOsEEgXnqu6bCTNSx30NopEncmC27h8iyZLSheAXCvw=
Subject key identifier: ED:49:5C:9A:1C:2E:51:BB:93:0C:E6:59:16:FA:77:48:D5:D2:95:CE
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 018EFC4ED5CDAD08F93BA04AB24D4B5C5788
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/7UlcmhwuUbuTDOZZFvp3SNXSlc4.roa
Signing time: Sat 20 Apr 2024 16:20:08 +0000
ROA not before: Sat 20 Apr 2024 16:20:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215633
IP address blocks: 2a09:2b80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 08:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:4e:d5:cd:ad:08:f9:3b:a0:4a:b2:4d:4b:5c:57:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Apr 20 16:20:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed495c9a1c2e51bb930ce65916fa7748d5d295ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:de:90:a2:cc:1c:1a:bf:c9:1b:cf:22:9f:4c:
1a:12:88:ad:ae:ce:4c:64:84:cc:8d:17:cb:b9:fa:
70:59:9f:ac:d1:82:09:51:3b:b3:56:0b:82:90:c4:
a3:80:7d:3d:48:bc:9d:ea:59:0f:8f:78:24:b1:23:
17:a5:e7:8a:11:fa:0c:09:3b:e6:f8:00:f9:c4:ef:
d4:28:78:15:7a:98:bf:34:59:bd:5a:ca:72:9f:82:
95:e9:a6:37:95:b6:70:f5:5e:7b:fc:63:a5:58:4e:
74:af:c5:4f:c3:48:06:32:c6:65:d1:d0:74:a3:20:
32:d7:c3:12:65:cd:c4:ac:79:a5:38:ed:25:ba:c4:
bb:b6:95:4a:8a:e6:c3:e1:e1:0d:7a:b4:69:bf:2a:
0a:45:ba:da:c4:f6:35:10:16:d0:02:a7:05:29:2c:
34:2f:18:90:ff:9c:5d:ae:26:a8:23:1f:74:36:fc:
fc:89:54:c3:89:0b:00:09:95:b5:8e:b0:02:ff:a3:
5d:5a:1e:c1:20:f2:a7:34:b7:f3:46:c5:b6:ae:90:
f8:51:ae:2d:57:ef:c8:e6:c7:c9:97:84:58:1f:52:
fb:83:15:25:c7:df:4f:e8:cb:94:bd:68:34:80:e8:
24:ca:47:8d:2e:fd:6c:71:3d:ba:22:73:c6:52:67:
0c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:49:5C:9A:1C:2E:51:BB:93:0C:E6:59:16:FA:77:48:D5:D2:95:CE
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/7UlcmhwuUbuTDOZZFvp3SNXSlc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:1::/48
Signature Algorithm: sha256WithRSAEncryption
55:44:dd:3c:9b:0d:7a:6b:4f:73:4e:7c:22:6d:bd:10:c9:d9:
6f:b5:93:bd:71:89:0a:cf:82:d7:e7:21:93:cb:5a:77:2a:ca:
a5:8d:e2:25:d4:3a:0b:c0:33:55:3e:c9:cd:0d:90:64:8e:86:
67:75:3f:4f:f5:c1:33:6b:18:a6:9d:d1:d9:b5:b6:72:90:da:
aa:aa:68:db:7e:1e:d4:b8:27:bf:3d:59:2b:be:05:9f:29:29:
0e:e8:92:de:b0:3d:8e:ed:dd:d0:70:c4:94:d1:fe:d9:c5:e3:
27:7f:9d:0d:00:41:e0:cc:9b:95:e0:b7:49:1a:8e:67:5e:42:
cc:77:9e:b8:2e:3b:f4:50:0a:82:11:52:94:1c:74:25:01:e1:
0b:a8:a5:3e:66:5c:72:d8:94:36:a9:88:ed:1f:0e:80:e4:45:
db:59:49:fe:cd:b7:fe:f3:8f:ea:59:05:2e:7d:54:f4:f4:29:
7d:de:b4:6b:e2:b6:2d:ef:19:0e:01:fd:ee:59:a0:8c:27:9e:
c6:cc:26:6a:c1:3e:b3:c3:ce:e3:f7:57:43:ee:e1:2e:fb:da:
41:f7:42:c3:da:d8:07:48:3d:f9:a2:27:d3:60:e6:7e:97:e2:
ab:3b:98:08:1a:0c:55:69:dd:8e:25:c5:fd:de:50:b6:16:92:
d0:33:a4:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY78TtXNrQj5O6BKsk1LXFeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjQwNDIwMTYyMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ5NWM5YTFjMmU1MWJiOTMwY2U2NTkxNmZhNzc0OGQ1ZDI5NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd6QoswcGr/JG88in0waEoitrs5M
ZITMjRfLufpwWZ+s0YIJUTuzVguCkMSjgH09SLyd6lkPj3gksSMXpeeKEfoMCTvm
+AD5xO/UKHgVepi/NFm9Wspyn4KV6aY3lbZw9V57/GOlWE50r8VPw0gGMsZl0dB0
oyAy18MSZc3ErHmlOO0lusS7tpVKiubD4eENerRpvyoKRbraxPY1EBbQAqcFKSw0
LxiQ/5xdriaoIx90Nvz8iVTDiQsACZW1jrAC/6NdWh7BIPKnNLfzRsW2rpD4Ua4t
V+/I5sfJl4RYH1L7gxUlx99P6MuUvWg0gOgkykeNLv1scT26InPGUmcMawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO1JXJocLlG7kwzmWRb6d0jV0pXOMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvN1VsY21od3VVYnVURE9aWkZ2cDNTTlhTbGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBVRN08mw16a09zTnwibb0QydlvtZO9cYkKz4LX
5yGTy1p3KsqljeIl1DoLwDNVPsnNDZBkjoZndT9P9cEzaximndHZtbZykNqqqmjb
fh7UuCe/PVkrvgWfKSkO6JLesD2O7d3QcMSU0f7ZxeMnf50NAEHgzJuV4LdJGo5n
XkLMd564Ljv0UAqCEVKUHHQlAeELqKU+Zlxy2JQ2qYjtHw6A5EXbWUn+zbf+84/q
WQUufVT09Cl93rRr4rYt7xkOAf3uWaCMJ57GzCZqwT6zw87j91dD7uEu+9pB90LD
2tgHSD35oifTYOZ+l+KrO5gIGgxVad2OJcX93lC2FpLQM6QQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:40 2025 by rpki-client