Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/xLS26gSGIpkpFPo5Nwxx9VQMh70.roa
File: xLS26gSGIpkpFPo5Nwxx9VQMh70.roa (raw, json)
Hash identifier: ZB4aX0cmH4kyHPT4gWioqzpzLxiM61jrOxI4yhYfPgY=
Subject key identifier: C4:B4:B6:EA:04:86:22:99:29:14:FA:39:37:0C:71:F5:54:0C:87:BD
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 018CC6B9235052EB77B45661517B901EF3B1
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/xLS26gSGIpkpFPo5Nwxx9VQMh70.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 2a05:6744::/46 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:23:50:52:eb:77:b4:56:61:51:7b:90:1e:f3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4b4b6ea048622992914fa39370c71f5540c87bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9c:63:0b:aa:b3:27:66:ca:df:e3:11:fa:54:
d6:19:6f:b1:be:53:8c:79:3d:9d:e4:e7:1f:21:e3:
d8:35:68:83:fc:4d:63:17:22:71:fc:f2:92:e9:5a:
6f:57:9d:80:60:ab:7c:a5:3f:d7:66:8d:30:43:15:
96:7b:eb:57:ed:01:7e:1f:a4:0e:52:ab:d4:2b:50:
4f:f1:59:93:ca:74:38:78:59:40:82:2d:e4:09:88:
b1:5f:7c:ba:e9:5e:92:42:2b:b0:56:f2:4f:9c:eb:
74:54:c4:2e:3d:6f:e9:31:85:22:2f:c7:3c:38:51:
99:f0:28:bd:71:1d:cb:f7:96:e1:9f:98:12:aa:66:
51:ac:ee:94:ab:bd:0f:3f:45:50:ea:d1:27:1d:17:
97:f1:f2:f2:95:bd:f0:bd:84:8c:34:fd:b5:4c:2a:
b5:c9:dd:0b:f7:79:ef:6e:48:32:a8:2e:6b:5a:c3:
8e:99:70:5c:af:1e:02:5b:94:8d:b5:55:35:42:35:
1b:40:46:2f:18:a6:48:93:4b:10:5f:6c:74:d7:72:
2f:80:1d:b8:81:d6:22:a5:91:62:98:37:93:92:fd:
eb:d4:fc:ab:8a:6c:17:98:55:e3:29:0a:e6:03:f4:
a5:a0:45:6f:78:a7:cb:3e:72:1a:de:41:01:38:56:
db:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B4:B6:EA:04:86:22:99:29:14:FA:39:37:0C:71:F5:54:0C:87:BD
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/xLS26gSGIpkpFPo5Nwxx9VQMh70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6744::/46
Signature Algorithm: sha256WithRSAEncryption
70:fa:7a:23:79:6e:cd:39:29:34:ef:98:ee:b9:8e:c4:d2:37:
6f:fb:61:83:7e:7f:6d:14:99:6c:89:c4:53:5d:a0:4c:fd:09:
22:6b:fa:9a:f6:99:7c:10:7d:5e:b5:ed:92:39:f0:87:6b:a7:
57:8f:fa:8b:3e:f0:3a:6e:2e:e6:fe:12:f9:5f:29:8d:13:58:
28:60:ab:db:cb:8f:b0:1e:0d:fb:78:dd:2b:ca:d6:6e:55:f2:
de:b7:92:69:5e:56:36:4c:27:41:7f:a4:07:9b:c5:a6:bd:bc:
a3:d8:74:03:c8:ce:fb:2e:0e:f4:4f:69:36:4a:7e:57:c3:37:
54:61:5f:71:33:26:dd:46:33:ec:75:ef:ad:dd:63:76:20:e2:
27:6d:61:db:8b:75:60:75:34:88:4a:88:1e:39:0a:d7:f0:84:
ce:42:ab:9a:e3:5f:74:6d:a4:bd:ae:35:77:a7:9b:65:8b:08:
a2:79:c7:6a:d6:62:e0:da:b7:5b:22:8e:d0:04:9c:fb:6c:bc:
0b:53:a7:ae:e3:ec:c0:20:7f:c8:ec:7d:c3:4d:df:c9:e9:24:
6d:40:c5:3d:77:5d:68:6c:77:90:74:19:fd:f9:2a:c1:ea:4d:
ea:e9:f2:21:16:a2:ba:3c:29:ae:1c:03:54:e3:c5:f3:c8:80:
87:77:24:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuSNQUut3tFZhUXuQHvOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI0YjZlYTA0ODYyMjk5MjkxNGZhMzkzNzBjNzFmNTU0MGM4N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5xjC6qzJ2bK3+MR+lTWGW+xvlOM
eT2d5OcfIePYNWiD/E1jFyJx/PKS6VpvV52AYKt8pT/XZo0wQxWWe+tX7QF+H6QO
UqvUK1BP8VmTynQ4eFlAgi3kCYixX3y66V6SQiuwVvJPnOt0VMQuPW/pMYUiL8c8
OFGZ8Ci9cR3L95bhn5gSqmZRrO6Uq70PP0VQ6tEnHReX8fLylb3wvYSMNP21TCq1
yd0L93nvbkgyqC5rWsOOmXBcrx4CW5SNtVU1QjUbQEYvGKZIk0sQX2x013IvgB24
gdYipZFimDeTkv3r1PyrimwXmFXjKQrmA/SloEVveKfLPnIa3kEBOFbbEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMS0tuoEhiKZKRT6OTcMcfVUDIe9MB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEveExTMjZnU0dJcGtwRlBvNU53eHg5VlFNaDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgVnRAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBw+nojeW7NOSk075juuY7E0jdv+2GDfn9tFJls
icRTXaBM/Qkia/qa9pl8EH1ete2SOfCHa6dXj/qLPvA6bi7m/hL5XymNE1goYKvb
y4+wHg37eN0rytZuVfLet5JpXlY2TCdBf6QHm8Wmvbyj2HQDyM77Lg70T2k2Sn5X
wzdUYV9xMybdRjPsde+t3WN2IOInbWHbi3VgdTSISogeOQrX8ITOQqua4190baS9
rjV3p5tliwiiecdq1mLg2rdbIo7QBJz7bLwLU6eu4+zAIH/I7H3DTd/J6SRtQMU9
d11obHeQdBn9+SrB6k3q6fIhFqK6PCmuHANU48XzyICHdyRD
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:45 2025 by rpki-client