Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vt4bYjxlqjuSMVdjFraLZS4qBMQ.roa
File: vt4bYjxlqjuSMVdjFraLZS4qBMQ.roa (raw, json)
Hash identifier: wB3oMgUJ6FslsEfMC3bGRReOcUFiVYwZ1+j+uPTVsOY=
Subject key identifier: BE:DE:1B:62:3C:65:AA:3B:92:31:57:63:16:B6:8B:65:2E:2A:04:C4
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0193DAC4FFC7FA20FE3CA4049122D01156CA
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vt4bYjxlqjuSMVdjFraLZS4qBMQ.roa
Signing time: Wed 18 Dec 2024 17:16:03 +0000
ROA not before: Wed 18 Dec 2024 17:16:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a0b:9007::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:c4:ff:c7:fa:20:fe:3c:a4:04:91:22:d0:11:56:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Dec 18 17:16:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bede1b623c65aa3b9231576316b68b652e2a04c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1e:36:8f:4a:cf:80:4a:27:bf:51:6c:39:39:
78:c2:4f:8c:14:fa:fa:0f:00:03:54:48:ef:df:8e:
15:39:c6:a1:a8:b1:17:66:28:6b:f2:f7:6e:85:bd:
cb:8f:ab:bf:11:aa:e5:43:4b:1f:0b:3a:54:56:c7:
dd:c7:37:78:2d:f9:7f:1f:9f:d2:5b:31:49:0f:2e:
bb:d4:fd:62:28:66:c6:55:ba:17:73:a4:ec:db:a8:
d7:15:45:5f:e9:1e:f7:d5:cf:6d:3a:6b:48:d2:3c:
64:5e:43:d1:82:a4:a9:8f:a6:9a:e9:e5:f0:c4:d1:
ca:87:ca:8e:2a:81:4d:72:fe:62:19:45:53:e5:01:
6c:8b:5a:01:70:88:41:fd:26:87:3c:66:3b:47:5a:
ac:a1:a8:73:a1:08:c6:b3:8f:62:b8:6b:f0:90:3e:
35:fa:47:19:70:a0:ed:6e:54:b5:2d:5b:01:2e:82:
70:0b:73:fc:56:12:4a:f9:e3:42:bf:ee:92:54:fa:
da:0d:90:dc:57:f4:f0:27:3c:65:86:c8:e1:fa:d0:
20:bb:ef:06:d7:32:62:80:ab:49:f0:21:6b:81:2c:
41:b3:f9:53:1d:e9:44:ac:78:d5:c1:c5:f9:be:f5:
96:7e:d3:67:46:69:9c:59:0e:1b:64:4d:bf:33:4f:
70:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DE:1B:62:3C:65:AA:3B:92:31:57:63:16:B6:8B:65:2E:2A:04:C4
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/vt4bYjxlqjuSMVdjFraLZS4qBMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:9007::/32
Signature Algorithm: sha256WithRSAEncryption
39:1a:5c:dc:25:7b:77:eb:02:99:c8:91:1b:3a:a2:52:6b:5f:
5e:3a:d5:ce:82:8e:c3:7c:4e:60:b7:06:1b:be:a0:e3:4e:c0:
76:ce:ba:23:c9:f0:2f:e6:1c:db:f5:49:79:d4:2a:47:5a:0f:
1e:ae:ee:9c:d7:4d:20:34:04:65:78:b2:29:c7:46:28:cc:0e:
92:01:6b:bc:13:49:68:5e:61:b2:ce:97:b7:4b:e6:c9:a8:a2:
fd:70:60:59:9e:63:74:74:96:d6:9c:ed:d1:e3:4e:67:8f:2e:
f4:43:6e:48:63:9c:b2:61:b2:1d:81:3c:f9:89:be:c9:c3:65:
c0:f6:cc:e6:d5:d4:60:92:10:cb:c4:63:0d:e3:d1:7d:a3:eb:
83:49:21:39:87:1b:8b:13:90:3e:98:08:31:cb:dc:3a:2e:e3:
30:b3:8d:4c:05:42:9a:c7:3f:99:80:dc:90:0e:fa:fb:b9:03:
e7:89:65:be:da:25:f1:39:d6:bf:6c:00:61:5a:d9:2d:bd:e7:
8f:09:1e:4d:94:60:30:18:bb:7a:2d:b9:e0:df:c4:9e:92:f5:
da:b0:57:3f:08:56:45:c3:32:78:ed:8a:94:f1:f6:55:26:88:
b6:a5:91:b3:b7:47:e0:74:80:51:ea:9b:48:f1:38:f9:95:e1:
3b:7d:33:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPaxP/H+iD+PKQEkSLQEVbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMjE4MTcxNjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWRlMWI2MjNjNjVhYTNiOTIzMTU3NjMxNmI2OGI2NTJlMmEwNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx42j0rPgEonv1FsOTl4wk+MFPr6
DwADVEjv344VOcahqLEXZihr8vduhb3Lj6u/EarlQ0sfCzpUVsfdxzd4Lfl/H5/S
WzFJDy671P1iKGbGVboXc6Ts26jXFUVf6R731c9tOmtI0jxkXkPRgqSpj6aa6eXw
xNHKh8qOKoFNcv5iGUVT5QFsi1oBcIhB/SaHPGY7R1qsoahzoQjGs49iuGvwkD41
+kcZcKDtblS1LVsBLoJwC3P8VhJK+eNCv+6SVPraDZDcV/TwJzxlhsjh+tAgu+8G
1zJigKtJ8CFrgSxBs/lTHelErHjVwcX5vvWWftNnRmmcWQ4bZE2/M09wDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL7eG2I8Zao7kjFXYxa2i2UuKgTEMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvdnQ0YllqeGxxanVTTVZkakZyYUxaUzRxQk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKguQBzAN
BgkqhkiG9w0BAQsFAAOCAQEAORpc3CV7d+sCmciRGzqiUmtfXjrVzoKOw3xOYLcG
G76g407Ads66I8nwL+Yc2/VJedQqR1oPHq7unNdNIDQEZXiyKcdGKMwOkgFrvBNJ
aF5hss6Xt0vmyaii/XBgWZ5jdHSW1pzt0eNOZ48u9ENuSGOcsmGyHYE8+Ym+ycNl
wPbM5tXUYJIQy8RjDePRfaPrg0khOYcbixOQPpgIMcvcOi7jMLONTAVCmsc/mYDc
kA76+7kD54llvtol8TnWv2wAYVrZLb3njwkeTZRgMBi7ei254N/EnpL12rBXPwhW
RcMyeO2KlPH2VSaItqWRs7dH4HSAUeqbSPE4+ZXhO30zzQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:58:26 2025 by rpki-client