Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/x0pS973NWepAOO6Rlcd9BnVUTbk.roa
File: x0pS973NWepAOO6Rlcd9BnVUTbk.roa (raw, json)
Hash identifier: mbo5+s1I9eGbYFWu1BfwbL8JMAElXcI2H4CNYbnq2Z0=
Subject key identifier: C7:4A:52:F7:BD:CD:59:EA:40:38:EE:91:95:C7:7D:06:75:54:4D:B9
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 0193BBBD41372170A311E3E4CDCD1F526A22
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/x0pS973NWepAOO6Rlcd9BnVUTbk.roa
Signing time: Thu 12 Dec 2024 16:39:22 +0000
ROA not before: Thu 12 Dec 2024 16:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0b:2a80::/29 maxlen: 29
2a0f:a380::/29 maxlen: 29
2a12:5640::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Dec 2024 12:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:bd:41:37:21:70:a3:11:e3:e4:cd:cd:1f:52:6a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Dec 12 16:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c74a52f7bdcd59ea4038ee9195c77d0675544db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f2:ca:e6:d6:b7:41:6a:21:1d:e7:dc:8c:58:
47:42:fd:70:88:28:29:cd:e1:62:96:d4:40:42:3c:
18:20:21:bf:b8:27:99:07:03:bc:df:03:94:71:28:
e1:a1:08:06:ee:28:a7:4e:f9:d0:7f:a4:f8:33:9b:
3e:23:d9:b8:10:99:4d:e2:45:da:54:7d:88:07:7c:
d0:56:97:fd:00:1d:40:59:1e:ff:55:5a:f7:ae:e6:
25:dd:c7:e0:5d:57:b0:cd:a1:6a:d6:ed:d2:7c:61:
ff:af:92:9d:f3:65:a6:01:bf:7e:80:94:f0:b7:9c:
02:16:cb:d4:d1:b9:bc:2e:10:d2:62:40:da:6b:5d:
08:20:62:58:b4:bd:db:57:42:e5:4a:7b:65:48:a1:
4a:54:a5:8f:60:68:22:cd:8e:97:80:b5:82:4c:2c:
bc:73:d7:63:24:59:06:db:03:88:8f:2e:95:cc:41:
f3:b9:e9:23:c9:77:f2:a2:cd:1d:6d:3f:79:02:b4:
33:11:05:b4:02:f7:5f:f3:85:37:74:8b:83:b2:da:
90:b6:48:4a:2e:84:50:2c:db:76:aa:76:f7:66:9e:
41:52:dd:0f:17:7b:f7:03:b3:a4:47:86:27:81:84:
fc:e7:bb:02:71:23:74:94:97:14:79:0b:4a:2c:e7:
f1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4A:52:F7:BD:CD:59:EA:40:38:EE:91:95:C7:7D:06:75:54:4D:B9
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/x0pS973NWepAOO6Rlcd9BnVUTbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2a80::/29
2a0f:a380::/29
2a12:5640::/29
Signature Algorithm: sha256WithRSAEncryption
37:1e:b3:70:3f:3e:b0:fb:b7:a8:e3:11:9a:81:98:71:7d:e7:
54:ec:0b:c3:35:06:a3:cb:40:ea:24:0b:b1:83:9d:6b:43:cf:
70:17:a8:1a:9c:16:be:e3:a4:d1:3e:aa:5a:47:62:5e:26:58:
33:b0:83:19:40:34:fb:73:42:1a:c1:c9:b9:ce:aa:08:33:d3:
fd:b8:f5:c4:c0:99:00:f9:6f:e4:cf:e5:a7:70:ab:55:d7:9a:
fd:04:e5:ae:26:30:e6:64:38:f8:a4:e3:80:e7:23:4d:83:95:
aa:4e:23:bc:88:77:60:5c:dc:03:6e:96:5c:c9:53:ec:06:6f:
a3:81:90:6d:5c:a1:0f:fa:5c:ce:96:b7:c4:32:63:2d:8c:8d:
0f:8f:51:b6:e4:9f:d5:aa:83:c4:71:50:75:d8:07:ea:59:a7:
e5:43:3a:df:96:44:80:df:d0:a2:4b:28:43:58:91:f4:f1:7c:
cc:0e:28:86:44:00:79:14:30:fe:b4:2b:af:cb:e5:f5:0e:2e:
62:be:58:6a:e8:42:fa:3f:53:5c:b6:fa:7f:98:c5:94:3c:28:
55:f3:30:81:0c:d1:3e:29:87:da:c5:ec:c7:59:37:b6:80:9e:
04:0e:a1:78:a7:4b:5d:a2:71:2c:48:0c:73:19:5c:b1:3e:b0:
50:6b:48:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZO7vUE3IXCjEePkzc0fUmoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjQxMjEyMTYzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzRhNTJmN2JkY2Q1OWVhNDAzOGVlOTE5NWM3N2QwNjc1NTQ0ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PLK5ta3QWohHefcjFhHQv1wiCgp
zeFiltRAQjwYICG/uCeZBwO83wOUcSjhoQgG7iinTvnQf6T4M5s+I9m4EJlN4kXa
VH2IB3zQVpf9AB1AWR7/VVr3ruYl3cfgXVewzaFq1u3SfGH/r5Kd82WmAb9+gJTw
t5wCFsvU0bm8LhDSYkDaa10IIGJYtL3bV0LlSntlSKFKVKWPYGgizY6XgLWCTCy8
c9djJFkG2wOIjy6VzEHzuekjyXfyos0dbT95ArQzEQW0Avdf84U3dIuDstqQtkhK
LoRQLNt2qnb3Zp5BUt0PF3v3A7OkR4YngYT857sCcSN0lJcUeQtKLOfx4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMdKUve9zVnqQDjukZXHfQZ1VE25MB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEveDBwUzk3M05XZXBBT082UmxjZDlCblZVVGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgsqgAMF
AyoPo4ADBQMqElZAMA0GCSqGSIb3DQEBCwUAA4IBAQA3HrNwPz6w+7eo4xGagZhx
fedU7AvDNQajy0DqJAuxg51rQ89wF6ganBa+46TRPqpaR2JeJlgzsIMZQDT7c0Ia
wcm5zqoIM9P9uPXEwJkA+W/kz+WncKtV15r9BOWuJjDmZDj4pOOA5yNNg5WqTiO8
iHdgXNwDbpZcyVPsBm+jgZBtXKEP+lzOlrfEMmMtjI0Pj1G25J/VqoPEcVB12Afq
WaflQzrflkSA39CiSyhDWJH08XzMDiiGRAB5FDD+tCuvy+X1Di5ivlhq6EL6P1Nc
tvp/mMWUPChV8zCBDNE+KYfaxezHWTe2gJ4EDqF4p0tdonEsSAxzGVyxPrBQa0gJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:52:30 2025 by rpki-client