Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/0if4kql5bOWkqlYPQ9c5OJO-upo.roa
File: 0if4kql5bOWkqlYPQ9c5OJO-upo.roa (raw, json)
Hash identifier: W0+jqmsTpBmlnaMrQtbabdE8+pdbyUmvUZ5WVQV4Z2o=
Subject key identifier: D2:27:F8:92:A9:79:6C:E5:A4:AA:56:0F:43:D7:39:38:93:BE:BA:9A
Certificate issuer: /CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Certificate serial: 0193018A00434A8C6C3FD1A472904E443068
Authority key identifier: 73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/0if4kql5bOWkqlYPQ9c5OJO-upo.roa
Signing time: Wed 06 Nov 2024 12:54:01 +0000
ROA not before: Wed 06 Nov 2024 12:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216364
IP address blocks: 2001:3300::/29 maxlen: 29
2001:3300::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Nov 2024 20:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:8a:00:43:4a:8c:6c:3f:d1:a4:72:90:4e:44:30:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Validity
Not Before: Nov 6 12:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d227f892a9796ce5a4aa560f43d7393893beba9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:93:03:9d:ee:31:65:4c:c3:b8:b1:e0:ca:aa:
6c:41:ec:f6:db:cd:30:fa:71:b1:25:90:7a:91:ab:
71:56:13:3f:99:0f:d3:8a:c1:6e:1c:a1:54:1f:2e:
58:69:03:9f:0a:1e:22:9e:06:a9:f1:11:be:e7:9f:
b4:38:ae:c1:09:b6:2a:41:67:d6:ea:af:dc:d2:d1:
86:d3:21:fe:08:4e:2a:e9:c6:99:2c:df:9c:1c:9b:
3b:14:e2:3c:e1:0f:d5:01:d2:8a:f1:e9:dd:b8:d7:
02:91:73:5f:bf:fc:0c:47:8a:95:f4:95:6f:c3:a4:
07:b0:e2:64:5d:f8:3a:02:99:58:7e:79:ec:86:3d:
df:c5:85:6e:d5:ab:49:d6:6e:af:64:23:e6:aa:58:
7f:b0:16:24:c4:21:e4:d1:25:d3:22:3b:08:c2:0a:
2c:48:71:16:dd:ec:a3:b8:e6:d2:98:9e:0c:f3:cb:
34:41:a1:d9:9d:84:16:81:76:2d:28:45:3e:7b:73:
13:56:32:57:3b:e7:ca:7d:8b:bf:9c:52:ff:3c:47:
1c:1d:e7:ca:46:33:9a:9b:06:2b:88:2f:05:60:1c:
28:68:60:ff:63:01:9e:30:5b:af:fc:a5:aa:3d:ca:
56:0f:af:43:2c:17:17:b7:73:f8:c8:9b:07:87:11:
45:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:27:F8:92:A9:79:6C:E5:A4:AA:56:0F:43:D7:39:38:93:BE:BA:9A
X509v3 Authority Key Identifier:
keyid:73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/0if4kql5bOWkqlYPQ9c5OJO-upo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/c2XsEgFPkR9yBe7LwvyBi5s1cjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3300::/29
Signature Algorithm: sha256WithRSAEncryption
48:dd:55:56:1a:ab:06:86:1d:88:c9:5f:a9:00:ef:31:73:e2:
3d:18:e7:e9:4f:6b:50:1e:2c:2b:93:4a:27:24:a6:03:da:2e:
c1:41:5e:14:5f:e7:e3:1a:16:94:d1:a1:7b:0f:90:4a:a0:0c:
1d:23:e0:ff:f2:6a:41:b6:ce:5b:41:0c:44:01:8e:48:b8:01:
cf:25:4b:37:d5:cf:04:a8:84:db:82:b9:93:29:86:b9:eb:e3:
83:5d:40:eb:1f:de:bc:1c:6e:af:e3:8b:f3:7c:6c:40:3f:9e:
02:a1:29:b5:df:91:d8:76:e1:29:dc:0b:66:b1:91:7f:33:36:
51:f2:a6:5b:0e:e5:e6:07:f2:09:9c:ce:2d:93:07:f4:a0:a1:
40:0a:7b:d8:f9:e2:a0:de:d0:87:fc:da:8d:c3:93:ce:e1:c0:
f3:a5:3f:86:e6:a0:a4:95:e7:cd:95:fb:a3:1e:7f:3d:c8:2b:
e5:4b:63:a9:cb:1e:f7:aa:c4:0f:ea:6f:11:29:f7:a4:f5:bd:
e8:ff:b6:b0:fd:fe:3d:86:27:e1:86:b9:e6:76:52:87:d3:85:
c5:23:1e:33:04:8a:4d:bd:a8:19:79:d0:5d:5c:9c:b0:76:b6:
81:18:4c:6e:b9:36:c1:c8:4d:31:96:b7:4f:13:4a:4e:fc:d3:
13:58:65:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMBigBDSoxsP9GkcpBORDBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjVlYzEyMDE0ZjkxMWY3MjA1ZWVjYmMyZmM4MThiOWIz
NTcyM2MwHhcNMjQxMTA2MTI1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI3Zjg5MmE5Nzk2Y2U1YTRhYTU2MGY0M2Q3MzkzODkzYmViYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZMDne4xZUzDuLHgyqpsQez2280w
+nGxJZB6katxVhM/mQ/TisFuHKFUHy5YaQOfCh4ingap8RG+55+0OK7BCbYqQWfW
6q/c0tGG0yH+CE4q6caZLN+cHJs7FOI84Q/VAdKK8enduNcCkXNfv/wMR4qV9JVv
w6QHsOJkXfg6AplYfnnshj3fxYVu1atJ1m6vZCPmqlh/sBYkxCHk0SXTIjsIwgos
SHEW3eyjuObSmJ4M88s0QaHZnYQWgXYtKEU+e3MTVjJXO+fKfYu/nFL/PEccHefK
RjOamwYriC8FYBwoaGD/YwGeMFuv/KWqPcpWD69DLBcXt3P4yJsHhxFFRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNIn+JKpeWzlpKpWD0PXOTiTvrqaMB8GA1UdIwQY
MBaAFHNl7BIBT5EfcgXuy8L8gYubNXI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYt
NWExOWFmZGIwNmE3LzEvMGlmNGtxbDViT1drcWxZUFE5YzVPSk8tdXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYtNWExOWFmZGIwNmE3
LzEvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAEzADAN
BgkqhkiG9w0BAQsFAAOCAQEASN1VVhqrBoYdiMlfqQDvMXPiPRjn6U9rUB4sK5NK
JySmA9ouwUFeFF/n4xoWlNGhew+QSqAMHSPg//JqQbbOW0EMRAGOSLgBzyVLN9XP
BKiE24K5kymGuevjg11A6x/evBxur+OL83xsQD+eAqEptd+R2HbhKdwLZrGRfzM2
UfKmWw7l5gfyCZzOLZMH9KChQAp72PnioN7Qh/zajcOTzuHA86U/huagpJXnzZX7
ox5/Pcgr5Utjqcse96rED+pvESn3pPW96P+2sP3+PYYn4Ya55nZSh9OFxSMeMwSK
Tb2oGXnQXVycsHa2gRhMbrk2wchNMZa3TxNKTvzTE1hl2g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:11 2025 by rpki-client