Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/S1laKo8Pp4PGOz7ZAhMvudcO3Qk.roa
File: S1laKo8Pp4PGOz7ZAhMvudcO3Qk.roa (raw, json)
Hash identifier: Lw4V9HZmryR3aRSCt35n9hyxptPPW7obA+Jh8t8a/VE=
Subject key identifier: 4B:59:5A:2A:8F:0F:A7:83:C6:3B:3E:D9:02:13:2F:B9:D7:0E:DD:09
Certificate issuer: /CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Certificate serial: 019302AB7CCC476EE3221588139DCEE4DD41
Authority key identifier: 73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/S1laKo8Pp4PGOz7ZAhMvudcO3Qk.roa
Signing time: Wed 06 Nov 2024 18:10:13 +0000
ROA not before: Wed 06 Nov 2024 18:10:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2001:3300::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:ab:7c:cc:47:6e:e3:22:15:88:13:9d:ce:e4:dd:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Validity
Not Before: Nov 6 18:10:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b595a2a8f0fa783c63b3ed902132fb9d70edd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:72:b7:50:f1:03:ca:44:75:75:a9:1c:91:ec:
f2:d0:6f:50:0b:78:23:0b:57:3f:ef:53:20:95:67:
81:69:2b:d5:07:73:12:e2:19:20:08:58:c2:89:bf:
eb:86:c5:ac:1d:6e:db:0b:b0:81:53:a5:cf:c9:eb:
e0:5e:df:04:dc:9f:bb:e7:23:19:95:bc:6d:2b:9b:
7a:21:f1:c7:ac:5b:cc:9a:e9:d0:0d:49:4b:8c:44:
b7:82:a1:88:7a:9a:5e:d8:4c:86:13:16:2a:6b:9d:
97:9f:53:6c:1d:99:89:c1:69:8b:a4:94:a4:54:d6:
76:0b:4c:43:3c:11:e7:36:bf:ff:10:40:f8:c0:d8:
6d:12:09:e9:8a:b4:b6:22:54:03:79:61:a5:63:7e:
10:1a:d2:f6:f8:d9:11:b1:c8:23:16:52:31:5b:1f:
4c:11:24:0a:34:7e:ce:fb:14:d1:c6:79:79:e5:2b:
a8:4b:23:9d:c5:4d:1b:ac:35:df:8c:9b:6f:56:80:
0a:ef:ef:f5:c2:7e:08:16:c7:5b:bd:4b:45:3c:a4:
23:02:a0:10:96:9c:5a:05:6c:07:45:b9:03:e7:e4:
63:38:b6:8a:6a:ff:b0:b6:5d:58:61:12:bb:ce:97:
c0:b8:e4:13:e0:c8:c5:9e:b5:6a:c8:74:1d:6e:80:
03:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:59:5A:2A:8F:0F:A7:83:C6:3B:3E:D9:02:13:2F:B9:D7:0E:DD:09
X509v3 Authority Key Identifier:
keyid:73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/S1laKo8Pp4PGOz7ZAhMvudcO3Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/c2XsEgFPkR9yBe7LwvyBi5s1cjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3300::/32
Signature Algorithm: sha256WithRSAEncryption
59:80:21:06:94:bf:08:73:df:fa:b3:ad:b2:be:2a:cd:04:2b:
85:94:62:d7:93:08:af:a6:91:87:3a:f2:49:76:39:b2:41:e7:
c0:e3:2f:6a:7a:26:fc:03:af:f2:69:f0:0f:2a:28:16:d2:e4:
5f:e0:01:62:ea:c5:d2:ee:e2:33:f0:8b:ac:a3:66:23:9f:7c:
1b:55:c5:cc:bc:59:4b:da:6c:4d:70:96:48:d2:0e:8d:47:38:
0a:cb:4e:1b:7f:69:d3:68:00:17:4e:f0:ab:7b:9b:8d:2a:32:
c2:cd:e4:c4:a7:3b:b1:f3:f8:b0:4e:89:7c:a0:ff:73:b4:1d:
f7:d6:bf:8e:cf:f9:12:f1:98:13:02:d5:ea:da:d1:f3:be:7c:
77:f9:ca:10:1d:ca:10:55:7d:1f:11:fb:8f:3b:42:f7:13:5d:
ea:a2:96:10:7f:b0:46:cb:6a:e0:b6:f2:f8:67:6a:f2:2a:e6:
2a:05:4b:6a:10:35:c4:30:a5:23:70:d0:df:06:d8:03:ba:3d:
af:35:57:82:d1:12:a6:b8:ac:de:43:39:ba:52:c9:32:4e:b8:
04:b9:5a:e7:be:56:51:43:79:44:c5:90:71:e9:20:76:a6:b2:
cb:06:33:25:e4:90:4e:cb:ce:13:4e:2c:6e:79:90:a0:19:8e:
43:54:f0:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMCq3zMR27jIhWIE53O5N1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjVlYzEyMDE0ZjkxMWY3MjA1ZWVjYmMyZmM4MThiOWIz
NTcyM2MwHhcNMjQxMTA2MTgxMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU5NWEyYThmMGZhNzgzYzYzYjNlZDkwMjEzMmZiOWQ3MGVkZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXK3UPEDykR1dakckezy0G9QC3gj
C1c/71MglWeBaSvVB3MS4hkgCFjCib/rhsWsHW7bC7CBU6XPyevgXt8E3J+75yMZ
lbxtK5t6IfHHrFvMmunQDUlLjES3gqGIeppe2EyGExYqa52Xn1NsHZmJwWmLpJSk
VNZ2C0xDPBHnNr//EED4wNhtEgnpirS2IlQDeWGlY34QGtL2+NkRscgjFlIxWx9M
ESQKNH7O+xTRxnl55SuoSyOdxU0brDXfjJtvVoAK7+/1wn4IFsdbvUtFPKQjAqAQ
lpxaBWwHRbkD5+RjOLaKav+wtl1YYRK7zpfAuOQT4MjFnrVqyHQdboAD/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEtZWiqPD6eDxjs+2QITL7nXDt0JMB8GA1UdIwQY
MBaAFHNl7BIBT5EfcgXuy8L8gYubNXI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYt
NWExOWFmZGIwNmE3LzEvUzFsYUtvOFBwNFBHT3o3WkFoTXZ1ZGNPM1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYtNWExOWFmZGIwNmE3
LzEvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEzADAN
BgkqhkiG9w0BAQsFAAOCAQEAWYAhBpS/CHPf+rOtsr4qzQQrhZRi15MIr6aRhzry
SXY5skHnwOMvanom/AOv8mnwDyooFtLkX+ABYurF0u7iM/CLrKNmI598G1XFzLxZ
S9psTXCWSNIOjUc4CstOG39p02gAF07wq3ubjSoyws3kxKc7sfP4sE6JfKD/c7Qd
99a/js/5EvGYEwLV6trR8758d/nKEB3KEFV9HxH7jztC9xNd6qKWEH+wRstq4Lby
+Gdq8irmKgVLahA1xDClI3DQ3wbYA7o9rzVXgtESpris3kM5ulLJMk64BLla575W
UUN5RMWQcekgdqayywYzJeSQTsvOE04sbnmQoBmOQ1TwTg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:38:06 2025 by rpki-client