Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/i-5l2BUUIJzmr1v6PpQOm_eU4q8.roa
File: i-5l2BUUIJzmr1v6PpQOm_eU4q8.roa (raw, json)
Hash identifier: sSysNWnJguecSd+TMV3bmiRFAyjgH0yZWQh5NQGET9s=
Subject key identifier: 8B:EE:65:D8:15:14:20:9C:E6:AF:5B:FA:3E:94:0E:9B:F7:94:E2:AF
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018CC8DE824E4F0703F12E5DF5FC5E1D7318
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/i-5l2BUUIJzmr1v6PpQOm_eU4q8.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201319
IP address blocks: 2a07:2902:6f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jul 2024 12:10:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:82:4e:4f:07:03:f1:2e:5d:f5:fc:5e:1d:73:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bee65d81514209ce6af5bfa3e940e9bf794e2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:80:0d:4d:1d:bc:56:b1:b6:3d:62:cd:b8:65:
fd:4f:3b:91:ab:d7:04:69:30:2e:3b:25:f4:cd:12:
8e:ee:8d:fe:83:e5:16:de:b7:b6:31:f3:59:45:10:
13:98:19:72:b5:1f:c8:22:b0:8f:3e:43:90:c2:e6:
8a:b6:a5:8e:05:12:bf:9a:31:c9:68:fe:fd:ca:97:
e6:cd:a3:a5:d6:e7:1b:d1:3b:9b:33:52:93:c1:0c:
b5:4b:9a:e6:1a:3c:42:08:f6:0d:0d:eb:3f:41:8d:
1f:aa:db:02:31:ef:80:4d:1c:b0:cf:3a:27:52:84:
9c:57:1e:4b:9a:47:b7:cc:c4:f9:10:74:a6:7d:8a:
e2:e7:72:22:e3:27:0d:a6:38:31:8c:81:4d:53:7c:
39:f4:da:a3:d2:bf:1e:1e:b6:58:fa:12:a2:9b:fe:
15:b5:1e:99:96:e9:7a:f1:4c:8e:99:61:15:c5:28:
95:80:42:8c:b7:57:be:b7:2e:b2:74:7d:f9:8e:c4:
59:98:38:09:92:8d:d0:48:b2:42:d3:46:d1:27:43:
83:a2:e0:71:09:d8:f9:e1:20:4c:7b:a8:1b:05:fe:
ca:02:ae:f4:53:9e:19:84:b9:4d:f4:3c:05:a6:b9:
a3:6d:cf:3c:a4:db:41:c1:0d:59:25:4c:9e:64:85:
e2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:EE:65:D8:15:14:20:9C:E6:AF:5B:FA:3E:94:0E:9B:F7:94:E2:AF
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/i-5l2BUUIJzmr1v6PpQOm_eU4q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2902:6f00::/40
Signature Algorithm: sha256WithRSAEncryption
09:fd:94:c9:60:f0:e3:01:45:c8:cb:2c:b4:c5:be:60:63:0f:
d3:8e:05:34:44:8b:96:7f:e6:3a:81:d4:cb:85:c0:cd:ce:43:
4d:e5:6c:11:d2:75:87:fa:3e:a4:b4:a0:16:97:0a:a3:cb:ac:
59:db:c9:23:45:36:74:76:2c:9d:08:90:57:d0:77:f8:50:52:
58:09:dd:26:2f:77:b4:f2:b2:e1:17:e5:91:86:1d:e7:31:73:
0f:dd:a4:75:3c:69:42:aa:54:b2:c1:0e:05:fd:7f:24:5d:1e:
0e:db:6e:ae:7e:ef:fd:12:f1:02:e8:08:ec:e4:c0:c0:23:1a:
99:58:cc:45:26:37:22:11:ef:61:55:62:b1:59:03:cc:9f:7d:
1c:c8:b4:66:98:92:79:f2:c1:4f:f2:ba:42:09:9a:41:4f:0d:
e0:ee:e2:c8:ae:fe:09:c7:30:15:8f:01:39:97:0e:41:27:42:
70:c5:bf:54:39:76:df:98:1e:be:fe:ec:9c:36:3a:eb:87:c0:
9d:8a:f4:2f:62:d3:a1:51:45:7d:bb:66:1a:da:28:9e:90:2e:
d5:13:f4:02:10:ff:20:f3:2c:4a:e7:55:35:49:77:d3:3f:08:
dd:93:78:02:97:dd:79:0f:13:a6:90:2e:e5:ba:20:b2:5a:0c:
01:36:13:f7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzI3oJOTwcD8S5d9fxeHXMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmVlNjVkODE1MTQyMDljZTZhZjViZmEzZTk0MGU5YmY3OTRlMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYANTR28VrG2PWLNuGX9TzuRq9cE
aTAuOyX0zRKO7o3+g+UW3re2MfNZRRATmBlytR/IIrCPPkOQwuaKtqWOBRK/mjHJ
aP79ypfmzaOl1ucb0TubM1KTwQy1S5rmGjxCCPYNDes/QY0fqtsCMe+ATRywzzon
UoScVx5Lmke3zMT5EHSmfYri53Ii4ycNpjgxjIFNU3w59Nqj0r8eHrZY+hKim/4V
tR6Zlul68UyOmWEVxSiVgEKMt1e+ty6ydH35jsRZmDgJko3QSLJC00bRJ0ODouBx
Cdj54SBMe6gbBf7KAq70U54ZhLlN9DwFprmjbc88pNtBwQ1ZJUyeZIXiQwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIvuZdgVFCCc5q9b+j6UDpv3lOKvMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvaS01bDJCVVVJSnptcjF2NlBwUU9tX2VVNHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgcpAm8w
DQYJKoZIhvcNAQELBQADggEBAAn9lMlg8OMBRcjLLLTFvmBjD9OOBTREi5Z/5jqB
1MuFwM3OQ03lbBHSdYf6PqS0oBaXCqPLrFnbySNFNnR2LJ0IkFfQd/hQUlgJ3SYv
d7TysuEX5ZGGHecxcw/dpHU8aUKqVLLBDgX9fyRdHg7bbq5+7/0S8QLoCOzkwMAj
GplYzEUmNyIR72FVYrFZA8yffRzItGaYknnywU/yukIJmkFPDeDu4siu/gnHMBWP
ATmXDkEnQnDFv1Q5dt+YHr7+7Jw2OuuHwJ2K9C9i06FRRX27ZhraKJ6QLtUT9AIQ
/yDzLErnVTVJd9M/CN2TeAKX3XkPE6aQLuW6ILJaDAE2E/c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:07:00 2025 by rpki-client