Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sqCezmegFErLrvn39mfihWO7H6U.roa
File: sqCezmegFErLrvn39mfihWO7H6U.roa (raw, json)
Hash identifier: c9jG+2t3vOH2DPCYmEFJuCL4YiKqcC0bLDRtFekvJzc=
Subject key identifier: B2:A0:9E:CE:67:A0:14:4A:CB:AE:F9:F7:F6:67:E2:85:63:BB:1F:A5
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018CC8DE836EB6B3BDBEC55BE123576672E8
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sqCezmegFErLrvn39mfihWO7H6U.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211452
IP address blocks: 2a07:291b::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:83:6e:b6:b3:bd:be:c5:5b:e1:23:57:66:72:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2a09ece67a0144acbaef9f7f667e28563bb1fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:fa:0d:b4:13:03:43:dc:82:cc:a1:1d:07:
9d:2f:44:a4:fa:c6:ac:28:01:e2:78:76:05:58:b8:
3e:a0:ea:45:41:1d:aa:a1:a4:e4:6f:fd:97:44:15:
21:c7:d1:fc:99:fa:26:10:82:44:20:65:c4:94:40:
19:a3:21:68:92:ba:14:4b:87:84:1f:c5:1d:33:86:
71:67:3e:96:b4:60:27:5c:0e:22:cf:2a:30:0a:7d:
25:f8:98:65:74:72:43:ad:4f:8a:f4:71:1f:8a:88:
5b:51:b6:9d:98:3a:66:b1:18:7e:97:48:51:07:7e:
51:72:ca:58:e8:5c:68:57:e2:00:aa:0c:2e:0e:05:
3e:0e:0a:50:f2:09:79:94:01:31:c7:54:44:63:94:
53:91:08:b0:bf:69:5d:1a:6b:99:47:b5:53:13:f1:
c5:72:0e:ab:be:ec:71:c0:43:2b:43:d6:e6:e8:f7:
f2:41:da:49:81:78:48:3a:d8:c1:8d:0f:02:04:42:
45:bd:64:b1:e1:a9:2e:1a:fd:dc:2a:59:60:3f:c6:
7b:a3:96:ad:c2:aa:5d:a7:0e:c6:82:6b:ef:ea:dc:
1d:47:ed:3a:32:d7:14:0f:9a:ef:44:1a:01:48:ef:
4d:50:3d:40:3c:34:90:4e:67:cb:b6:25:87:e5:54:
9f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A0:9E:CE:67:A0:14:4A:CB:AE:F9:F7:F6:67:E2:85:63:BB:1F:A5
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/sqCezmegFErLrvn39mfihWO7H6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:291b::/32
Signature Algorithm: sha256WithRSAEncryption
84:56:b9:70:d5:66:80:6a:ba:8c:49:3e:96:69:bb:65:5a:1f:
11:3e:31:c7:44:cd:4d:2b:c8:11:bc:38:6e:76:38:d4:d4:d1:
cd:48:bc:81:a6:42:2c:6f:29:86:94:82:41:19:f1:84:32:bc:
b6:05:0f:73:57:f0:bb:cc:90:88:f5:03:42:bd:d2:df:3f:f7:
ae:b5:d8:bd:4b:46:a5:df:d4:ca:c4:ce:3a:78:b2:f9:01:3f:
da:f0:9b:f9:d9:27:a1:db:d9:e7:d9:3f:ec:52:bb:bd:61:cd:
33:ad:61:9a:4d:3a:4a:b1:94:19:f4:07:24:0a:00:b7:e6:61:
5f:38:f8:3b:cf:5a:b1:d7:34:b5:33:e8:fb:a3:33:4d:9c:45:
d1:34:b0:38:45:ab:48:a2:65:af:f1:3c:2b:4a:65:96:cf:fa:
18:2a:0d:5d:fd:3d:f8:5e:ca:0f:66:e6:d1:76:35:fe:d4:b2:
36:b0:e5:79:56:f7:01:27:6f:65:eb:6d:6d:8f:16:38:4a:a0:
4e:c5:5c:29:04:2f:98:13:56:6e:cb:90:fc:ee:60:9f:8b:10:
55:a0:cd:40:5f:ea:96:d0:d7:2b:d9:ab:b9:de:37:a3:01:57:
8a:bf:ae:8e:1b:b6:0e:76:13:a9:23:fc:3b:39:8c:16:6a:eb:
47:3e:1a:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3oNutrO9vsVb4SNXZnLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmEwOWVjZTY3YTAxNDRhY2JhZWY5ZjdmNjY3ZTI4NTYzYmIxZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBv6DbQTA0PcgsyhHQedL0Sk+sas
KAHieHYFWLg+oOpFQR2qoaTkb/2XRBUhx9H8mfomEIJEIGXElEAZoyFokroUS4eE
H8UdM4ZxZz6WtGAnXA4izyowCn0l+JhldHJDrU+K9HEfiohbUbadmDpmsRh+l0hR
B35RcspY6FxoV+IAqgwuDgU+DgpQ8gl5lAExx1REY5RTkQiwv2ldGmuZR7VTE/HF
cg6rvuxxwEMrQ9bm6PfyQdpJgXhIOtjBjQ8CBEJFvWSx4akuGv3cKllgP8Z7o5at
wqpdpw7Ggmvv6twdR+06MtcUD5rvRBoBSO9NUD1APDSQTmfLtiWH5VSfMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLKgns5noBRKy6759/Zn4oVjux+lMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvc3FDZXptZWdGRXJMcnZuMzltZmloV083SDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgcpGzAN
BgkqhkiG9w0BAQsFAAOCAQEAhFa5cNVmgGq6jEk+lmm7ZVofET4xx0TNTSvIEbw4
bnY41NTRzUi8gaZCLG8phpSCQRnxhDK8tgUPc1fwu8yQiPUDQr3S3z/3rrXYvUtG
pd/UysTOOniy+QE/2vCb+dknodvZ59k/7FK7vWHNM61hmk06SrGUGfQHJAoAt+Zh
Xzj4O89asdc0tTPo+6MzTZxF0TSwOEWrSKJlr/E8K0plls/6GCoNXf09+F7KD2bm
0XY1/tSyNrDleVb3ASdvZettbY8WOEqgTsVcKQQvmBNWbsuQ/O5gn4sQVaDNQF/q
ltDXK9mrud43owFXir+ujhu2DnYTqSP8OzmMFmrrRz4aRQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:27 2025 by rpki-client