Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/RBp9hSWiOHFxjsyzPAikhtCu3eY.roa
File: RBp9hSWiOHFxjsyzPAikhtCu3eY.roa (raw, json)
Hash identifier: /jvFfU99KGX3p6ZmNjpbcOX4TE/bhkTqK8uSutylLo0=
Subject key identifier: 44:1A:7D:85:25:A2:38:71:71:8E:CC:B3:3C:08:A4:86:D0:AE:DD:E6
Certificate issuer: /CN=2901d76431c6e873d3c44730571e1e50d602057c
Certificate serial: 0192E1BB4D9D9F1452F1801EFA0D191E51CD
Authority key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/RBp9hSWiOHFxjsyzPAikhtCu3eY.roa
Signing time: Thu 31 Oct 2024 08:40:01 +0000
ROA not before: Thu 31 Oct 2024 08:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212037
IP address blocks: 2001:67c:1680::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e1:bb:4d:9d:9f:14:52:f1:80:1e:fa:0d:19:1e:51:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901d76431c6e873d3c44730571e1e50d602057c
Validity
Not Before: Oct 31 08:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=441a7d8525a23871718eccb33c08a486d0aedde6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:95:dc:72:ba:51:00:f7:55:39:f8:02:eb:
0d:0d:aa:a4:24:ca:7d:e7:67:6e:aa:6d:ff:7d:8f:
2d:4a:ff:9a:b9:6f:5f:ac:46:75:d0:d0:80:97:ca:
84:33:3c:bb:62:d8:31:0c:48:5c:3c:e5:38:d9:ec:
e2:55:49:bc:0e:e6:90:7d:90:80:e5:8e:03:a9:cd:
45:b0:2a:a3:e7:3c:d9:6c:63:77:ba:cf:b5:be:7d:
b1:7d:9c:9a:a3:cc:68:e6:7e:aa:b4:9b:b4:be:90:
3e:d7:70:3a:45:be:76:96:32:0b:9a:bc:c7:99:df:
7d:31:d7:f2:e4:46:56:72:68:ef:6b:8d:1c:d0:af:
61:74:5f:a8:b5:08:4c:0c:26:26:d5:da:c9:d7:c0:
7f:c3:f3:ab:87:78:c4:fe:57:0d:d6:cc:ea:8d:a7:
ed:d0:f0:2b:b8:70:c8:19:69:27:b0:3d:9f:ff:e5:
a2:bb:68:dc:85:7b:70:cb:80:92:40:59:f6:c9:ad:
36:d0:97:eb:7b:71:15:8f:f9:a9:9e:79:0f:69:3b:
06:37:09:50:44:4f:59:a6:cb:f0:42:bb:06:5f:4c:
07:53:70:7f:01:be:7c:95:fc:33:00:5c:0e:97:fd:
0e:b5:e0:13:ce:7a:dd:15:b6:9d:48:2b:5d:dd:27:
9d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1A:7D:85:25:A2:38:71:71:8E:CC:B3:3C:08:A4:86:D0:AE:DD:E6
X509v3 Authority Key Identifier:
keyid:29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/RBp9hSWiOHFxjsyzPAikhtCu3eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1680::/48
Signature Algorithm: sha256WithRSAEncryption
af:20:24:a0:0d:3d:4a:83:df:c6:ca:2e:f5:fd:5f:f8:be:95:
fd:c9:a2:1d:eb:be:85:98:92:75:1f:4e:f7:0b:21:2e:2b:bc:
83:d4:e5:8c:39:34:95:18:c3:bd:f6:f3:97:f4:91:23:82:2d:
e2:bf:a3:e3:4d:69:1a:2a:d8:e4:37:25:cf:77:c7:b1:8e:5c:
23:fa:c6:9f:59:f3:e8:43:9f:30:8d:a8:2b:54:f0:eb:d8:9f:
c0:2c:9b:b8:d2:99:d3:b8:78:d7:fd:d0:46:73:28:ac:aa:61:
0b:41:c7:a2:f3:e3:d7:3f:5e:73:57:53:16:64:71:7b:c6:0f:
46:cd:34:db:ea:39:17:94:66:59:a7:2b:35:09:88:e7:da:fd:
cd:e1:fa:a7:0a:b3:76:2d:a1:e6:2e:d3:6b:5c:29:6e:8b:25:
5b:e5:87:ed:bd:1c:37:dd:ae:05:cb:b5:92:85:b4:62:63:05:
ae:9d:32:8e:0b:3c:bd:b7:17:60:d6:c2:60:0c:90:45:bc:a9:
c4:47:1d:ae:cf:af:2b:5d:60:80:83:b9:69:26:54:fa:77:3e:
9b:cb:e6:47:48:23:3b:56:9d:c5:1d:3c:d8:7a:b6:1e:3e:a4:
82:65:9e:29:72:65:57:a7:7b:0b:27:bd:88:f7:fd:d5:ad:73:
24:de:5b:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZLhu02dnxRS8YAe+g0ZHlHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFkNzY0MzFjNmU4NzNkM2M0NDczMDU3MWUxZTUwZDYw
MjA1N2MwHhcNMjQxMDMxMDg0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDFhN2Q4NTI1YTIzODcxNzE4ZWNjYjMzYzA4YTQ4NmQwYWVkZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofOV3HK6UQD3VTn4AusNDaqkJMp9
52duqm3/fY8tSv+auW9frEZ10NCAl8qEMzy7YtgxDEhcPOU42eziVUm8DuaQfZCA
5Y4Dqc1FsCqj5zzZbGN3us+1vn2xfZyao8xo5n6qtJu0vpA+13A6Rb52ljILmrzH
md99Mdfy5EZWcmjva40c0K9hdF+otQhMDCYm1drJ18B/w/Orh3jE/lcN1szqjaft
0PAruHDIGWknsD2f/+Wiu2jchXtwy4CSQFn2ya020Jfre3EVj/mpnnkPaTsGNwlQ
RE9ZpsvwQrsGX0wHU3B/Ab58lfwzAFwOl/0OteATznrdFbadSCtd3SedbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEQafYUlojhxcY7MszwIpIbQrt3mMB8GA1UdIwQY
MBaAFCkB12Qxxuhz08RHMFceHlDWAgV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTIt
M2U2ZjAzMjQ0MTBhLzEvUkJwOWhTV2lPSEZ4anN5elBBaWtodEN1M2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTItM2U2ZjAzMjQ0MTBh
LzEvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCvICSgDT1Kg9/Gyi71/V/4vpX9yaId676FmJJ1
H073CyEuK7yD1OWMOTSVGMO99vOX9JEjgi3iv6PjTWkaKtjkNyXPd8exjlwj+saf
WfPoQ58wjagrVPDr2J/ALJu40pnTuHjX/dBGcyisqmELQcei8+PXP15zV1MWZHF7
xg9GzTTb6jkXlGZZpys1CYjn2v3N4fqnCrN2LaHmLtNrXCluiyVb5YftvRw33a4F
y7WShbRiYwWunTKOCzy9txdg1sJgDJBFvKnERx2uz68rXWCAg7lpJlT6dz6by+ZH
SCM7Vp3FHTzYerYePqSCZZ4pcmVXp3sLJ72I9/3VrXMk3lsy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:05 2025 by rpki-client