Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5f14ea-ebbb-4c8e-be31-9c1e13e0e578/1/si2A_qKxExPI8YfaEnBsOE7Xc-M.roa
File: si2A_qKxExPI8YfaEnBsOE7Xc-M.roa (raw, json)
Hash identifier: e5I32bBu9VSX3MfBM97kmIB4UlPiGETsA0Sg+QGvkZM=
Subject key identifier: B2:2D:80:FE:A2:B1:13:13:C8:F1:87:DA:12:70:6C:38:4E:D7:73:E3
Certificate issuer: /CN=9e5cf2f8b79df662417ec9656ed1166e91aab808
Certificate serial: 018CC7272B682DB94F93A937E93488943352
Authority key identifier: 9E:5C:F2:F8:B7:9D:F6:62:41:7E:C9:65:6E:D1:16:6E:91:AA:B8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlzy-Led9mJBfsllbtEWbpGquAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5f14ea-ebbb-4c8e-be31-9c1e13e0e578/1/si2A_qKxExPI8YfaEnBsOE7Xc-M.roa
Signing time: Mon 01 Jan 2024 22:31:22 +0000
ROA not before: Mon 01 Jan 2024 22:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28847
IP address blocks: 2001:67c:41c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2b:68:2d:b9:4f:93:a9:37:e9:34:88:94:33:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e5cf2f8b79df662417ec9656ed1166e91aab808
Validity
Not Before: Jan 1 22:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b22d80fea2b11313c8f187da12706c384ed773e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:fb:d7:e4:49:21:46:da:c9:81:e8:78:c2:
18:0e:e1:2c:e6:ab:3b:f7:5a:74:a1:f4:00:58:69:
35:71:e4:97:40:f2:9d:f5:92:08:6c:38:a6:e9:d3:
da:ed:96:7e:b2:da:ab:e4:e7:25:dd:ad:d0:02:ad:
fc:a5:62:2e:7d:f4:e4:a9:bb:54:07:90:37:84:cc:
4f:8e:5d:64:91:4c:20:b4:32:13:c7:b6:7a:62:13:
db:c2:c4:6d:1d:06:d7:51:98:46:e4:e0:2c:0c:3a:
10:c7:46:14:fb:4b:fb:bc:27:8a:90:e9:43:fc:1b:
b6:0b:74:0b:17:a1:ec:63:6f:ab:55:f8:51:8b:55:
77:a2:96:80:e4:ec:ca:19:44:8b:69:5b:3f:c0:be:
55:b6:7d:74:39:cf:7a:6c:9d:9e:41:c0:83:08:b5:
a5:12:88:52:6c:80:b6:4a:ab:35:71:e4:0d:9d:8a:
b4:fb:43:97:44:bc:9d:db:60:b9:af:ff:64:0e:c2:
0e:95:d0:25:97:02:c9:13:59:6c:a2:d0:3a:7d:72:
ce:cf:cd:f2:ee:b8:be:8c:e9:84:03:11:7d:b6:df:
81:68:d4:15:66:51:13:ce:83:90:da:bc:69:8f:5f:
3a:be:a0:33:ce:a0:02:e4:f9:f8:57:68:82:ac:59:
b6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2D:80:FE:A2:B1:13:13:C8:F1:87:DA:12:70:6C:38:4E:D7:73:E3
X509v3 Authority Key Identifier:
keyid:9E:5C:F2:F8:B7:9D:F6:62:41:7E:C9:65:6E:D1:16:6E:91:AA:B8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlzy-Led9mJBfsllbtEWbpGquAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5f14ea-ebbb-4c8e-be31-9c1e13e0e578/1/si2A_qKxExPI8YfaEnBsOE7Xc-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5f14ea-ebbb-4c8e-be31-9c1e13e0e578/1/nlzy-Led9mJBfsllbtEWbpGquAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:41c::/48
Signature Algorithm: sha256WithRSAEncryption
b2:8a:e0:2e:42:a1:cf:74:a6:2d:2e:65:de:65:cf:76:03:de:
65:43:8e:4e:97:63:ce:47:e4:be:cb:ed:e3:28:3f:49:da:7e:
5c:2c:48:35:de:c1:0a:5d:ff:83:eb:7f:7e:ad:b8:a6:62:06:
74:0e:b1:fc:5b:79:fc:95:82:de:eb:06:d1:53:1d:2e:45:1c:
26:ea:34:c2:81:38:6b:3d:de:4a:9e:2a:35:c2:c7:ed:ee:0d:
13:6e:5e:1e:44:60:1d:62:90:fa:44:7d:9b:2d:bc:68:d4:c1:
ef:cc:20:94:d0:78:47:7f:35:f9:2c:7a:92:6a:e8:03:07:99:
da:2f:e0:30:14:58:77:e6:ec:74:40:23:ff:48:46:a9:fc:a3:
18:d8:d2:50:f7:5d:94:ec:df:c1:9f:26:c7:68:d9:30:52:72:
86:0c:9b:a8:c1:e4:15:68:71:4c:57:ce:bb:3e:46:36:12:96:
2e:29:5f:62:f6:5a:4c:0a:e1:be:0b:2b:70:34:cb:67:e1:7b:
ee:12:39:93:de:81:66:40:ba:93:a8:3f:5f:e5:b3:5e:8b:8d:
1b:b3:53:60:21:87:f8:2a:8f:8b:66:b5:35:dc:cf:92:ab:48:
cf:e6:33:1c:e7:44:c7:11:14:75:e0:78:97:fe:d2:e6:b1:62:
be:b1:72:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJytoLblPk6k36TSIlDNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNWNmMmY4Yjc5ZGY2NjI0MTdlYzk2NTZlZDExNjZlOTFh
YWI4MDgwHhcNMjQwMTAxMjIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJkODBmZWEyYjExMzEzYzhmMTg3ZGExMjcwNmMzODRlZDc3M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyv71+RJIUbayYHoeMIYDuEs5qs7
91p0ofQAWGk1ceSXQPKd9ZIIbDim6dPa7ZZ+stqr5Ocl3a3QAq38pWIuffTkqbtU
B5A3hMxPjl1kkUwgtDITx7Z6YhPbwsRtHQbXUZhG5OAsDDoQx0YU+0v7vCeKkOlD
/Bu2C3QLF6HsY2+rVfhRi1V3opaA5OzKGUSLaVs/wL5Vtn10Oc96bJ2eQcCDCLWl
EohSbIC2Sqs1ceQNnYq0+0OXRLyd22C5r/9kDsIOldAllwLJE1lsotA6fXLOz83y
7ri+jOmEAxF9tt+BaNQVZlETzoOQ2rxpj186vqAzzqAC5Pn4V2iCrFm2IwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLItgP6isRMTyPGH2hJwbDhO13PjMB8GA1UdIwQY
MBaAFJ5c8vi3nfZiQX7JZW7RFm6RqrgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmx6eS1MZWQ5bUpCZnNsbGJ0RVdicEdxdUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81ZjE0ZWEtZWJiYi00YzhlLWJlMzEt
OWMxZTEzZTBlNTc4LzEvc2kyQV9xS3hFeFBJOFlmYUVuQnNPRTdYYy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81ZjE0ZWEtZWJiYi00YzhlLWJlMzEtOWMxZTEzZTBlNTc4
LzEvbmx6eS1MZWQ5bUpCZnNsbGJ0RVdicEdxdUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAQc
MA0GCSqGSIb3DQEBCwUAA4IBAQCyiuAuQqHPdKYtLmXeZc92A95lQ45Ol2POR+S+
y+3jKD9J2n5cLEg13sEKXf+D639+rbimYgZ0DrH8W3n8lYLe6wbRUx0uRRwm6jTC
gThrPd5Knio1wsft7g0Tbl4eRGAdYpD6RH2bLbxo1MHvzCCU0HhHfzX5LHqSaugD
B5naL+AwFFh35ux0QCP/SEap/KMY2NJQ912U7N/BnybHaNkwUnKGDJuoweQVaHFM
V867PkY2EpYuKV9i9lpMCuG+CytwNMtn4XvuEjmT3oFmQLqTqD9f5bNei40bs1Ng
IYf4Ko+LZrU13M+Sq0jP5jMc50THERR14HiX/tLmsWK+sXIY
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:31 2025 by rpki-client