Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/XnUSjsrAlz9-ISjqx-aHoFsvx88.roa
File: XnUSjsrAlz9-ISjqx-aHoFsvx88.roa (raw, json)
Hash identifier: LduoJ+acjaWJu+P1bPaWL+6AAnJqqhMz1eLXfvTdfvg=
Subject key identifier: 5E:75:12:8E:CA:C0:97:3F:7E:21:28:EA:C7:E6:87:A0:5B:2F:C7:CF
Certificate issuer: /CN=16a321215a4d35ed2298b073971db408864fd362
Certificate serial: 018CC3B68E2BA9FA634460434AE4FFE4816A
Authority key identifier: 16:A3:21:21:5A:4D:35:ED:22:98:B0:73:97:1D:B4:08:86:4F:D3:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FqMhIVpNNe0imLBzlx20CIZP02I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/XnUSjsrAlz9-ISjqx-aHoFsvx88.roa
Signing time: Mon 01 Jan 2024 06:29:30 +0000
ROA not before: Mon 01 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212704
IP address blocks: 2001:678:4d8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8e:2b:a9:fa:63:44:60:43:4a:e4:ff:e4:81:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16a321215a4d35ed2298b073971db408864fd362
Validity
Not Before: Jan 1 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e75128ecac0973f7e2128eac7e687a05b2fc7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:e6:2c:b8:e5:09:02:d7:23:96:36:77:19:
d9:a1:76:e8:13:f2:a1:cf:31:c8:2e:db:44:22:0f:
99:68:97:da:bd:8c:68:06:6a:ea:01:af:d4:4d:3a:
46:b5:0b:cd:65:f7:9d:25:6f:0a:2c:af:49:48:5b:
63:48:66:d7:6b:89:5a:af:3d:8a:ea:55:f3:49:25:
45:ec:35:62:d6:b8:8e:4b:62:3d:35:c7:36:b7:06:
11:c3:2c:96:0c:0e:7e:be:19:eb:ba:51:81:9e:a9:
19:1a:a7:3a:ab:fc:86:35:c8:a5:4c:61:38:28:fd:
4a:76:22:19:52:39:95:88:29:23:0d:4f:0d:6f:e7:
ea:28:50:85:04:86:8b:21:e6:dc:1a:ee:de:07:21:
65:88:fa:10:aa:2d:fb:85:85:02:db:9c:f0:13:09:
f6:4d:61:a5:e1:18:46:c1:1b:2e:34:84:10:90:e0:
79:24:e5:52:ef:ae:52:e7:15:83:f7:28:fe:e0:59:
7f:f3:7f:58:4d:6d:ad:39:68:8e:21:16:a4:f5:eb:
b8:3b:b5:3b:e9:0d:b1:9b:4f:c0:35:d7:5f:28:e2:
c2:f9:2a:40:5d:f0:f3:5e:ba:2a:72:61:fa:95:14:
07:c9:ce:95:90:0c:1f:eb:ab:ae:0a:73:22:a5:39:
c5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:75:12:8E:CA:C0:97:3F:7E:21:28:EA:C7:E6:87:A0:5B:2F:C7:CF
X509v3 Authority Key Identifier:
keyid:16:A3:21:21:5A:4D:35:ED:22:98:B0:73:97:1D:B4:08:86:4F:D3:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FqMhIVpNNe0imLBzlx20CIZP02I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/XnUSjsrAlz9-ISjqx-aHoFsvx88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/9ca8b2-5ec8-4d2a-b994-c4c94b88071b/1/FqMhIVpNNe0imLBzlx20CIZP02I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4d8::/48
Signature Algorithm: sha256WithRSAEncryption
9e:d5:2a:70:69:d5:72:00:3c:0f:0a:25:c8:8d:48:59:e7:b7:
17:b1:47:f3:d4:ed:4d:bc:1f:3e:e9:90:52:e3:7b:0f:ca:11:
1c:93:88:5e:d0:7e:2e:b5:c9:bd:c1:3b:e7:2d:c3:af:6d:96:
f8:6e:98:6d:fc:47:80:7e:18:19:6b:40:39:8f:c2:2b:c7:1b:
b3:2e:c2:7f:f1:1b:88:d4:ab:5d:7f:82:7e:b1:34:fc:48:ea:
ec:5b:58:da:49:80:5d:d9:f9:32:b1:1c:98:80:04:bf:52:ef:
84:cf:e1:f3:6d:02:be:9c:7b:fe:42:a8:68:db:8f:19:23:df:
9a:df:26:62:0a:1a:87:25:6a:3f:4b:7d:fc:ec:10:29:2c:3f:
2d:ff:7d:94:0c:34:a8:cd:17:4e:3a:02:0c:88:16:d6:d5:4c:
86:61:9b:67:fb:f0:95:dc:07:c0:b7:33:e9:b2:f1:aa:78:62:
72:7d:c1:5a:a8:b9:c9:31:d9:9d:15:3d:ed:cf:20:b7:81:8b:
fc:ec:38:c0:b6:40:88:aa:32:5a:86:0a:59:8d:4d:8b:d8:c6:
60:db:ae:68:27:a9:6a:9e:4e:28:b3:d9:24:ce:a2:4d:f8:74:
f2:97:02:6b:27:59:0b:76:f3:58:4a:f6:84:7d:44:f6:82:3e:
2e:b2:ca:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDto4rqfpjRGBDSuT/5IFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YTMyMTIxNWE0ZDM1ZWQyMjk4YjA3Mzk3MWRiNDA4ODY0
ZmQzNjIwHhcNMjQwMTAxMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc1MTI4ZWNhYzA5NzNmN2UyMTI4ZWFjN2U2ODdhMDViMmZjN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolPmLLjlCQLXI5Y2dxnZoXboE/Kh
zzHILttEIg+ZaJfavYxoBmrqAa/UTTpGtQvNZfedJW8KLK9JSFtjSGbXa4larz2K
6lXzSSVF7DVi1riOS2I9Ncc2twYRwyyWDA5+vhnrulGBnqkZGqc6q/yGNcilTGE4
KP1KdiIZUjmViCkjDU8Nb+fqKFCFBIaLIebcGu7eByFliPoQqi37hYUC25zwEwn2
TWGl4RhGwRsuNIQQkOB5JOVS765S5xWD9yj+4Fl/839YTW2tOWiOIRak9eu4O7U7
6Q2xm0/ANddfKOLC+SpAXfDzXroqcmH6lRQHyc6VkAwf66uuCnMipTnFMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF51Eo7KwJc/fiEo6sfmh6BbL8fPMB8GA1UdIwQY
MBaAFBajISFaTTXtIpiwc5cdtAiGT9NiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnFNaElWcE5OZTBpbUxCemx4MjBDSVpQMDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85Y2E4YjItNWVjOC00ZDJhLWI5OTQt
YzRjOTRiODgwNzFiLzEvWG5VU2pzckFsejktSVNqcXgtYUhvRnN2eDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85Y2E4YjItNWVjOC00ZDJhLWI5OTQtYzRjOTRiODgwNzFi
LzEvRnFNaElWcE5OZTBpbUxCemx4MjBDSVpQMDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeATY
MA0GCSqGSIb3DQEBCwUAA4IBAQCe1SpwadVyADwPCiXIjUhZ57cXsUfz1O1NvB8+
6ZBS43sPyhEck4he0H4utcm9wTvnLcOvbZb4bpht/EeAfhgZa0A5j8IrxxuzLsJ/
8RuI1Ktdf4J+sTT8SOrsW1jaSYBd2fkysRyYgAS/Uu+Ez+HzbQK+nHv+Qqho248Z
I9+a3yZiChqHJWo/S3387BApLD8t/32UDDSozRdOOgIMiBbW1UyGYZtn+/CV3AfA
tzPpsvGqeGJyfcFaqLnJMdmdFT3tzyC3gYv87DjAtkCIqjJahgpZjU2L2MZg265o
J6lqnk4os9kkzqJN+HTylwJrJ1kLdvNYSvaEfUT2gj4ussok
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:24 2025 by rpki-client