Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cef27e-9903-4c3f-807c-128e0053dccf/1/PrbfBC9mFl2IS9S5VAOuBtKea6g.roa
File: PrbfBC9mFl2IS9S5VAOuBtKea6g.roa (raw, json)
Hash identifier: rFFoNPYvYzAlIQcewG/F166cW0ommqdKLKZBjNu4VeM=
Subject key identifier: 3E:B6:DF:04:2F:66:16:5D:88:4B:D4:B9:54:03:AE:06:D2:9E:6B:A8
Certificate issuer: /CN=1ccf33cf78477313c7382e89b17573ed68588b93
Certificate serial: 0193BA8D4B8508605F1CB6FAF7D3D817D930
Authority key identifier: 1C:CF:33:CF:78:47:73:13:C7:38:2E:89:B1:75:73:ED:68:58:8B:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HM8zz3hHcxPHOC6JsXVz7WhYi5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cef27e-9903-4c3f-807c-128e0053dccf/1/PrbfBC9mFl2IS9S5VAOuBtKea6g.roa
Signing time: Thu 12 Dec 2024 11:07:22 +0000
ROA not before: Thu 12 Dec 2024 11:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213727
IP address blocks: 2a14:ec00::/48 maxlen: 48
2a14:ec00:1::/48 maxlen: 48
2a14:ec00:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:8d:4b:85:08:60:5f:1c:b6:fa:f7:d3:d8:17:d9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ccf33cf78477313c7382e89b17573ed68588b93
Validity
Not Before: Dec 12 11:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb6df042f66165d884bd4b95403ae06d29e6ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1c:91:73:6e:d3:5f:44:6d:eb:71:74:07:17:
2b:a1:0a:a6:96:60:87:bb:8c:a6:3b:45:e5:fc:27:
0a:18:d0:e4:f8:49:99:1b:59:fb:7f:bf:64:ae:57:
36:15:3c:43:31:6d:e3:9f:7b:9d:9f:9f:d3:5c:05:
53:c3:6a:28:34:5c:9e:e3:40:ca:71:f6:f5:e9:88:
da:e7:c4:33:ca:f9:41:9d:74:93:7c:34:88:6c:b2:
7b:dc:50:d7:22:45:f7:e8:ad:be:0a:b6:b9:c3:5d:
e8:e9:5b:67:12:b1:ce:4b:b8:f7:b6:32:b4:99:d7:
ee:3f:00:a4:fa:f5:7c:1d:94:b0:53:2a:f2:d6:3b:
ac:21:34:c3:fd:57:da:92:a0:61:bb:ac:10:65:7b:
53:bc:b3:cc:c4:a0:3c:4c:c0:19:8a:00:43:80:14:
d0:ff:18:26:e6:05:9d:fd:b6:ff:b8:b5:14:dd:0c:
36:1a:11:99:df:54:8b:13:d4:1e:ef:04:5a:3a:d4:
87:65:32:e4:ca:d0:df:2d:d6:89:ca:e0:b9:db:0a:
2c:5f:a9:5e:b2:72:52:cf:0c:4a:f0:8b:2d:c2:1d:
09:7c:9c:3e:97:c1:ec:d9:7b:e0:ef:1e:7c:89:dc:
c1:39:ef:8d:16:9d:46:51:47:f2:49:45:9f:90:ca:
f0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B6:DF:04:2F:66:16:5D:88:4B:D4:B9:54:03:AE:06:D2:9E:6B:A8
X509v3 Authority Key Identifier:
keyid:1C:CF:33:CF:78:47:73:13:C7:38:2E:89:B1:75:73:ED:68:58:8B:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HM8zz3hHcxPHOC6JsXVz7WhYi5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cef27e-9903-4c3f-807c-128e0053dccf/1/PrbfBC9mFl2IS9S5VAOuBtKea6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cef27e-9903-4c3f-807c-128e0053dccf/1/HM8zz3hHcxPHOC6JsXVz7WhYi5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ec00::-2a14:ec00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:00:33:3d:7b:11:19:3a:73:08:b0:bd:5f:19:27:15:3d:58:
19:26:1e:a3:42:70:0e:24:c6:4e:ef:e7:22:70:9a:b1:4b:04:
55:25:0f:ce:7a:19:56:69:4c:c9:eb:30:00:e1:f8:46:d3:bd:
c9:ed:d0:fc:6d:64:84:49:48:ff:3b:2c:40:6e:e5:f0:ca:00:
82:2e:c7:de:57:c2:35:e7:4d:22:e7:4a:b4:77:0f:b9:65:14:
d1:45:9f:b6:97:8c:6b:0b:6a:c3:53:20:2b:58:83:7e:f4:b4:
86:ad:8d:2d:4f:48:72:2b:34:27:03:9b:94:44:e0:b8:d1:02:
b5:61:df:3f:c0:8b:47:19:7c:5b:bf:7d:7b:18:8a:21:a6:64:
75:0f:0f:a5:51:41:1b:cc:87:e2:83:7b:09:a6:09:15:31:1f:
85:6d:95:81:8c:70:04:cd:8d:09:d3:64:df:c8:dc:4c:8b:86:
04:cc:cc:a6:a2:5e:ec:2a:43:9b:d0:8e:98:63:84:67:7c:2a:
c8:3c:ea:94:bc:7b:e4:a3:af:dc:e2:5a:f5:71:90:9f:7d:23:
6e:95:7b:61:05:46:bb:d2:0f:13:31:6c:30:f5:04:ae:f5:6c:
4a:9c:ee:23:16:e8:98:95:d9:6a:f2:e6:6e:e8:f0:4d:4f:26:
d5:e8:5d:b0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZO6jUuFCGBfHLb699PYF9kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjY2YzM2NmNzg0NzczMTNjNzM4MmU4OWIxNzU3M2VkNjg1
ODhiOTMwHhcNMjQxMjEyMTEwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI2ZGYwNDJmNjYxNjVkODg0YmQ0Yjk1NDAzYWUwNmQyOWU2YmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RyRc27TX0Rt63F0BxcroQqmlmCH
u4ymO0Xl/CcKGNDk+EmZG1n7f79krlc2FTxDMW3jn3udn5/TXAVTw2ooNFye40DK
cfb16Yja58QzyvlBnXSTfDSIbLJ73FDXIkX36K2+Cra5w13o6VtnErHOS7j3tjK0
mdfuPwCk+vV8HZSwUyry1jusITTD/VfakqBhu6wQZXtTvLPMxKA8TMAZigBDgBTQ
/xgm5gWd/bb/uLUU3Qw2GhGZ31SLE9Qe7wRaOtSHZTLkytDfLdaJyuC52wosX6le
snJSzwxK8Istwh0JfJw+l8Hs2Xvg7x58idzBOe+NFp1GUUfySUWfkMrwIQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFD623wQvZhZdiEvUuVQDrgbSnmuoMB8GA1UdIwQY
MBaAFBzPM894R3MTxzguibF1c+1oWIuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE04enozaEhjeFBIT0M2SnNYVno3V2hZaTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZWYyN2UtOTkwMy00YzNmLTgwN2Mt
MTI4ZTAwNTNkY2NmLzEvUHJiZkJDOW1GbDJJUzlTNVZBT3VCdEtlYTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZWYyN2UtOTkwMy00YzNmLTgwN2MtMTI4ZTAwNTNkY2Nm
LzEvSE04enozaEhjeFBIT0M2SnNYVno3V2hZaTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBAIqFOwD
BwAqFOwAAAIwDQYJKoZIhvcNAQELBQADggEBAJEAMz17ERk6cwiwvV8ZJxU9WBkm
HqNCcA4kxk7v5yJwmrFLBFUlD856GVZpTMnrMADh+EbTvcnt0PxtZIRJSP87LEBu
5fDKAIIux95XwjXnTSLnSrR3D7llFNFFn7aXjGsLasNTICtYg370tIatjS1PSHIr
NCcDm5RE4LjRArVh3z/Ai0cZfFu/fXsYiiGmZHUPD6VRQRvMh+KDewmmCRUxH4Vt
lYGMcATNjQnTZN/I3EyLhgTMzKaiXuwqQ5vQjphjhGd8Ksg86pS8e+Sjr9ziWvVx
kJ99I26Ve2EFRrvSDxMxbDD1BK71bEqc7iMW6JiV2Wry5m7o8E1PJtXoXbA=
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:49:19 2025 by rpki-client