Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/777a60-6de1-4dfb-b965-26222f0955ae/1/xRjKSCzbuqdGKUv4uad967-9e-0.roa
File: xRjKSCzbuqdGKUv4uad967-9e-0.roa (raw, json)
Hash identifier: EObLzfwvGmwvtoWMDq/rqs54pHTgGUyZTiJQR4KNNzg=
Subject key identifier: C5:18:CA:48:2C:DB:BA:A7:46:29:4B:F8:B9:A7:7D:EB:BF:BD:7B:ED
Certificate issuer: /CN=c5471397cf5ec399aa0eec5c3173b1f3040723a9
Certificate serial: 018CC64AFEE0AFB524A88ECBA678CCA5AFD1
Authority key identifier: C5:47:13:97:CF:5E:C3:99:AA:0E:EC:5C:31:73:B1:F3:04:07:23:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUcTl89ew5mqDuxcMXOx8wQHI6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/777a60-6de1-4dfb-b965-26222f0955ae/1/xRjKSCzbuqdGKUv4uad967-9e-0.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212170
IP address blocks: 2001:678:ba8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fe:e0:af:b5:24:a8:8e:cb:a6:78:cc:a5:af:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5471397cf5ec399aa0eec5c3173b1f3040723a9
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c518ca482cdbbaa746294bf8b9a77debbfbd7bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e2:a5:bc:2d:8b:eb:41:97:b6:6a:94:85:4c:
46:aa:90:fa:2a:70:a2:de:cf:41:05:e5:bb:50:96:
ee:94:86:a0:b9:67:64:01:71:68:33:42:be:57:44:
13:ac:49:fa:89:2e:59:ce:36:01:60:9c:51:6e:2c:
85:98:8a:fc:38:18:45:65:39:66:8f:67:61:5f:19:
94:d3:4a:0a:39:43:3a:18:8e:18:eb:2a:8c:40:f6:
b5:5d:ae:f4:6f:c3:a8:04:81:1a:6e:1c:be:0f:f6:
a1:6f:86:29:a2:71:43:c3:6d:a9:40:5c:8e:92:d4:
95:58:a5:e0:09:af:aa:ed:79:71:65:12:76:88:f6:
49:02:aa:10:0b:2b:34:33:1d:46:ed:c9:6c:0c:ce:
0a:b9:4f:cc:ea:84:b0:74:f0:f0:9e:56:9a:52:ea:
eb:84:d4:1e:a1:f0:0e:79:33:f5:3a:49:60:fb:d8:
d1:de:28:77:26:93:97:a1:1e:a9:73:71:84:2c:7b:
1b:3a:69:9c:91:97:cb:27:e6:e7:07:21:ec:58:f5:
95:ee:fe:54:fb:ed:65:46:8e:d1:70:b9:2b:36:96:
03:64:65:5b:a1:48:46:31:3b:f2:a8:d9:69:3f:1c:
25:ff:20:72:4f:d3:d7:b0:7b:4b:2a:f6:7d:11:55:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:18:CA:48:2C:DB:BA:A7:46:29:4B:F8:B9:A7:7D:EB:BF:BD:7B:ED
X509v3 Authority Key Identifier:
keyid:C5:47:13:97:CF:5E:C3:99:AA:0E:EC:5C:31:73:B1:F3:04:07:23:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUcTl89ew5mqDuxcMXOx8wQHI6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/777a60-6de1-4dfb-b965-26222f0955ae/1/xRjKSCzbuqdGKUv4uad967-9e-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/777a60-6de1-4dfb-b965-26222f0955ae/1/xUcTl89ew5mqDuxcMXOx8wQHI6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ba8::/48
Signature Algorithm: sha256WithRSAEncryption
3a:01:d9:c4:32:32:d1:a4:2c:43:e6:10:33:64:fd:a3:2f:bd:
c2:c4:fd:1f:f8:e5:5c:e5:98:1d:60:4f:c1:a0:33:44:a6:8c:
14:93:c9:c6:a0:c3:86:1e:ee:a4:6b:34:34:08:78:2d:19:45:
d5:52:64:94:8a:bb:5d:89:91:81:c6:e7:87:1b:40:fd:9b:26:
a5:47:84:cc:cb:11:fa:fc:e8:6c:bc:0b:ea:e0:0b:7c:28:95:
6d:35:8a:fc:7a:76:fa:66:4d:c0:bf:5c:9b:b9:56:dc:d3:d6:
d3:54:79:9a:d6:fc:12:1a:8e:df:8a:8e:19:f2:9d:b2:08:65:
6c:1b:34:73:36:c4:16:85:33:dd:53:73:7d:a1:68:be:3b:64:
92:49:f5:4f:fa:73:5e:ba:44:9b:98:a3:ba:68:75:ae:49:bd:
f2:6e:f7:a9:21:e2:b2:13:8e:04:2c:a3:95:39:d0:09:df:39:
21:28:22:e6:e1:44:38:e4:0b:2a:7a:f1:33:1b:93:4d:40:27:
22:e1:95:44:45:d1:8b:3a:f5:91:fa:49:43:b9:fe:0a:0c:7b:
75:a3:f2:67:71:7e:ad:fe:e8:c4:71:2b:35:d4:0b:49:3d:1b:
08:9e:69:5a:8f:20:c7:a0:61:c4:31:e2:2d:9f:99:e2:18:fd:
07:a1:a5:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSv7gr7UkqI7LpnjMpa/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDcxMzk3Y2Y1ZWMzOTlhYTBlZWM1YzMxNzNiMWYzMDQw
NzIzYTkwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTE4Y2E0ODJjZGJiYWE3NDYyOTRiZjhiOWE3N2RlYmJmYmQ3YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeKlvC2L60GXtmqUhUxGqpD6KnCi
3s9BBeW7UJbulIaguWdkAXFoM0K+V0QTrEn6iS5ZzjYBYJxRbiyFmIr8OBhFZTlm
j2dhXxmU00oKOUM6GI4Y6yqMQPa1Xa70b8OoBIEabhy+D/ahb4YponFDw22pQFyO
ktSVWKXgCa+q7XlxZRJ2iPZJAqoQCys0Mx1G7clsDM4KuU/M6oSwdPDwnlaaUurr
hNQeofAOeTP1Oklg+9jR3ih3JpOXoR6pc3GELHsbOmmckZfLJ+bnByHsWPWV7v5U
++1lRo7RcLkrNpYDZGVboUhGMTvyqNlpPxwl/yByT9PXsHtLKvZ9EVV8eQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMUYykgs27qnRilL+Lmnfeu/vXvtMB8GA1UdIwQY
MBaAFMVHE5fPXsOZqg7sXDFzsfMEByOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFVjVGw4OWV3NW1xRHV4Y01YT3g4d1FISTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83NzdhNjAtNmRlMS00ZGZiLWI5NjUt
MjYyMjJmMDk1NWFlLzEveFJqS1NDemJ1cWRHS1V2NHVhZDk2Ny05ZS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83NzdhNjAtNmRlMS00ZGZiLWI5NjUtMjYyMjJmMDk1NWFl
LzEveFVjVGw4OWV3NW1xRHV4Y01YT3g4d1FISTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAuo
MA0GCSqGSIb3DQEBCwUAA4IBAQA6AdnEMjLRpCxD5hAzZP2jL73CxP0f+OVc5Zgd
YE/BoDNEpowUk8nGoMOGHu6kazQ0CHgtGUXVUmSUirtdiZGBxueHG0D9myalR4TM
yxH6/OhsvAvq4At8KJVtNYr8enb6Zk3Av1ybuVbc09bTVHma1vwSGo7fio4Z8p2y
CGVsGzRzNsQWhTPdU3N9oWi+O2SSSfVP+nNeukSbmKO6aHWuSb3ybvepIeKyE44E
LKOVOdAJ3zkhKCLm4UQ45AsqevEzG5NNQCci4ZVERdGLOvWR+klDuf4KDHt1o/Jn
cX6t/ujEcSs11AtJPRsInmlajyDHoGHEMeItn5niGP0HoaUn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:09 2025 by rpki-client