Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/1lBnXcM8cRna9SgePs0BZ9XyAbk.roa
File: 1lBnXcM8cRna9SgePs0BZ9XyAbk.roa (raw, json)
Hash identifier: KLU5SbqQoBRe6FQzc6L0CFnSDQ0SxHWzP+oUbDvsBY4=
Subject key identifier: D6:50:67:5D:C3:3C:71:19:DA:F5:28:1E:3E:CD:01:67:D5:F2:01:B9
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 018CC3494B90D32084AB7DD38D54E246F96E
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/1lBnXcM8cRna9SgePs0BZ9XyAbk.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 2001:678:804::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4b:90:d3:20:84:ab:7d:d3:8d:54:e2:46:f9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d650675dc33c7119daf5281e3ecd0167d5f201b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:75:e3:49:8d:3d:8f:1f:38:90:d7:76:41:
31:19:76:7a:74:58:c8:bf:a8:01:e2:1e:f0:e2:01:
fc:e2:b0:78:20:82:84:06:52:aa:e6:40:2d:a5:01:
9c:41:f8:98:11:df:19:56:0e:a1:fc:e9:eb:2d:0d:
60:44:3b:9b:10:22:29:67:63:67:05:e3:64:09:52:
13:03:f0:24:c6:8b:5e:e0:1f:63:ec:0b:1f:17:7f:
05:68:f0:84:50:ee:10:fd:97:fb:6b:cf:11:71:e1:
19:ca:0d:16:c5:5d:9b:b6:b9:fe:2e:b4:ae:01:c2:
25:6c:14:ae:1a:91:bf:51:66:fc:6d:ce:a3:61:35:
fa:cf:8c:f9:1c:e6:0e:67:4e:bb:14:8e:a9:f7:61:
be:1f:d6:28:24:e1:9a:89:99:e3:ba:71:2f:8d:cf:
2f:a1:a6:5a:84:a4:c0:64:15:bb:ec:bf:bb:74:6a:
71:d9:37:45:48:8b:59:29:79:7c:35:aa:24:4e:e5:
59:f1:73:44:ed:a2:d3:5f:bd:e6:c6:ba:fb:f0:42:
5d:3f:01:2a:01:af:70:a9:a0:85:6b:d8:c0:00:c7:
14:be:64:ce:6e:a3:4f:0d:81:fd:df:24:93:b6:48:
c5:cb:54:9a:64:fe:f1:49:47:c1:ea:ac:37:96:ac:
1f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:50:67:5D:C3:3C:71:19:DA:F5:28:1E:3E:CD:01:67:D5:F2:01:B9
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/1lBnXcM8cRna9SgePs0BZ9XyAbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:804::/48
Signature Algorithm: sha256WithRSAEncryption
ab:bc:9d:29:49:e5:da:77:ee:ac:c2:99:3b:0c:43:65:f9:24:
81:36:29:96:d2:77:57:61:88:bb:d0:9e:4b:80:d4:32:c1:6a:
86:15:66:2f:01:fd:ed:06:ec:49:c2:c8:18:80:de:94:f6:22:
17:c1:ed:4a:51:90:c3:02:8c:08:d2:e3:bd:3e:e1:f1:4d:8a:
51:2f:b8:70:50:4d:59:9f:89:83:00:76:e7:36:da:21:1b:14:
6c:7e:c4:a4:69:f4:7d:9c:9c:36:ab:cc:56:6c:bf:21:6b:57:
35:36:5b:5d:c8:51:e5:79:92:5b:dd:60:b7:e4:ff:58:c0:3e:
66:0b:a7:3e:ef:6b:41:ec:55:8a:75:d7:79:53:7c:5e:88:11:
da:25:54:d6:9b:f4:eb:a8:72:b3:ee:20:08:3e:ee:b2:a2:c7:
28:c7:02:eb:58:3c:e5:82:30:d4:3c:4a:af:36:3b:e5:ca:44:
5d:33:a6:1d:69:3e:20:d8:4d:21:69:70:cc:f7:c6:15:90:a9:
2c:51:7a:d9:20:e0:d6:ee:a2:08:bf:89:d0:d5:f3:a4:fd:53:
c0:8a:53:79:c6:a4:a0:3b:5c:89:15:dd:12:aa:31:38:43:9b:
43:41:68:de:45:39:50:12:28:ca:5d:43:56:bd:c2:dc:b2:2a:
b5:21:c5:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSUuQ0yCEq33TjVTiRvluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjUwNjc1ZGMzM2M3MTE5ZGFmNTI4MWUzZWNkMDE2N2Q1ZjIwMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk45140mNPY8fOJDXdkExGXZ6dFjI
v6gB4h7w4gH84rB4IIKEBlKq5kAtpQGcQfiYEd8ZVg6h/OnrLQ1gRDubECIpZ2Nn
BeNkCVITA/Akxote4B9j7AsfF38FaPCEUO4Q/Zf7a88RceEZyg0WxV2btrn+LrSu
AcIlbBSuGpG/UWb8bc6jYTX6z4z5HOYOZ067FI6p92G+H9YoJOGaiZnjunEvjc8v
oaZahKTAZBW77L+7dGpx2TdFSItZKXl8NaokTuVZ8XNE7aLTX73mxrr78EJdPwEq
Aa9wqaCFa9jAAMcUvmTObqNPDYH93ySTtkjFy1SaZP7xSUfB6qw3lqwf6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNZQZ13DPHEZ2vUoHj7NAWfV8gG5MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEvMWxCblhjTThjUm5hOVNnZVBzMEJaOVh5QWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAgE
MA0GCSqGSIb3DQEBCwUAA4IBAQCrvJ0pSeXad+6swpk7DENl+SSBNimW0ndXYYi7
0J5LgNQywWqGFWYvAf3tBuxJwsgYgN6U9iIXwe1KUZDDAowI0uO9PuHxTYpRL7hw
UE1Zn4mDAHbnNtohGxRsfsSkafR9nJw2q8xWbL8ha1c1NltdyFHleZJb3WC35P9Y
wD5mC6c+72tB7FWKddd5U3xeiBHaJVTWm/TrqHKz7iAIPu6yoscoxwLrWDzlgjDU
PEqvNjvlykRdM6YdaT4g2E0haXDM98YVkKksUXrZIODW7qIIv4nQ1fOk/VPAilN5
xqSgO1yJFd0SqjE4Q5tDQWjeRTlQEijKXUNWvcLcsiq1IcU+
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:23:41 2025 by rpki-client