Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/IO35Muv-BryoM0I1ZKBw4gQAssI.roa
File: IO35Muv-BryoM0I1ZKBw4gQAssI.roa (raw, json)
Hash identifier: /HIdjuk2TTG+JsiNcy4Oe8mhBPP53nj2Gqq6oeor96M=
Subject key identifier: 20:ED:F9:32:EB:FE:06:BC:A8:33:42:35:64:A0:70:E2:04:00:B2:C2
Certificate issuer: /CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
Certificate serial: 018CC26D33B6915732894361EDFE5963E341
Authority key identifier: 89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/IO35Muv-BryoM0I1ZKBw4gQAssI.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2001:678:f64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:33:b6:91:57:32:89:43:61:ed:fe:59:63:e3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20edf932ebfe06bca833423564a070e20400b2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:a5:09:f1:d9:3a:0f:39:47:5c:ce:d9:23:
2f:61:ab:18:42:14:90:a6:57:88:83:14:db:13:0e:
44:6a:59:e8:11:0d:b3:45:78:cd:48:4b:cf:99:b2:
53:c5:9b:33:c5:a4:76:f9:9d:a1:f0:00:98:8e:60:
f6:a3:0f:48:db:d0:3d:b1:6d:f5:30:64:5d:c0:ca:
59:bd:23:14:62:ef:b8:5f:2a:81:08:26:cf:28:55:
46:fc:a9:1a:86:cb:e2:61:ec:25:4e:c1:4a:23:a5:
8d:47:44:8d:98:2f:ab:f2:d5:fc:e6:3c:c5:fb:91:
34:34:b2:0f:75:fc:99:d2:f7:47:dc:fa:09:04:17:
25:57:bc:14:07:60:38:f5:a7:a5:ec:27:f3:cc:6d:
b3:87:d1:19:fa:c5:77:f7:16:9c:9f:e3:d4:55:1c:
c7:66:b9:3c:1f:0e:34:6e:67:0e:16:fd:05:4d:5a:
84:3b:6a:51:41:cf:03:42:4d:5f:e2:3c:17:52:4b:
c5:15:64:7e:0d:1b:18:3d:2d:bc:d4:ee:ed:a5:bd:
e0:f7:6c:1c:f0:c1:58:a1:9c:f9:c2:75:77:3b:1c:
67:64:6d:8e:57:6f:5c:4f:2f:95:4b:10:50:72:41:
5f:8d:fb:77:26:9b:9f:22:d5:b7:a6:6e:2f:95:65:
b6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:ED:F9:32:EB:FE:06:BC:A8:33:42:35:64:A0:70:E2:04:00:B2:C2
X509v3 Authority Key Identifier:
keyid:89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/IO35Muv-BryoM0I1ZKBw4gQAssI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f64::/48
Signature Algorithm: sha256WithRSAEncryption
e1:19:bc:10:d2:98:bd:1e:a0:03:bd:d7:22:da:c2:49:0a:2b:
6e:35:a2:bd:db:d9:b2:b5:e6:b8:7c:ab:5c:24:dc:87:ae:5d:
d4:f8:ee:ce:26:62:23:84:0a:d8:3d:ef:33:be:3e:3a:bd:8d:
66:10:fc:0c:8b:27:00:e7:54:a7:19:a9:7a:36:c5:0c:87:cc:
69:7a:72:55:2e:e9:f9:23:87:2c:6a:3b:81:23:b8:45:ff:be:
5c:13:74:05:2c:49:3f:8c:84:e7:8a:bd:e2:90:e6:f6:d3:bc:
e1:a1:26:71:32:15:04:4f:7b:b1:a2:81:9b:b0:98:ba:df:d4:
38:22:b3:92:da:6e:3d:6e:9e:d0:96:22:0b:b0:55:49:c2:cb:
19:d1:d2:1e:0d:6c:f6:8f:9b:8a:d0:68:2e:cb:06:e5:d9:c9:
ca:c0:00:4d:38:ae:0e:c2:1a:ab:e1:93:9f:e6:8c:2b:8a:ff:
50:b6:4e:d6:4c:d4:a5:06:7b:fb:61:0d:e5:86:30:6f:dc:2c:
79:43:e3:ad:0f:b2:93:8b:f2:a5:63:33:aa:e7:c7:7f:0e:41:
2b:c2:0e:a4:e6:36:ad:13:1e:f4:e5:ba:2a:79:d6:e1:b8:55:
42:a3:e9:30:a2:91:3e:62:71:db:39:24:4d:03:57:4d:ea:04:
cb:4c:9d:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbTO2kVcyiUNh7f5ZY+NBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YmQ1NGU3ZDY5YzE0N2Q2YjU2ZjhjNmEyMDlkM2RlYWVh
Mjc3ZGQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGVkZjkzMmViZmUwNmJjYTgzMzQyMzU2NGEwNzBlMjA0MDBiMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7WlCfHZOg85R1zO2SMvYasYQhSQ
pleIgxTbEw5EalnoEQ2zRXjNSEvPmbJTxZszxaR2+Z2h8ACYjmD2ow9I29A9sW31
MGRdwMpZvSMUYu+4XyqBCCbPKFVG/KkahsviYewlTsFKI6WNR0SNmC+r8tX85jzF
+5E0NLIPdfyZ0vdH3PoJBBclV7wUB2A49ael7CfzzG2zh9EZ+sV39xacn+PUVRzH
Zrk8Hw40bmcOFv0FTVqEO2pRQc8DQk1f4jwXUkvFFWR+DRsYPS281O7tpb3g92wc
8MFYoZz5wnV3OxxnZG2OV29cTy+VSxBQckFfjft3JpufItW3pm4vlWW2ywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCDt+TLr/ga8qDNCNWSgcOIEALLCMB8GA1UdIwQY
MBaAFIm9VOfWnBR9a1b4xqIJ096uonfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQt
ZGIyMjdjNDk2ODA0LzEvSU8zNU11di1CcnlvTTBJMVpLQnc0Z1FBc3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQtZGIyMjdjNDk2ODA0
LzEvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9k
MA0GCSqGSIb3DQEBCwUAA4IBAQDhGbwQ0pi9HqADvdci2sJJCituNaK929mytea4
fKtcJNyHrl3U+O7OJmIjhArYPe8zvj46vY1mEPwMiycA51SnGal6NsUMh8xpenJV
Lun5I4csajuBI7hF/75cE3QFLEk/jITnir3ikOb207zhoSZxMhUET3uxooGbsJi6
39Q4IrOS2m49bp7QliILsFVJwssZ0dIeDWz2j5uK0Gguywbl2cnKwABNOK4Owhqr
4ZOf5owriv9Qtk7WTNSlBnv7YQ3lhjBv3Cx5Q+OtD7KTi/KlYzOq58d/DkErwg6k
5jatEx705boqedbhuFVCo+kwopE+YnHbOSRNA1dN6gTLTJ1k
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:49 2025 by rpki-client