Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eV5EIRardteFgKoaaLk6jaF-x3k.roa
File: eV5EIRardteFgKoaaLk6jaF-x3k.roa (raw, json)
Hash identifier: h7fMWK0iDzaWC0AWz/5nA6SHiBKOfX4ch54oD5ziOrM=
Subject key identifier: 79:5E:44:21:16:AB:76:D7:85:80:AA:1A:68:B9:3A:8D:A1:7E:C7:79
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D3B9DB60CC934E2C65D061EBD42EF
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eV5EIRardteFgKoaaLk6jaF-x3k.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210311
IP address blocks: 2a0e:aa01:aa00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3b:9d:b6:0c:c9:34:e2:c6:5d:06:1e:bd:42:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=795e442116ab76d78580aa1a68b93a8da17ec779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cb:22:3c:3c:0a:01:f0:63:d7:f9:6f:29:a6:
3b:1c:bc:59:df:54:66:f3:1c:72:39:70:a0:17:fe:
8b:16:7e:70:d8:72:5b:5a:97:04:aa:57:e9:0a:9b:
74:d6:98:f3:99:8f:45:3f:19:48:29:07:f5:01:48:
72:34:99:5b:e2:a6:b7:85:14:9e:31:db:05:7f:14:
30:f2:99:f1:1b:6a:0e:9f:49:84:1c:7a:04:92:2b:
9b:27:f5:85:cc:ae:8d:22:fd:ce:18:31:d5:13:16:
5a:39:dc:95:4d:81:fb:77:37:12:06:cd:02:49:7a:
38:10:10:e4:d8:12:fe:d0:25:a4:34:a3:fa:54:ba:
d8:a9:c0:b1:1b:b7:54:0d:6a:08:22:79:aa:b7:a7:
9f:e8:89:e8:13:aa:19:4d:b1:18:89:b7:86:13:a0:
c3:dd:28:88:7c:23:e8:a0:30:b7:38:6c:c0:18:09:
6d:71:2c:4f:87:54:8b:07:cf:ef:9b:07:5c:94:a0:
2d:31:70:d5:04:58:32:23:3c:9d:d4:c9:c8:ad:40:
57:ee:44:5b:03:65:71:a8:4c:8f:4c:ee:bc:cb:04:
69:0b:38:00:17:18:ae:07:b8:f6:fe:8a:3f:f5:79:
03:f6:82:d6:3e:f6:a6:86:e6:e2:9a:c2:aa:c6:60:
2d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5E:44:21:16:AB:76:D7:85:80:AA:1A:68:B9:3A:8D:A1:7E:C7:79
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/eV5EIRardteFgKoaaLk6jaF-x3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01:aa00::/40
Signature Algorithm: sha256WithRSAEncryption
75:79:06:43:6c:e9:20:be:6b:38:70:3b:28:6f:61:c8:5a:d4:
5a:fc:e6:38:f9:75:7c:82:67:8e:54:22:4c:0b:d3:d5:43:d3:
fa:65:01:55:87:63:14:8c:85:80:92:70:bf:72:ed:3f:c7:55:
69:45:65:39:32:5b:34:57:e8:9f:79:ba:e6:9b:53:ed:91:5f:
d1:c4:f3:5a:3c:0c:d6:be:84:8a:77:54:e2:7f:e0:b2:2b:b8:
bd:b8:5a:e4:6a:18:dd:57:32:00:26:a4:51:95:e3:d3:b5:cc:
10:26:6f:ff:17:8b:c8:24:cc:31:90:2c:1b:b1:4d:5c:fa:2e:
4d:bd:bd:db:ca:3d:a5:90:3b:17:4d:47:81:92:34:83:a1:23:
7f:c3:dc:44:3f:12:cb:59:f1:af:b3:d8:8e:3e:2e:94:e4:4e:
55:18:48:4d:3f:ae:41:7e:7c:7e:c0:1d:27:24:22:45:80:2b:
9b:7d:23:dd:08:55:2f:53:64:1c:b9:1a:2f:41:dc:d6:3d:f7:
5e:1d:ff:86:6a:ce:8d:b3:66:7b:72:67:8d:3a:ba:ef:6d:7a:
9f:cc:eb:ba:4d:5c:59:aa:b7:d7:54:8c:e8:55:05:bc:e8:3e:
b4:fd:e6:a0:98:72:2e:c4:8c:73:94:eb:9d:94:6e:9d:de:2f:
7b:29:ec:dc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzCbTudtgzJNOLGXQYevULvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVlNDQyMTE2YWI3NmQ3ODU4MGFhMWE2OGI5M2E4ZGExN2VjNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8siPDwKAfBj1/lvKaY7HLxZ31Rm
8xxyOXCgF/6LFn5w2HJbWpcEqlfpCpt01pjzmY9FPxlIKQf1AUhyNJlb4qa3hRSe
MdsFfxQw8pnxG2oOn0mEHHoEkiubJ/WFzK6NIv3OGDHVExZaOdyVTYH7dzcSBs0C
SXo4EBDk2BL+0CWkNKP6VLrYqcCxG7dUDWoIInmqt6ef6InoE6oZTbEYibeGE6DD
3SiIfCPooDC3OGzAGAltcSxPh1SLB8/vmwdclKAtMXDVBFgyIzyd1MnIrUBX7kRb
A2VxqEyPTO68ywRpCzgAFxiuB7j2/oo/9XkD9oLWPvamhubimsKqxmAthwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHleRCEWq3bXhYCqGmi5Oo2hfsd5MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvZVY1RUlSYXJkdGVGZ0tvYWFMazZqYUYteDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6qAaow
DQYJKoZIhvcNAQELBQADggEBAHV5BkNs6SC+azhwOyhvYcha1Fr85jj5dXyCZ45U
IkwL09VD0/plAVWHYxSMhYCScL9y7T/HVWlFZTkyWzRX6J95uuabU+2RX9HE81o8
DNa+hIp3VOJ/4LIruL24WuRqGN1XMgAmpFGV49O1zBAmb/8Xi8gkzDGQLBuxTVz6
Lk29vdvKPaWQOxdNR4GSNIOhI3/D3EQ/EstZ8a+z2I4+LpTkTlUYSE0/rkF+fH7A
HSckIkWAK5t9I90IVS9TZBy5Gi9B3NY9914d/4Zqzo2zZntyZ406uu9tep/M67pN
XFmqt9dUjOhVBbzoPrT95qCYci7EjHOU652Ubp3eL3sp7Nw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:46 2025 by rpki-client