Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hVKLtz22y98nqkBSeXVYGSzBPNE.roa
File: hVKLtz22y98nqkBSeXVYGSzBPNE.roa (raw, json)
Hash identifier: rOMXklOe3V8zMzzYN2SWY+LZ6veEJUsp8VI/z/ud3qI=
Subject key identifier: 85:52:8B:B7:3D:B6:CB:DF:27:AA:40:52:79:75:58:19:2C:C1:3C:D1
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018CC5DD21BCD5CD0D9D38675B744AD31FCB
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hVKLtz22y98nqkBSeXVYGSzBPNE.roa
Signing time: Mon 01 Jan 2024 16:30:52 +0000
ROA not before: Mon 01 Jan 2024 16:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210852
IP address blocks: 2a11:df40::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:21:bc:d5:cd:0d:9d:38:67:5b:74:4a:d3:1f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jan 1 16:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85528bb73db6cbdf27aa4052797558192cc13cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e3:6b:fb:0a:2b:02:71:00:6d:42:00:7b:15:
35:e0:bc:a2:ba:26:1d:a2:d4:bd:07:72:7c:1d:0a:
2f:c9:47:04:72:81:ba:f6:df:cb:6f:6f:11:33:44:
23:6e:3a:3f:ea:aa:05:6c:70:4d:f1:12:98:6d:1c:
47:46:2d:78:8c:9a:b0:43:45:8f:60:d0:dc:d8:86:
68:77:15:31:e9:fb:b5:e0:39:94:92:28:ee:d6:cc:
1b:91:26:49:cf:a4:45:c2:ec:01:15:56:b7:85:39:
8d:99:69:21:55:82:37:9c:e1:f4:0d:cb:6e:d6:7e:
f5:c1:9d:5b:97:34:70:7b:16:6b:a8:77:12:58:fb:
70:af:e5:b2:bc:b1:8d:28:6b:e8:dd:3f:41:f2:f7:
92:9f:ab:e2:e9:64:03:8c:f3:17:f5:d0:ad:3b:60:
d0:94:23:b8:f6:3d:9d:40:b8:6f:9e:09:60:33:e6:
4b:e8:7e:f8:e6:cd:5e:bb:1e:0a:c5:ab:54:f5:6d:
cf:a4:e6:d1:e7:09:e6:f3:79:ca:6a:19:13:2e:16:
e9:44:ec:10:60:0b:b9:fa:48:2a:17:9d:ce:1d:12:
f0:bd:22:c1:45:14:9a:a8:db:7e:ae:e5:0b:5c:97:
07:cb:0e:c9:5e:05:b4:f8:db:c2:aa:14:1d:dd:97:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:52:8B:B7:3D:B6:CB:DF:27:AA:40:52:79:75:58:19:2C:C1:3C:D1
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hVKLtz22y98nqkBSeXVYGSzBPNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8481::/32
2a11:df40::/32
Signature Algorithm: sha256WithRSAEncryption
5c:71:d2:bd:84:60:f8:fa:5e:9a:5b:41:a3:12:e5:0f:a6:c3:
36:ca:c9:88:89:82:e8:ec:8b:50:25:52:4a:e7:6d:2c:bd:43:
52:f4:b6:54:f1:ab:ad:66:54:a4:35:bd:f6:09:44:2e:ae:d1:
55:20:4c:26:e2:b8:63:48:d8:8a:a0:6d:67:19:06:f2:25:a5:
b5:e5:38:3a:33:9c:ee:70:5c:46:43:27:96:21:dd:84:b0:e2:
e7:63:a6:5a:56:86:f4:ee:45:8d:be:8c:88:7c:d4:6e:e9:0c:
6c:f6:56:ca:66:8c:c3:ae:4d:fe:99:c8:af:6a:bb:8a:10:44:
f6:29:75:c3:3c:c5:8d:9e:63:6d:07:3b:4f:bb:42:ab:2f:07:
b4:66:ab:bc:bb:96:d1:c1:18:a9:18:29:ac:3a:f5:37:87:8b:
de:90:be:fd:ed:0b:f5:3c:34:95:c0:44:3b:a3:c5:f3:86:84:
68:2f:e1:e0:29:03:13:95:ec:db:19:63:e7:34:37:42:af:a6:
8b:67:ef:3c:68:0f:42:6b:1d:d2:e3:18:e1:2d:f9:89:30:60:
12:d7:16:18:dc:2d:a9:41:03:6b:df:b9:de:a2:8c:e0:5e:cb:
3c:8b:ee:b2:61:02:20:f2:5a:7a:9f:0b:8f:fb:f3:69:b6:21:
a3:64:f1:75
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzF3SG81c0NnThnW3RK0x/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjQwMTAxMTYzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTUyOGJiNzNkYjZjYmRmMjdhYTQwNTI3OTc1NTgxOTJjYzEzY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+Nr+worAnEAbUIAexU14LyiuiYd
otS9B3J8HQovyUcEcoG69t/Lb28RM0Qjbjo/6qoFbHBN8RKYbRxHRi14jJqwQ0WP
YNDc2IZodxUx6fu14DmUkiju1swbkSZJz6RFwuwBFVa3hTmNmWkhVYI3nOH0Dctu
1n71wZ1blzRwexZrqHcSWPtwr+WyvLGNKGvo3T9B8veSn6vi6WQDjPMX9dCtO2DQ
lCO49j2dQLhvnglgM+ZL6H745s1eux4KxatU9W3PpObR5wnm83nKahkTLhbpROwQ
YAu5+kgqF53OHRLwvSLBRRSaqNt+ruULXJcHyw7JXgW0+NvCqhQd3ZcQxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIVSi7c9tsvfJ6pAUnl1WBkswTzRMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvaFZLTHR6MjJ5OThucWtCU2VYVllHU3pCUE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhGEgQMF
ACoR30AwDQYJKoZIhvcNAQELBQADggEBAFxx0r2EYPj6XppbQaMS5Q+mwzbKyYiJ
gujsi1AlUkrnbSy9Q1L0tlTxq61mVKQ1vfYJRC6u0VUgTCbiuGNI2IqgbWcZBvIl
pbXlODoznO5wXEZDJ5Yh3YSw4udjplpWhvTuRY2+jIh81G7pDGz2VspmjMOuTf6Z
yK9qu4oQRPYpdcM8xY2eY20HO0+7QqsvB7Rmq7y7ltHBGKkYKaw69TeHi96Qvv3t
C/U8NJXARDujxfOGhGgv4eApAxOV7NsZY+c0N0Kvpotn7zxoD0JrHdLjGOEt+Ykw
YBLXFhjcLalBA2vfud6ijOBeyzyL7rJhAiDyWnqfC4/782m2IaNk8XU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:57 2025 by rpki-client