Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/rXOkjlNbRlLzHT6J60U_OH5y3HA.roa
File: rXOkjlNbRlLzHT6J60U_OH5y3HA.roa (raw, json)
Hash identifier: SUuyPALyKVl7ryD3b2L9QPZbavfOZZCvCHC+FpcPV8s=
Subject key identifier: AD:73:A4:8E:53:5B:46:52:F3:1D:3E:89:EB:45:3F:38:7E:72:DC:70
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018CF2759338F042F32AAC97342E5A81EEDD
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/rXOkjlNbRlLzHT6J60U_OH5y3HA.roa
Signing time: Wed 10 Jan 2024 08:20:40 +0000
ROA not before: Wed 10 Jan 2024 08:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47596
IP address blocks: 2a11:8480::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jan 2024 06:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:75:93:38:f0:42:f3:2a:ac:97:34:2e:5a:81:ee:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jan 10 08:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad73a48e535b4652f31d3e89eb453f387e72dc70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:0d:f0:ed:79:30:0c:d4:8b:8b:c2:ec:47:
20:bb:b5:0c:78:40:b4:5a:8a:c8:89:b4:f6:bb:b8:
fc:f2:60:1a:9e:57:42:22:4c:68:f5:88:1c:91:1c:
35:9a:89:2a:82:ca:ae:67:48:83:69:35:6c:3a:0c:
e7:82:1a:80:a9:97:a0:b2:38:5b:61:74:49:fc:b5:
66:a7:b8:a9:f7:d8:1e:32:f3:07:b6:bf:bc:49:b0:
03:f3:2a:4c:9a:c7:d7:c3:d0:ce:31:5c:b9:89:47:
86:fd:80:53:7d:49:43:e5:d1:17:45:c8:40:20:e7:
be:13:a1:2c:4e:9c:9f:89:53:c4:4f:9f:32:e0:98:
3f:84:9f:20:00:65:5e:fd:a7:0d:dd:91:69:30:81:
26:da:b1:7c:cb:9b:40:7e:10:30:e8:1c:51:b6:7c:
40:f1:0b:c2:2b:4c:91:a1:c2:30:34:61:fd:eb:4b:
f5:4f:f7:b6:e5:4a:15:ea:38:45:4c:33:32:2f:1a:
b8:1a:ab:27:60:44:82:0c:4e:38:b5:98:c9:a5:fc:
7a:a7:ea:8d:19:ab:63:74:f5:f2:ad:48:e1:b0:53:
6b:b8:75:0e:5a:38:33:76:07:4a:fb:3b:5b:33:68:
68:e6:58:bf:f3:af:55:d7:60:0e:06:da:ea:b4:5d:
5b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:73:A4:8E:53:5B:46:52:F3:1D:3E:89:EB:45:3F:38:7E:72:DC:70
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/rXOkjlNbRlLzHT6J60U_OH5y3HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8480::/32
Signature Algorithm: sha256WithRSAEncryption
26:24:d1:57:96:20:55:c0:75:b9:13:d9:52:20:2c:7c:33:3a:
c6:07:32:b7:5a:42:39:cb:39:e9:77:74:f4:28:e2:9c:35:4f:
80:dd:b6:c0:34:74:40:ae:05:50:4d:46:ba:3d:75:bd:33:61:
9e:f8:46:2b:10:c3:d4:19:7e:70:43:77:0e:e7:02:64:30:93:
66:b4:5e:25:c1:eb:c9:f2:6a:d6:f8:45:40:79:51:0c:10:f9:
18:ea:62:5b:79:b5:ee:8f:f9:4a:fe:d2:09:a9:a2:88:60:bd:
4f:b4:3a:71:76:dd:42:18:ae:d7:fd:69:a6:43:cc:6f:e3:81:
d8:56:cb:1c:b7:eb:1a:09:a1:d5:cb:ef:72:6f:0d:16:ba:40:
ce:89:59:12:90:b0:62:94:22:57:50:f3:d1:4f:6b:92:ba:3e:
f1:8e:3a:42:7d:fe:51:c0:90:a1:91:fc:53:d5:fe:40:64:4c:
e8:cc:8a:92:7e:31:29:2f:c3:f0:8d:d8:62:3f:be:25:2b:93:
9a:34:8b:3c:3d:ea:fe:2f:3c:7d:b3:f2:35:77:4a:c1:02:8c:
d5:01:93:33:e6:b8:d4:a2:a3:2f:91:7e:85:83:3e:b3:49:a4:
26:84:11:1c:27:d3:ef:d0:24:77:93:8e:a0:7b:76:fb:ac:d4:
0f:28:c7:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzydZM48ELzKqyXNC5age7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjQwMTEwMDgyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDczYTQ4ZTUzNWI0NjUyZjMxZDNlODllYjQ1M2YzODdlNzJkYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSYN8O15MAzUi4vC7Ecgu7UMeEC0
WorIibT2u7j88mAanldCIkxo9YgckRw1mokqgsquZ0iDaTVsOgznghqAqZegsjhb
YXRJ/LVmp7ip99geMvMHtr+8SbAD8ypMmsfXw9DOMVy5iUeG/YBTfUlD5dEXRchA
IOe+E6EsTpyfiVPET58y4Jg/hJ8gAGVe/acN3ZFpMIEm2rF8y5tAfhAw6BxRtnxA
8QvCK0yRocIwNGH960v1T/e25UoV6jhFTDMyLxq4GqsnYESCDE44tZjJpfx6p+qN
GatjdPXyrUjhsFNruHUOWjgzdgdK+ztbM2ho5li/869V12AOBtrqtF1bawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK1zpI5TW0ZS8x0+ietFPzh+ctxwMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvclhPa2psTmJSbEx6SFQ2SjYwVV9PSDV5M0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGEgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJiTRV5YgVcB1uRPZUiAsfDM6xgcyt1pCOcs56Xd0
9CjinDVPgN22wDR0QK4FUE1Guj11vTNhnvhGKxDD1Bl+cEN3DucCZDCTZrReJcHr
yfJq1vhFQHlRDBD5GOpiW3m17o/5Sv7SCamiiGC9T7Q6cXbdQhiu1/1ppkPMb+OB
2FbLHLfrGgmh1cvvcm8NFrpAzolZEpCwYpQiV1Dz0U9rkro+8Y46Qn3+UcCQoZH8
U9X+QGRM6MyKkn4xKS/D8I3YYj++JSuTmjSLPD3q/i88fbPyNXdKwQKM1QGTM+a4
1KKjL5F+hYM+s0mkJoQRHCfT79Akd5OOoHt2+6zUDyjHOw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:59 2025 by rpki-client