Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/rrxIZI6U86-gRB_1jZB0StByP24.roa
File: rrxIZI6U86-gRB_1jZB0StByP24.roa (raw, json)
Hash identifier: 50teSsN7GV8xYl372D3ySlMlk5oKDcUxVBZJeiy4H/k=
Subject key identifier: AE:BC:48:64:8E:94:F3:AF:A0:44:1F:F5:8D:90:74:4A:D0:72:3F:6E
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01939E0585E1197371E69E61E2FB28F740A2
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/rrxIZI6U86-gRB_1jZB0StByP24.roa
Signing time: Fri 06 Dec 2024 22:09:42 +0000
ROA not before: Fri 06 Dec 2024 22:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a14:5840::/29 maxlen: 29
2a14:6b40::/29 maxlen: 29
2a14:6bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 07 Dec 2024 19:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9e:05:85:e1:19:73:71:e6:9e:61:e2:fb:28:f7:40:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Dec 6 22:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aebc48648e94f3afa0441ff58d90744ad0723f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:07:cc:64:49:bc:25:e8:7e:b5:70:5f:de:
66:02:2d:90:9e:6c:23:f8:8d:ee:27:4c:4a:47:45:
6a:79:a1:8d:d2:fb:e1:7c:95:cd:df:e3:94:42:d4:
dc:fe:5b:b1:5e:21:31:64:19:d2:f1:f9:4a:ea:82:
ef:6d:90:0c:e2:c3:46:13:15:a8:05:b2:59:59:8b:
f3:ba:72:61:de:93:ab:67:76:a3:e9:b7:5c:c8:73:
8f:a3:1b:f3:ec:83:e0:1f:18:7f:bb:0b:60:34:97:
15:6b:00:d3:53:34:48:d1:88:0a:8f:5e:30:95:51:
ad:13:97:f4:0f:03:7c:17:a1:b3:73:3b:a7:cf:91:
7a:7c:9e:b0:ec:15:51:02:03:24:bc:3a:d0:87:7e:
f4:43:4c:c2:c2:28:ee:20:c8:59:3b:9f:21:a8:a0:
ed:c5:60:54:48:5e:54:a0:0f:18:c7:6d:28:d5:7a:
4f:d7:77:cf:fb:82:f7:d2:5b:8e:eb:7d:d1:78:76:
46:b3:26:4f:02:6c:54:ef:49:16:34:26:77:2a:ed:
c7:5d:23:71:ba:0f:c9:06:52:96:32:92:cb:1e:bc:
fb:72:c6:84:ef:ae:c3:22:32:52:76:99:9c:a5:cb:
df:9f:04:5a:4c:4c:3b:8d:59:13:3f:a0:3b:f2:2f:
e1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BC:48:64:8E:94:F3:AF:A0:44:1F:F5:8D:90:74:4A:D0:72:3F:6E
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/rrxIZI6U86-gRB_1jZB0StByP24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5840::/29
2a14:6b40::/29
2a14:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:64:55:50:29:b8:9c:79:94:57:b8:ec:ff:10:75:46:4e:20:
ca:87:7c:aa:59:81:78:6a:3f:6d:4f:0e:5a:c3:eb:18:d7:3e:
46:c7:a7:f3:3b:0c:d0:0f:ec:90:98:db:ec:90:c1:2f:cc:e8:
88:8c:db:d8:cb:b1:77:15:00:d6:20:a4:9b:ee:ee:ba:26:f0:
04:88:f3:20:95:5d:ee:f3:a5:40:83:17:2c:93:60:06:48:08:
b7:d2:50:3e:50:ef:c0:b7:f5:ce:bb:5d:4c:25:8e:0e:89:08:
9a:c3:4d:08:20:c3:1f:28:fa:aa:04:4c:67:84:18:b7:2a:87:
8b:64:72:ea:07:99:13:4a:35:6b:5b:32:67:f0:af:6f:9d:c8:
94:07:dd:b5:ae:1c:95:a7:f6:ac:93:b3:ae:f9:7b:11:38:8c:
bc:4e:f8:c2:76:ee:4e:fb:ef:aa:73:51:f4:24:67:43:41:da:
ef:1b:c5:6b:76:e0:3f:67:63:79:49:f2:7d:da:bf:06:db:37:
03:68:7f:0b:50:91:ba:66:08:f9:7c:a1:f3:48:49:9d:6a:0d:
b7:94:a4:f8:f2:fd:f9:ca:34:b3:86:56:de:2c:2e:b6:99:5e:
34:f4:45:4b:be:a3:3a:bf:43:4f:dc:d2:4b:5e:48:03:0f:af:
34:44:b7:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOeBYXhGXNx5p5h4vso90CiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMjA2MjIwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJjNDg2NDhlOTRmM2FmYTA0NDFmZjU4ZDkwNzQ0YWQwNzIzZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37UHzGRJvCXofrVwX95mAi2Qnmwj
+I3uJ0xKR0VqeaGN0vvhfJXN3+OUQtTc/luxXiExZBnS8flK6oLvbZAM4sNGExWo
BbJZWYvzunJh3pOrZ3aj6bdcyHOPoxvz7IPgHxh/uwtgNJcVawDTUzRI0YgKj14w
lVGtE5f0DwN8F6Gzczunz5F6fJ6w7BVRAgMkvDrQh370Q0zCwijuIMhZO58hqKDt
xWBUSF5UoA8Yx20o1XpP13fP+4L30luO633ReHZGsyZPAmxU70kWNCZ3Ku3HXSNx
ug/JBlKWMpLLHrz7csaE767DIjJSdpmcpcvfnwRaTEw7jVkTP6A78i/h0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK68SGSOlPOvoEQf9Y2QdErQcj9uMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvcnJ4SVpJNlU4Ni1nUkJfMWpaQjBTdEJ5UDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhRYQAMF
AyoUa0ADBQMqFGvAMA0GCSqGSIb3DQEBCwUAA4IBAQBuZFVQKbiceZRXuOz/EHVG
TiDKh3yqWYF4aj9tTw5aw+sY1z5Gx6fzOwzQD+yQmNvskMEvzOiIjNvYy7F3FQDW
IKSb7u66JvAEiPMglV3u86VAgxcsk2AGSAi30lA+UO/At/XOu11MJY4OiQiaw00I
IMMfKPqqBExnhBi3KoeLZHLqB5kTSjVrWzJn8K9vnciUB921rhyVp/ask7Ou+XsR
OIy8TvjCdu5O+++qc1H0JGdDQdrvG8VrduA/Z2N5SfJ92r8G2zcDaH8LUJG6Zgj5
fKHzSEmdag23lKT48v35yjSzhlbeLC62mV409EVLvqM6v0NP3NJLXkgDD680RLfj
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:14:12 2025 by rpki-client