Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/1ciI79KYHCe2Vo4qE38XSx28Yrs.roa
File: 1ciI79KYHCe2Vo4qE38XSx28Yrs.roa (raw, json)
Hash identifier: x7alw0dP5Q2mfJ4KyR2Cj6RNJoPmF5BoAqTmHel+jhc=
Subject key identifier: D5:C8:88:EF:D2:98:1C:27:B6:56:8E:2A:13:7F:17:4B:1D:BC:62:BB
Certificate issuer: /CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Certificate serial: 018CC501438CBC72D9DEEB506390C2AA10C3
Authority key identifier: BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/1ciI79KYHCe2Vo4qE38XSx28Yrs.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205969
IP address blocks: 2001:67c:12f4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:43:8c:bc:72:d9:de:eb:50:63:90:c2:aa:10:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5c888efd2981c27b6568e2a137f174b1dbc62bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7d:59:72:fd:ed:4b:c4:f9:ad:d2:ce:d7:86:
26:c5:6c:ee:cd:5a:a9:6f:af:94:94:2f:3e:02:d0:
9b:f4:d2:b6:40:68:50:2c:29:7f:ef:38:32:91:24:
53:2d:1f:25:0c:08:ac:23:44:1e:3e:a6:b2:71:db:
04:59:0b:f5:de:8d:9b:16:38:cf:10:78:4e:dd:9d:
b6:88:3c:ed:56:d2:cd:9d:37:71:cf:01:bc:ef:ab:
ad:13:d2:23:4d:96:b6:8e:0e:e4:fd:4c:5c:0a:6a:
50:21:a0:86:e5:5f:e6:01:0b:92:2e:17:33:3d:e4:
96:f0:7d:9a:4f:d2:b3:f9:8c:0a:ee:df:7c:3b:19:
43:87:f1:28:14:16:6b:a1:d7:1f:d8:85:b0:8c:98:
5a:69:fb:2f:ab:2f:19:ac:2a:52:4f:a7:55:e4:55:
ff:15:c1:ca:8e:86:42:cf:44:b7:bb:ea:d0:7b:df:
60:3a:6f:6d:28:16:99:27:31:a3:5e:eb:bc:90:a0:
39:0b:51:33:85:aa:3a:1c:d4:27:62:22:f2:08:17:
22:c9:31:ac:d6:a6:a4:a6:67:40:1f:03:2a:63:3f:
de:1d:90:c9:5e:51:4e:af:43:3e:af:0f:d4:74:58:
83:6d:86:3a:3c:59:c1:f5:84:b7:37:95:35:a8:d5:
c8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C8:88:EF:D2:98:1C:27:B6:56:8E:2A:13:7F:17:4B:1D:BC:62:BB
X509v3 Authority Key Identifier:
keyid:BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/1ciI79KYHCe2Vo4qE38XSx28Yrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:12f4::/48
Signature Algorithm: sha256WithRSAEncryption
0b:d4:e4:24:2f:d6:2c:8f:12:24:72:c5:4b:5b:a8:6e:30:b4:
85:77:45:dc:5b:89:f2:6b:cf:47:35:23:83:4d:21:2d:5a:94:
98:ad:44:a6:19:92:38:fa:e8:da:a7:4e:b5:0e:79:2a:f2:e3:
f1:f4:df:6a:2d:58:0c:2e:92:6a:cf:4d:c6:b7:0c:4a:3b:e6:
52:80:f2:81:fd:78:bc:d0:55:bd:26:fb:ec:a7:f1:08:38:71:
c8:45:49:df:ec:36:a5:8b:55:e9:b1:c7:18:29:96:b4:f9:c6:
25:76:ff:a8:f5:03:d9:f1:5d:3f:e3:c1:83:f4:6b:e4:a6:fb:
5d:5a:a9:f9:19:10:29:aa:9c:6a:8d:8a:96:d3:3f:76:7e:5a:
12:b1:26:da:f0:59:e9:47:0d:fa:5e:63:8f:5e:7f:47:be:f4:
90:2b:61:37:50:40:38:83:09:81:bf:a8:a0:e5:40:43:e5:fe:
7c:4b:bb:25:3f:67:81:f3:30:fb:17:03:34:b3:dc:7a:db:7a:
ab:6b:36:68:66:ba:73:58:23:dc:6f:9e:7d:8e:4e:55:c1:b3:
76:d2:9b:8c:71:3d:20:47:03:d2:50:0d:68:75:ab:61:c8:ce:
d5:1f:3c:af:52:d7:04:e4:29:ee:b5:ee:ff:0a:69:7a:ed:73:
6f:03:05:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAUOMvHLZ3utQY5DCqhDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMmE1YTA2YjliNDNmY2VhMTg4NTQxZDMwYzZkYzM0MzBh
YWYzOTIwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM4ODhlZmQyOTgxYzI3YjY1NjhlMmExMzdmMTc0YjFkYmM2MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n1Zcv3tS8T5rdLO14YmxWzuzVqp
b6+UlC8+AtCb9NK2QGhQLCl/7zgykSRTLR8lDAisI0QePqaycdsEWQv13o2bFjjP
EHhO3Z22iDztVtLNnTdxzwG876utE9IjTZa2jg7k/UxcCmpQIaCG5V/mAQuSLhcz
PeSW8H2aT9Kz+YwK7t98OxlDh/EoFBZrodcf2IWwjJhaafsvqy8ZrCpST6dV5FX/
FcHKjoZCz0S3u+rQe99gOm9tKBaZJzGjXuu8kKA5C1Ezhao6HNQnYiLyCBciyTGs
1qakpmdAHwMqYz/eHZDJXlFOr0M+rw/UdFiDbYY6PFnB9YS3N5U1qNXIGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNXIiO/SmBwntlaOKhN/F0sdvGK7MB8GA1UdIwQY
MBaAFL0qWga5tD/OoYhUHTDG3DQwqvOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmIt
NWQzNDcwNGI3Yzg4LzEvMWNpSTc5S1lIQ2UyVm80cUUzOFhTeDI4WXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jYWYwMzQtY2JlMi00ZDJkLWEwMmItNWQzNDcwNGI3Yzg4
LzEvdlNwYUJybTBQODZoaUZRZE1NYmNORENxODVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBL0
MA0GCSqGSIb3DQEBCwUAA4IBAQAL1OQkL9YsjxIkcsVLW6huMLSFd0XcW4nya89H
NSODTSEtWpSYrUSmGZI4+ujap061Dnkq8uPx9N9qLVgMLpJqz03GtwxKO+ZSgPKB
/Xi80FW9Jvvsp/EIOHHIRUnf7Dali1XpsccYKZa0+cYldv+o9QPZ8V0/48GD9Gvk
pvtdWqn5GRApqpxqjYqW0z92floSsSba8FnpRw36XmOPXn9HvvSQK2E3UEA4gwmB
v6ig5UBD5f58S7slP2eB8zD7FwM0s9x623qrazZoZrpzWCPcb559jk5VwbN20puM
cT0gRwPSUA1odathyM7VHzyvUtcE5Cnute7/Cml67XNvAwWO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:38 2025 by rpki-client