Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/dW5fYvyjsyE1dLCK3XAT8yPhS-I.roa
File: dW5fYvyjsyE1dLCK3XAT8yPhS-I.roa (raw, json)
Hash identifier: ncx15r+4fnKZswZQeLIs8YPzRwm55IEL2QUSB9mreG8=
Subject key identifier: 75:6E:5F:62:FC:A3:B3:21:35:74:B0:8A:DD:70:13:F3:23:E1:4B:E2
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0194A6BE247946F5C31E3C838A7E65AD3C0F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/dW5fYvyjsyE1dLCK3XAT8yPhS-I.roa
Signing time: Mon 27 Jan 2025 07:51:06 +0000
ROA not before: Mon 27 Jan 2025 07:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214079
IP address blocks: 2a12:bec4:1570::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 Jan 2025 20:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:be:24:79:46:f5:c3:1e:3c:83:8a:7e:65:ad:3c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 27 07:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=756e5f62fca3b3213574b08add7013f323e14be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:0d:37:fb:83:f6:b3:39:48:fa:d6:1a:51:
78:af:55:85:bd:c2:00:88:59:bd:b7:1c:8e:3d:4b:
43:9c:32:92:c1:7c:32:cd:90:56:33:5a:da:b3:da:
86:b8:a6:fd:60:2c:76:20:12:31:e0:21:a5:53:09:
1f:45:5e:d1:e3:02:1d:fc:2e:3a:e3:f7:19:b5:89:
a8:a4:85:c4:a6:52:60:87:88:8f:1a:ae:cd:36:37:
67:b8:25:da:1b:d4:75:ab:24:b2:cb:cf:ee:78:56:
d8:3b:48:0c:2e:f3:bf:46:81:6c:1c:82:75:e7:5c:
85:6f:65:8b:45:11:59:16:2a:a5:fc:c5:f5:94:46:
16:86:f6:61:b5:de:e6:07:36:90:ef:18:24:9c:7d:
36:3a:ce:71:ad:ce:92:21:ae:9f:aa:67:9b:41:fb:
22:88:7a:59:0a:a2:24:fd:cb:25:e6:4a:d3:e6:79:
49:42:85:d0:41:5d:ea:ab:27:09:09:bd:21:f7:02:
42:86:c1:fd:24:c6:b0:35:4f:30:f2:46:c2:0c:95:
a5:cc:86:80:1d:69:54:13:44:49:ec:3a:c1:0b:e3:
b7:c7:56:5e:67:b6:00:cd:23:3c:f2:fb:d9:69:5c:
03:00:ec:50:d0:38:6a:5d:66:6f:91:e8:0a:40:ce:
be:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6E:5F:62:FC:A3:B3:21:35:74:B0:8A:DD:70:13:F3:23:E1:4B:E2
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/dW5fYvyjsyE1dLCK3XAT8yPhS-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1570::/48
Signature Algorithm: sha256WithRSAEncryption
98:ed:63:4b:4d:f1:c1:4a:30:e1:3a:59:a5:18:cb:2e:96:b8:
f7:5f:63:69:d0:4e:8c:c2:44:9b:b3:d1:c4:93:3f:72:ea:0a:
8c:d1:ac:f9:40:d5:4d:bb:5a:2f:80:0d:d6:f8:d8:7a:73:39:
74:e8:fe:c8:31:24:68:48:fe:51:26:c5:86:46:92:13:e2:50:
ea:e8:00:30:64:cd:06:ac:9f:7f:5f:b6:bc:4d:df:52:52:bd:
ce:06:82:7b:03:a6:7b:73:53:1a:99:c9:2e:0a:44:c1:71:de:
58:61:42:86:33:4c:ef:4a:c7:15:18:09:32:f8:15:17:b7:05:
f0:94:d7:21:0d:22:d5:ea:32:ac:9f:f2:7d:8d:cc:df:54:a3:
9a:4a:4d:79:a4:6f:b9:d3:83:ca:74:38:44:38:be:7e:ac:8c:
25:2a:38:b4:53:1e:9e:fa:97:32:c6:76:04:5f:12:74:ec:1a:
c2:0b:ff:37:6a:26:61:38:de:b6:a4:e2:04:7d:4f:79:58:73:
a9:61:c0:95:cd:a4:af:01:85:1c:1a:1f:85:9d:bc:af:23:91:
8b:b8:bb:c1:a9:56:8e:36:f3:e7:bc:b6:22:fb:bc:ea:d4:f6:
79:68:5a:58:8a:e4:d4:fd:d0:7d:82:82:0c:52:ba:b6:61:53:
c9:37:eb:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSmviR5RvXDHjyDin5lrTwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTI3MDc1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZlNWY2MmZjYTNiMzIxMzU3NGIwOGFkZDcwMTNmMzIzZTE0YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXkNN/uD9rM5SPrWGlF4r1WFvcIA
iFm9txyOPUtDnDKSwXwyzZBWM1ras9qGuKb9YCx2IBIx4CGlUwkfRV7R4wId/C46
4/cZtYmopIXEplJgh4iPGq7NNjdnuCXaG9R1qySyy8/ueFbYO0gMLvO/RoFsHIJ1
51yFb2WLRRFZFiql/MX1lEYWhvZhtd7mBzaQ7xgknH02Os5xrc6SIa6fqmebQfsi
iHpZCqIk/csl5krT5nlJQoXQQV3qqycJCb0h9wJChsH9JMawNU8w8kbCDJWlzIaA
HWlUE0RJ7DrBC+O3x1ZeZ7YAzSM88vvZaVwDAOxQ0DhqXWZvkegKQM6+PwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHVuX2L8o7MhNXSwit1wE/Mj4UviMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvZFc1Zll2eWpzeUUxZExDSzNYQVQ4eVBoUy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+xBVw
MA0GCSqGSIb3DQEBCwUAA4IBAQCY7WNLTfHBSjDhOlmlGMsulrj3X2Np0E6MwkSb
s9HEkz9y6gqM0az5QNVNu1ovgA3W+Nh6czl06P7IMSRoSP5RJsWGRpIT4lDq6AAw
ZM0GrJ9/X7a8Td9SUr3OBoJ7A6Z7c1MamckuCkTBcd5YYUKGM0zvSscVGAky+BUX
twXwlNchDSLV6jKsn/J9jczfVKOaSk15pG+504PKdDhEOL5+rIwlKji0Ux6e+pcy
xnYEXxJ07BrCC/83aiZhON62pOIEfU95WHOpYcCVzaSvAYUcGh+FnbyvI5GLuLvB
qVaONvPnvLYi+7zq1PZ5aFpYiuTU/dB9goIMUrq2YVPJN+uO
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:31:49 2025 by rpki-client