Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/vlQpL_DVFhXMvgxaCzXBqcXjLtg.roa
File: vlQpL_DVFhXMvgxaCzXBqcXjLtg.roa (raw, json)
Hash identifier: uKwOKhny66cERUVcyETQQmJTNsEFnOoUHaliaCoj5QM=
Subject key identifier: BE:54:29:2F:F0:D5:16:15:CC:BE:0C:5A:0B:35:C1:A9:C5:E3:2E:D8
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01949F58D619D1A3EF8DD8B0C372E5B757F1
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/vlQpL_DVFhXMvgxaCzXBqcXjLtg.roa
Signing time: Sat 25 Jan 2025 21:23:06 +0000
ROA not before: Sat 25 Jan 2025 21:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214079
IP address blocks: 2a12:bec4:1570::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 27 Jan 2025 07:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9f:58:d6:19:d1:a3:ef:8d:d8:b0:c3:72:e5:b7:57:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 25 21:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be54292ff0d51615ccbe0c5a0b35c1a9c5e32ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:94:8d:6d:a8:8e:fb:f6:5a:9f:25:f1:22:
52:4f:7d:13:f6:5d:74:96:b2:23:d1:30:6c:f9:6a:
14:8d:8f:4a:c6:4e:fe:15:26:e2:00:59:70:20:64:
05:6b:4b:6f:1c:b6:02:1d:6c:9f:bc:d1:b2:9c:3f:
ab:c3:3b:21:50:62:0b:a4:57:9b:17:85:0b:c1:c1:
4e:b1:99:a1:37:4f:a1:5d:47:d0:92:56:6b:2d:44:
16:f5:a4:ec:f5:42:94:ed:fe:07:40:e6:57:15:ab:
b0:fd:bc:74:6b:dd:5c:2c:b5:86:a2:f3:eb:84:9b:
b4:f1:ad:7d:bb:18:e3:66:25:2d:0a:de:b4:e4:19:
f0:6a:6f:a5:e4:16:8f:18:02:81:c1:8b:05:9c:7c:
9a:88:92:b1:5b:69:6a:6d:39:e6:2c:49:c4:7f:97:
d6:8d:a2:8f:ea:11:af:ad:52:d5:14:87:73:66:b1:
89:58:0c:ff:5e:43:88:0a:f4:67:78:5e:a1:23:78:
3a:89:7f:5e:52:7b:b1:52:20:86:fa:cb:fc:26:8e:
f3:dd:d8:f3:93:00:46:f1:01:24:d4:80:a9:e0:24:
c8:eb:fc:db:90:80:83:89:c9:77:dd:29:90:ec:89:
c8:fb:42:0d:83:34:94:26:86:0f:e9:46:31:7b:07:
0f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:54:29:2F:F0:D5:16:15:CC:BE:0C:5A:0B:35:C1:A9:C5:E3:2E:D8
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/vlQpL_DVFhXMvgxaCzXBqcXjLtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1570::/48
Signature Algorithm: sha256WithRSAEncryption
a2:7c:a8:79:0b:49:59:3a:2f:7c:04:47:a0:1b:5c:64:6c:dd:
bf:50:4b:22:0d:c0:a7:9b:db:9d:e4:db:4a:49:32:b9:bd:07:
8c:ba:29:f8:ab:e1:bc:5b:19:eb:b1:12:9d:50:d3:39:df:da:
69:04:d7:46:ce:94:9e:15:c8:c5:5c:c0:a4:96:ca:be:c2:39:
33:ce:05:02:af:75:d2:01:d3:41:ee:d1:df:1a:42:0c:ed:75:
91:c1:be:a7:51:17:3a:d3:d2:ad:59:cb:e0:07:f5:3b:8e:ab:
ac:f0:e4:22:75:4e:74:9f:23:f9:5e:38:68:70:32:60:c2:5c:
b0:fc:c7:de:32:c3:0d:28:82:c0:45:c9:6a:9a:c9:f2:af:c0:
11:5f:84:3d:f4:ee:66:5d:bb:db:a9:d6:d7:34:e4:f1:97:0b:
08:3f:bc:fe:ac:e7:03:d6:2b:60:b6:8a:5a:7d:66:e6:1c:5b:
73:6c:dd:0e:d0:71:9a:b8:9e:85:66:03:2e:6c:d7:fd:38:f9:
4a:bc:73:3a:2f:3c:89:bb:03:71:b2:9d:c3:a4:fd:2d:ef:8c:
6a:8a:f8:db:3b:95:ab:1d:2b:6e:86:bd:17:58:a0:96:84:b3:
6f:39:5d:0a:0d:2c:78:5b:3b:64:fb:df:02:f5:79:13:7a:3b:
38:8e:82:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSfWNYZ0aPvjdiww3Llt1fxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTI1MjEyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTU0MjkyZmYwZDUxNjE1Y2NiZTBjNWEwYjM1YzFhOWM1ZTMyZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLaUjW2ojvv2Wp8l8SJST30T9l10
lrIj0TBs+WoUjY9Kxk7+FSbiAFlwIGQFa0tvHLYCHWyfvNGynD+rwzshUGILpFeb
F4ULwcFOsZmhN0+hXUfQklZrLUQW9aTs9UKU7f4HQOZXFauw/bx0a91cLLWGovPr
hJu08a19uxjjZiUtCt605Bnwam+l5BaPGAKBwYsFnHyaiJKxW2lqbTnmLEnEf5fW
jaKP6hGvrVLVFIdzZrGJWAz/XkOICvRneF6hI3g6iX9eUnuxUiCG+sv8Jo7z3djz
kwBG8QEk1ICp4CTI6/zbkICDicl33SmQ7InI+0INgzSUJoYP6UYxewcPnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL5UKS/w1RYVzL4MWgs1wanF4y7YMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvdmxRcExfRFZGaFhNdmd4YUN6WEJxY1hqTHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+xBVw
MA0GCSqGSIb3DQEBCwUAA4IBAQCifKh5C0lZOi98BEegG1xkbN2/UEsiDcCnm9ud
5NtKSTK5vQeMuin4q+G8WxnrsRKdUNM539ppBNdGzpSeFcjFXMCklsq+wjkzzgUC
r3XSAdNB7tHfGkIM7XWRwb6nURc609KtWcvgB/U7jqus8OQidU50nyP5XjhocDJg
wlyw/MfeMsMNKILARclqmsnyr8ARX4Q99O5mXbvbqdbXNOTxlwsIP7z+rOcD1itg
topafWbmHFtzbN0O0HGauJ6FZgMubNf9OPlKvHM6LzyJuwNxsp3DpP0t74xqivjb
O5WrHStuhr0XWKCWhLNvOV0KDSx4Wztk+98C9XkTejs4joKg
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:57:16 2025 by rpki-client