Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/2wtNxLssaja3WyZdSwaWYv-PRHM.roa
File: 2wtNxLssaja3WyZdSwaWYv-PRHM.roa (raw, json)
Hash identifier: LFkD60r7wS0DtPuypl8W+PsJg4syL/ha84vB8N9yR90=
Subject key identifier: DB:0B:4D:C4:BB:2C:6A:36:B7:5B:26:5D:4B:06:96:62:FF:8F:44:73
Certificate issuer: /CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8
Certificate serial: 018CC26D85A87980E10F4A038B63B5D404BC
Authority key identifier: FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/2wtNxLssaja3WyZdSwaWYv-PRHM.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0b:4581::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:85:a8:79:80:e1:0f:4a:03:8b:63:b5:d4:04:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db0b4dc4bb2c6a36b75b265d4b069662ff8f4473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1a:6c:35:48:c7:8d:4c:d5:d6:4c:d4:74:89:
7a:10:04:ca:78:cc:8f:ef:d0:16:d6:a2:d0:3f:13:
80:f8:4f:af:03:90:21:67:da:4f:89:a0:ee:0d:9a:
eb:97:73:b9:c9:e0:1c:64:70:a7:3a:f7:e8:f4:70:
b3:45:48:88:f3:22:62:0d:4c:af:dd:59:96:a4:11:
9c:86:c8:5e:25:b1:98:fc:7d:bf:ee:9d:9c:db:61:
c3:2e:e1:dd:39:ca:69:4e:7a:f2:8a:1a:39:99:ac:
df:a0:c4:2f:bb:6d:2e:80:09:e1:9b:d5:2b:1c:6f:
a7:d7:3b:e3:54:9d:bf:d0:78:65:3f:87:9f:0f:c1:
25:d8:11:a0:33:0b:1b:c3:56:28:ae:69:54:fb:1a:
c5:07:18:af:ed:c9:02:db:cc:7f:d4:84:79:a0:70:
6c:be:4e:22:08:33:5d:7f:4d:34:10:0f:30:99:44:
00:ff:e1:2b:83:50:fe:71:4a:04:d5:4c:29:26:80:
a7:3e:76:7d:ac:ed:35:7c:82:30:68:a7:bf:d6:fb:
eb:0c:5f:56:91:b9:9e:80:32:db:b9:63:c1:0d:4a:
61:41:9f:56:39:40:0f:1e:f6:c9:73:da:04:68:c4:
8a:cf:8c:90:a9:ab:43:f3:18:e3:c6:97:2c:ab:7c:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0B:4D:C4:BB:2C:6A:36:B7:5B:26:5D:4B:06:96:62:FF:8F:44:73
X509v3 Authority Key Identifier:
keyid:FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/2wtNxLssaja3WyZdSwaWYv-PRHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/_1l7QMbURp-bkUp43I7EOTI7D7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4581::/48
Signature Algorithm: sha256WithRSAEncryption
78:ad:2f:34:9e:17:ce:63:fb:4d:36:b1:60:ac:84:9a:b0:fb:
43:c4:c1:a0:73:5f:ed:a9:b4:e2:bd:ea:16:bf:b4:0e:92:97:
59:37:77:ec:23:98:44:e1:a2:a0:17:31:5c:37:12:0b:fd:aa:
dc:fa:40:3e:e4:cb:0d:dd:dc:62:3f:3a:84:78:da:27:58:ea:
6e:f4:e2:49:80:bc:98:c7:6f:8e:30:02:a4:ed:dd:3a:bf:64:
9a:e2:21:40:09:ac:9a:00:bc:90:52:f4:a6:15:f4:f5:36:be:
29:32:f8:b4:78:0c:30:2e:18:fa:ce:61:ed:c9:34:2d:26:b1:
f7:9a:de:c0:c6:88:09:a6:84:dc:cf:3a:fe:04:6c:ce:cf:d4:
dd:75:fa:f9:cd:5e:d0:27:1f:0f:4d:a6:1f:22:2f:19:66:56:
c6:9d:ab:87:e6:53:7b:a4:d4:c7:16:e5:a3:5c:37:36:32:d5:
61:eb:dc:66:f6:e2:2f:47:df:ba:de:3a:3c:c2:eb:d0:24:53:
4f:16:60:aa:42:01:10:75:23:b7:56:5a:b9:6d:8a:eb:c2:12:
41:25:b3:ce:f3:80:26:f0:b4:41:94:86:be:6d:ca:21:71:9d:
b7:c5:4e:99:22:b8:e5:14:e3:2c:1f:32:eb:78:9c:05:78:b8:
13:7b:3e:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbYWoeYDhD0oDi2O11AS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTk3YjQwYzZkNDQ2OWY5YjkxNGE3OGRjOGVjNDM5MzIz
YjBmYjgwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBiNGRjNGJiMmM2YTM2Yjc1YjI2NWQ0YjA2OTY2MmZmOGY0NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBpsNUjHjUzV1kzUdIl6EATKeMyP
79AW1qLQPxOA+E+vA5AhZ9pPiaDuDZrrl3O5yeAcZHCnOvfo9HCzRUiI8yJiDUyv
3VmWpBGchsheJbGY/H2/7p2c22HDLuHdOcppTnryiho5mazfoMQvu20ugAnhm9Ur
HG+n1zvjVJ2/0HhlP4efD8El2BGgMwsbw1YormlU+xrFBxiv7ckC28x/1IR5oHBs
vk4iCDNdf000EA8wmUQA/+Erg1D+cUoE1UwpJoCnPnZ9rO01fIIwaKe/1vvrDF9W
kbmegDLbuWPBDUphQZ9WOUAPHvbJc9oEaMSKz4yQqatD8xjjxpcsq3zZ+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNsLTcS7LGo2t1smXUsGlmL/j0RzMB8GA1UdIwQY
MBaAFP9Ze0DG1Eafm5FKeNyOxDkyOw+4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMt
ZmZiMmVmNGJmZTI1LzEvMnd0TnhMc3NhamEzV3laZFN3YVdZdi1QUkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMtZmZiMmVmNGJmZTI1
LzEvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtFgQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4rS80nhfOY/tNNrFgrISasPtDxMGgc1/tqbTi
veoWv7QOkpdZN3fsI5hE4aKgFzFcNxIL/arc+kA+5MsN3dxiPzqEeNonWOpu9OJJ
gLyYx2+OMAKk7d06v2Sa4iFACayaALyQUvSmFfT1Nr4pMvi0eAwwLhj6zmHtyTQt
JrH3mt7AxogJpoTczzr+BGzOz9Tddfr5zV7QJx8PTaYfIi8ZZlbGnauH5lN7pNTH
FuWjXDc2MtVh69xm9uIvR9+63jo8wuvQJFNPFmCqQgEQdSO3Vlq5bYrrwhJBJbPO
84Am8LRBlIa+bcohcZ23xU6ZIrjlFOMsHzLreJwFeLgTez7g
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:08 2025 by rpki-client