Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/cdAYaxUCWrRHjCiBNLvOK_r_XMU.roa
File: cdAYaxUCWrRHjCiBNLvOK_r_XMU.roa (raw, json)
Hash identifier: o/XIOfeJ7L9kfMxB9gE91RYf12y8BKnMynIEj0lEhgE=
Subject key identifier: 71:D0:18:6B:15:02:5A:B4:47:8C:28:81:34:BB:CE:2B:FA:FF:5C:C5
Certificate issuer: /CN=d34403a30b313759af9626afd8d3d23805fcc80e
Certificate serial: 018CC56E2710F0CAA388E1ADA67FFA7D92F0
Authority key identifier: D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/cdAYaxUCWrRHjCiBNLvOK_r_XMU.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57454
IP address blocks: 2a0c:cd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:27:10:f0:ca:a3:88:e1:ad:a6:7f:fa:7d:92:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34403a30b313759af9626afd8d3d23805fcc80e
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d0186b15025ab4478c288134bbce2bfaff5cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:22:7a:8b:18:86:cb:11:e0:ca:b5:15:a9:80:
1b:87:43:c3:9b:f0:e9:3f:f5:06:c8:87:5b:a6:6b:
b7:2c:c5:8a:1f:de:b3:24:da:f7:93:e3:06:89:f6:
7a:1d:c2:81:f5:2e:d1:e2:4e:fb:6c:43:50:a3:a1:
f1:87:1e:68:96:79:56:45:b1:21:c0:88:ae:7a:0e:
3e:fc:0c:13:d4:9f:41:ce:05:a8:4c:00:a8:a2:2b:
98:98:c1:00:fa:22:25:65:00:61:09:9d:c0:bb:c4:
32:ff:56:67:ff:62:65:d2:1c:a9:11:12:26:19:58:
c2:68:77:bc:dd:14:1c:bb:e3:cd:1f:23:52:4c:a5:
12:63:97:f8:91:b6:54:79:65:14:80:bc:e1:8e:95:
4b:96:52:91:28:05:6c:15:7f:61:31:64:c5:6d:e1:
39:8d:bc:c4:2d:5c:80:76:58:c5:4c:21:17:ae:09:
90:96:47:9a:80:14:aa:1f:4d:51:1f:d7:a6:c2:0d:
1d:c1:14:e5:1d:49:23:9e:f4:06:8a:61:7c:f7:a9:
8c:05:f0:f9:8a:fe:7e:20:91:f9:dd:1d:63:86:9a:
a8:64:61:41:4f:29:34:9b:7b:8d:cc:ca:13:e2:b8:
8b:cb:61:16:a6:6e:ef:79:b3:e3:df:3c:96:6b:8a:
25:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D0:18:6B:15:02:5A:B4:47:8C:28:81:34:BB:CE:2B:FA:FF:5C:C5
X509v3 Authority Key Identifier:
keyid:D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/cdAYaxUCWrRHjCiBNLvOK_r_XMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/00QDowsxN1mvliav2NPSOAX8yA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
a5:c9:eb:52:b0:b7:ea:10:69:b3:d3:d4:c1:e2:e5:ee:1a:90:
b5:6b:b0:2c:29:09:eb:6d:be:f2:e1:4e:34:bb:44:b2:9c:45:
c8:3c:cb:33:0f:0c:5c:5a:26:64:b3:0a:c2:e9:0d:ac:65:a2:
89:a4:f9:90:45:79:4b:f9:ea:62:17:60:b9:4f:68:ba:b3:59:
87:21:82:8e:a7:a9:e1:8b:85:97:47:a4:f5:07:67:58:34:79:
90:02:1b:df:70:38:27:82:8f:c6:38:29:bb:dd:7c:13:7b:99:
e3:8d:82:11:d4:5e:ec:98:41:60:d8:2f:2d:5c:86:ab:a9:7e:
2d:c0:d3:1d:36:0a:8f:fd:7f:ec:08:cd:99:6b:ee:d5:7f:87:
4e:52:70:e8:0f:9c:88:b1:21:fc:a4:be:d2:2c:21:1e:f8:f9:
84:f6:07:af:ff:08:36:de:85:3c:a2:78:91:cf:2e:fb:9e:86:
d5:7e:3d:14:92:ea:0b:da:51:44:1a:09:b4:65:20:e9:1c:6a:
02:a0:b3:6d:ef:d6:90:88:96:00:fa:26:3c:34:1d:3d:7a:8f:
60:f6:17:8b:36:b8:eb:2a:42:d9:27:12:be:e5:d0:c9:a9:4c:
9a:70:ae:d9:85:08:52:89:98:bf:02:27:fa:5b:6b:04:06:cb:
d9:03:84:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFbicQ8MqjiOGtpn/6fZLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDQwM2EzMGIzMTM3NTlhZjk2MjZhZmQ4ZDNkMjM4MDVm
Y2M4MGUwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQwMTg2YjE1MDI1YWI0NDc4YzI4ODEzNGJiY2UyYmZhZmY1Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyJ6ixiGyxHgyrUVqYAbh0PDm/Dp
P/UGyIdbpmu3LMWKH96zJNr3k+MGifZ6HcKB9S7R4k77bENQo6Hxhx5olnlWRbEh
wIiueg4+/AwT1J9BzgWoTACooiuYmMEA+iIlZQBhCZ3Au8Qy/1Zn/2Jl0hypERIm
GVjCaHe83RQcu+PNHyNSTKUSY5f4kbZUeWUUgLzhjpVLllKRKAVsFX9hMWTFbeE5
jbzELVyAdljFTCEXrgmQlkeagBSqH01RH9emwg0dwRTlHUkjnvQGimF896mMBfD5
iv5+IJH53R1jhpqoZGFBTyk0m3uNzMoT4riLy2EWpm7vebPj3zyWa4ol/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHHQGGsVAlq0R4wogTS7ziv6/1zFMB8GA1UdIwQY
MBaAFNNEA6MLMTdZr5Ymr9jT0jgF/MgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMt
YjQwNTI3ZGQ0M2ZjLzEvY2RBWWF4VUNXclJIakNpQk5Mdk9LX3JfWE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMtYjQwNTI3ZGQ0M2Zj
LzEvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgzNQDAN
BgkqhkiG9w0BAQsFAAOCAQEApcnrUrC36hBps9PUweLl7hqQtWuwLCkJ622+8uFO
NLtEspxFyDzLMw8MXFomZLMKwukNrGWiiaT5kEV5S/nqYhdguU9ourNZhyGCjqep
4YuFl0ek9QdnWDR5kAIb33A4J4KPxjgpu918E3uZ442CEdRe7JhBYNgvLVyGq6l+
LcDTHTYKj/1/7AjNmWvu1X+HTlJw6A+ciLEh/KS+0iwhHvj5hPYHr/8INt6FPKJ4
kc8u+56G1X49FJLqC9pRRBoJtGUg6RxqAqCzbe/WkIiWAPomPDQdPXqPYPYXiza4
6ypC2ScSvuXQyalMmnCu2YUIUomYvwIn+ltrBAbL2QOE+g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:33 2025 by rpki-client