Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/5c9bd9-09ad-4fac-bbbc-3f15f8836dbb/1/iBekzwBerB8Kha4gnuUWqpyYRac.roa
File: iBekzwBerB8Kha4gnuUWqpyYRac.roa (raw, json)
Hash identifier: VBLTyNeMCZdYkxBDpwinANf9uwQNP3y86x4TyImoPPc=
Subject key identifier: 88:17:A4:CF:00:5E:AC:1F:0A:85:AE:20:9E:E5:16:AA:9C:98:45:A7
Certificate issuer: /CN=8d337c0c856946b8fbdaf285f52caddcf38ad0a8
Certificate serial: 018CC9BCC3E320927B7E7899EA68F2E719C8
Authority key identifier: 8D:33:7C:0C:85:69:46:B8:FB:DA:F2:85:F5:2C:AD:DC:F3:8A:D0:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jTN8DIVpRrj72vKF9Syt3POK0Kg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/5c9bd9-09ad-4fac-bbbc-3f15f8836dbb/1/iBekzwBerB8Kha4gnuUWqpyYRac.roa
Signing time: Tue 02 Jan 2024 10:34:00 +0000
ROA not before: Tue 02 Jan 2024 10:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213092
IP address blocks: 2001:678:d90::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c3:e3:20:92:7b:7e:78:99:ea:68:f2:e7:19:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d337c0c856946b8fbdaf285f52caddcf38ad0a8
Validity
Not Before: Jan 2 10:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8817a4cf005eac1f0a85ae209ee516aa9c9845a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1d:04:10:62:ae:4d:ea:22:2c:67:7c:30:c1:
5c:88:15:0b:3e:bf:8d:94:59:db:4d:d5:98:8b:29:
6b:79:d9:ec:35:47:36:43:4e:3b:ce:ca:29:ff:0b:
16:d4:57:e2:b8:05:57:d4:fc:1d:2e:e4:e2:37:9a:
4c:bd:08:ad:df:9e:51:27:e7:4a:87:57:45:85:e5:
f3:d6:e0:35:d4:9d:a5:dc:dc:3c:ba:5a:77:7a:ce:
00:5f:ef:87:3a:09:5f:3a:74:cd:2a:44:44:c3:e3:
63:86:3f:3c:b5:c3:76:31:51:bc:58:47:bd:95:19:
22:75:58:e3:8d:9a:00:24:7a:6f:bc:91:03:48:85:
c4:ef:0c:56:d7:76:5b:c2:be:ea:2d:40:44:5e:34:
97:5d:a7:b0:4d:0f:13:75:58:11:a5:29:1a:ce:b8:
37:ed:dd:9d:9d:1e:38:91:01:0e:69:7d:54:16:07:
36:db:3a:37:14:81:93:ef:88:04:1f:7e:b3:4f:be:
b0:f2:02:ea:cb:b1:e2:0a:46:47:c5:aa:5f:19:b9:
0c:e8:5e:b4:41:02:0c:b3:18:bd:cd:c2:91:93:5b:
2a:a6:fe:4a:11:db:68:4c:f3:34:45:98:3e:9b:90:
ea:d1:12:16:f1:e1:81:a7:35:ae:bd:ce:12:de:44:
22:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:17:A4:CF:00:5E:AC:1F:0A:85:AE:20:9E:E5:16:AA:9C:98:45:A7
X509v3 Authority Key Identifier:
keyid:8D:33:7C:0C:85:69:46:B8:FB:DA:F2:85:F5:2C:AD:DC:F3:8A:D0:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jTN8DIVpRrj72vKF9Syt3POK0Kg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/5c9bd9-09ad-4fac-bbbc-3f15f8836dbb/1/iBekzwBerB8Kha4gnuUWqpyYRac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/5c9bd9-09ad-4fac-bbbc-3f15f8836dbb/1/jTN8DIVpRrj72vKF9Syt3POK0Kg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d90::/48
Signature Algorithm: sha256WithRSAEncryption
14:59:da:ef:85:be:98:15:07:83:0f:35:41:45:d8:25:49:95:
a3:94:fb:e9:dc:2e:82:7c:a1:88:7c:bb:73:a5:9a:cd:72:73:
28:fa:a7:af:d2:c3:f4:85:c8:b0:83:e8:4f:39:52:28:96:21:
78:2b:a6:d2:70:76:e3:f7:fc:38:b7:71:f8:ad:16:47:39:c8:
c2:c2:8e:ab:a6:b9:08:bc:de:80:50:82:c1:94:6c:12:ba:71:
24:9f:ad:f9:a0:a6:f6:17:bf:b5:30:32:5b:71:ee:43:d1:62:
70:73:22:c8:9d:a5:4a:4c:54:cb:59:a8:d8:9e:71:82:d9:43:
83:65:7f:4f:09:ea:d5:ca:99:53:26:a5:57:8a:ec:9e:5e:26:
0e:e6:ea:e0:6c:15:23:29:be:2a:fe:7e:dd:72:ee:24:ac:bb:
d7:cc:2d:5c:46:aa:29:79:5f:30:47:3b:2f:85:89:7c:ea:35:
93:cc:1d:11:e1:5a:f8:4f:ab:e8:10:cf:06:bc:e5:6a:7b:06:
5a:8b:6c:67:e4:e1:4f:fa:77:cb:7a:31:29:f8:ee:1c:09:d0:
2d:b9:3f:7c:49:10:94:e4:5b:69:47:17:7a:79:3e:f1:1f:e6:
4b:6b:26:3e:2c:3b:b7:d9:93:21:48:61:2c:13:ff:dc:3d:3a:
87:f7:5e:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvMPjIJJ7fniZ6mjy5xnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMzM3YzBjODU2OTQ2YjhmYmRhZjI4NWY1MmNhZGRjZjM4
YWQwYTgwHhcNMjQwMTAyMTAzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE3YTRjZjAwNWVhYzFmMGE4NWFlMjA5ZWU1MTZhYTljOTg0NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx0EEGKuTeoiLGd8MMFciBULPr+N
lFnbTdWYiylrednsNUc2Q047zsop/wsW1FfiuAVX1PwdLuTiN5pMvQit355RJ+dK
h1dFheXz1uA11J2l3Nw8ulp3es4AX++HOglfOnTNKkREw+Njhj88tcN2MVG8WEe9
lRkidVjjjZoAJHpvvJEDSIXE7wxW13Zbwr7qLUBEXjSXXaewTQ8TdVgRpSkazrg3
7d2dnR44kQEOaX1UFgc22zo3FIGT74gEH36zT76w8gLqy7HiCkZHxapfGbkM6F60
QQIMsxi9zcKRk1sqpv5KEdtoTPM0RZg+m5Dq0RIW8eGBpzWuvc4S3kQiVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIgXpM8AXqwfCoWuIJ7lFqqcmEWnMB8GA1UdIwQY
MBaAFI0zfAyFaUa4+9ryhfUsrdzzitCoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalROOERJVnBScmo3MnZLRjlTeXQzUE9LMEtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81YzliZDktMDlhZC00ZmFjLWJiYmMt
M2YxNWY4ODM2ZGJiLzEvaUJla3p3QmVyQjhLaGE0Z251VVdxcHlZUmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81YzliZDktMDlhZC00ZmFjLWJiYmMtM2YxNWY4ODM2ZGJi
LzEvalROOERJVnBScmo3MnZLRjlTeXQzUE9LMEtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAUWdrvhb6YFQeDDzVBRdglSZWjlPvp3C6CfKGI
fLtzpZrNcnMo+qev0sP0hciwg+hPOVIoliF4K6bScHbj9/w4t3H4rRZHOcjCwo6r
prkIvN6AUILBlGwSunEkn635oKb2F7+1MDJbce5D0WJwcyLInaVKTFTLWajYnnGC
2UODZX9PCerVyplTJqVXiuyeXiYO5urgbBUjKb4q/n7dcu4krLvXzC1cRqopeV8w
RzsvhYl86jWTzB0R4Vr4T6voEM8GvOVqewZai2xn5OFP+nfLejEp+O4cCdAtuT98
SRCU5FtpRxd6eT7xH+ZLayY+LDu32ZMhSGEsE//cPTqH916t
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:47:45 2025 by rpki-client