Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xVoK8QBWdwLV6SlFqKotaP-1nB4.roa
File: xVoK8QBWdwLV6SlFqKotaP-1nB4.roa (raw, json)
Hash identifier: 9lKuJBVLxg4t8fE95ECtFRzeZJGk/D1+rjZ4MOpq7L4=
Subject key identifier: C5:5A:0A:F1:00:56:77:02:D5:E9:29:45:A8:AA:2D:68:FF:B5:9C:1E
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019321CC2FF0332989F4DC575AB093DFB18A
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xVoK8QBWdwLV6SlFqKotaP-1nB4.roa
Signing time: Tue 12 Nov 2024 19:14:09 +0000
ROA not before: Tue 12 Nov 2024 19:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207083
IP address blocks: 2a0a:c3c5:9000::/36 maxlen: 36
2a10:c340:b000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 22 Nov 2024 06:46:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:cc:2f:f0:33:29:89:f4:dc:57:5a:b0:93:df:b1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Nov 12 19:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c55a0af100567702d5e92945a8aa2d68ffb59c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4d:7f:7d:88:3d:11:75:7e:83:1e:f8:1f:d3:
68:39:d2:05:58:47:d3:8e:42:05:d9:80:9b:57:01:
7c:71:aa:c4:5e:7b:3a:17:e2:61:8f:08:c8:39:c5:
9b:bc:82:b6:2f:88:47:a8:41:93:82:32:37:a6:03:
ca:90:9e:ae:db:8d:4f:8e:a0:37:c9:61:bc:bc:ca:
96:86:29:29:55:d3:07:70:a8:22:fb:47:c5:8a:37:
44:72:73:d2:1f:9f:14:2b:f1:69:e7:65:40:e1:8c:
fd:e7:9a:8a:91:38:f2:c0:39:88:37:ba:b4:98:2f:
bd:9a:f9:ba:c9:70:b0:04:2f:0c:82:f1:61:1e:62:
0e:67:e9:5c:45:98:80:e8:09:57:d1:89:1b:f3:4b:
4c:f5:34:2e:c5:7f:61:c6:6c:02:5c:68:d6:95:b4:
bb:b1:9d:cf:89:bd:f6:eb:3e:a9:d4:94:d4:cd:af:
b0:d0:6d:4f:17:a6:18:56:e1:16:5a:9a:ea:02:d5:
91:68:f2:ec:10:ce:95:f9:cb:8b:01:67:2d:be:14:
a0:ba:16:12:b8:46:d9:b5:f6:f3:4b:be:83:07:a0:
b0:a1:75:24:36:1a:86:b5:58:83:b4:a1:d2:8c:af:
43:b5:37:c7:33:af:f9:24:f4:bc:37:55:34:b6:7f:
dc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5A:0A:F1:00:56:77:02:D5:E9:29:45:A8:AA:2D:68:FF:B5:9C:1E
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xVoK8QBWdwLV6SlFqKotaP-1nB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:c3c5:9000::/36
2a10:c340:b000::/36
Signature Algorithm: sha256WithRSAEncryption
7f:08:b5:5f:d7:c0:99:87:43:d7:7c:e2:d4:f0:10:27:e9:2b:
42:a1:de:91:be:cd:23:0d:41:4c:81:f1:b4:d9:69:68:9c:d3:
c7:c0:a7:2a:47:bc:62:a6:99:de:36:66:bb:d9:5f:b2:24:b5:
f6:73:06:4c:59:66:6b:ba:45:66:48:0e:0b:b8:ba:cb:b1:93:
7b:b5:32:88:3d:40:43:40:e1:cc:b8:d2:e3:55:45:5f:bd:bb:
44:bf:e7:54:a7:ba:77:b5:6b:af:d0:02:9a:90:74:37:8a:dd:
d1:d7:94:fb:a9:de:6e:a0:79:7e:cc:de:74:12:e8:6c:74:0b:
12:d1:6c:37:99:bd:6a:7f:75:71:f2:d5:6e:fe:a1:46:fd:20:
ce:9c:d3:52:76:54:bc:26:32:b6:3d:5a:c1:2f:b6:77:b6:12:
c7:60:82:a6:b5:ad:6c:a4:71:3c:26:aa:b6:4a:52:4c:6a:df:
7a:34:67:f7:8a:b0:6c:a0:34:61:9c:d5:3e:d2:b2:e5:30:1d:
90:ab:07:62:8b:5d:ee:da:d8:c7:f4:f6:dc:d8:91:95:80:b6:
be:b8:bb:42:c7:1a:c0:99:1c:87:7a:f2:3b:f0:e3:f0:97:70:
08:10:ca:3b:a4:de:de:2c:4c:cf:7d:5c:f2:9b:4b:2d:78:8d:
80:b3:71:4f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZMhzC/wMymJ9NxXWrCT37GKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMTEyMTkxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVhMGFmMTAwNTY3NzAyZDVlOTI5NDVhOGFhMmQ2OGZmYjU5YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq01/fYg9EXV+gx74H9NoOdIFWEfT
jkIF2YCbVwF8carEXns6F+JhjwjIOcWbvIK2L4hHqEGTgjI3pgPKkJ6u241PjqA3
yWG8vMqWhikpVdMHcKgi+0fFijdEcnPSH58UK/Fp52VA4Yz955qKkTjywDmIN7q0
mC+9mvm6yXCwBC8MgvFhHmIOZ+lcRZiA6AlX0Ykb80tM9TQuxX9hxmwCXGjWlbS7
sZ3Pib326z6p1JTUza+w0G1PF6YYVuEWWprqAtWRaPLsEM6V+cuLAWctvhSguhYS
uEbZtfbzS76DB6CwoXUkNhqGtViDtKHSjK9DtTfHM6/5JPS8N1U0tn/cXQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMVaCvEAVncC1ekpRaiqLWj/tZweMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEveFZvSzhRQldkd0xWNlNsRnFLb3RhUC0xbkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKgrDxZAD
BgQqEMNAsDANBgkqhkiG9w0BAQsFAAOCAQEAfwi1X9fAmYdD13zi1PAQJ+krQqHe
kb7NIw1BTIHxtNlpaJzTx8CnKke8YqaZ3jZmu9lfsiS19nMGTFlma7pFZkgOC7i6
y7GTe7UyiD1AQ0DhzLjS41VFX727RL/nVKe6d7Vrr9ACmpB0N4rd0deU+6nebqB5
fszedBLobHQLEtFsN5m9an91cfLVbv6hRv0gzpzTUnZUvCYytj1awS+2d7YSx2CC
prWtbKRxPCaqtkpSTGrfejRn94qwbKA0YZzVPtKy5TAdkKsHYotd7trYx/T23NiR
lYC2vri7QscawJkch3ryO/Dj8JdwCBDKO6Te3ixMz31c8ptLLXiNgLNxTw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:15 2025 by rpki-client