Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/7Z2YLCWSaWm0PdqyqOpW3BICfqo.roa
File: 7Z2YLCWSaWm0PdqyqOpW3BICfqo.roa (raw, json)
Hash identifier: zVJ5iC9VkhEQlofnlX3DPCNvxc3S74ko1VpTTta0ckc=
Subject key identifier: ED:9D:98:2C:25:92:69:69:B4:3D:DA:B2:A8:EA:56:DC:12:02:7E:AA
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01934AFA7CED5DC4F5FB84F51E8A54452B4F
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/7Z2YLCWSaWm0PdqyqOpW3BICfqo.roa
Signing time: Wed 20 Nov 2024 19:09:10 +0000
ROA not before: Wed 20 Nov 2024 19:09:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:e881:7700::/40 maxlen: 48
2a0a:79c0:a00::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 28 Nov 2024 18:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:fa:7c:ed:5d:c4:f5:fb:84:f5:1e:8a:54:45:2b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Nov 20 19:09:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9d982c25926969b43ddab2a8ea56dc12027eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f1:2d:a9:5b:a4:de:7a:de:15:05:58:1a:22:
24:ab:fb:1b:30:5b:4d:c3:96:64:2e:26:e7:41:35:
51:d8:1e:e3:2d:80:38:13:74:5e:da:0e:1c:06:2c:
a8:d5:a3:a3:c2:61:20:43:1d:96:3b:7c:e3:5e:ee:
13:59:bf:b0:9b:97:03:44:fd:c9:e8:5b:13:bf:24:
9f:85:20:4f:0c:3c:dd:75:92:f5:83:83:bd:dd:40:
c6:57:18:10:fb:ee:60:9a:da:19:d6:0f:99:45:f7:
41:74:c6:57:a2:14:60:73:21:2d:11:59:7a:30:b6:
66:5b:a0:58:9e:94:1c:15:b6:ae:22:d0:8e:90:b9:
8f:78:51:6b:fb:7a:44:15:46:9d:82:8f:1b:7f:e8:
a3:24:48:88:12:16:5b:13:a2:f4:d2:92:f7:7e:0b:
6c:7d:50:bc:4a:d7:f8:59:f0:cc:dc:c6:f9:c4:71:
28:f6:e2:1a:2f:66:ae:e3:f3:99:86:6c:bc:b1:07:
80:f5:1f:65:b2:a1:b7:c3:c8:76:44:53:1f:ec:f1:
ed:7d:b1:2d:df:ef:ea:53:0e:09:a4:98:61:c7:19:
a8:31:51:2d:68:e2:a9:3d:84:3d:a7:0f:77:b9:12:
20:e1:8d:50:38:ea:28:af:fe:cd:c8:8f:9b:25:fe:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9D:98:2C:25:92:69:69:B4:3D:DA:B2:A8:EA:56:DC:12:02:7E:AA
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/7Z2YLCWSaWm0PdqyqOpW3BICfqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:7700::/40
2a0a:79c0:a00::/44
Signature Algorithm: sha256WithRSAEncryption
53:5f:85:bc:c0:1e:13:98:b0:a7:1c:5e:4b:42:3e:79:af:1a:
06:8a:3c:08:14:b2:c2:1b:33:62:5b:48:ea:4e:f6:b7:c7:6a:
3a:dd:aa:a3:32:55:aa:6a:50:e4:28:15:ed:a9:f4:75:79:e9:
07:11:ba:a2:03:54:0b:66:c6:6f:6a:9c:50:53:c5:dc:35:35:
36:44:d4:bf:28:fa:c9:98:00:72:8b:7b:92:31:7a:10:c8:09:
4e:90:18:44:99:e4:51:af:34:5b:82:ca:4e:b6:4c:8f:c8:01:
21:9a:82:a4:84:6c:d7:ac:41:e8:26:46:10:6d:52:0a:e5:62:
4a:61:11:28:08:61:22:d7:f2:b9:12:ef:33:9e:70:16:17:16:
7f:e1:43:ba:f3:a3:a8:2d:74:70:db:8a:42:56:f6:21:ee:fd:
c2:4a:3b:a2:3b:02:6f:db:33:11:39:8b:b0:87:ce:f5:e0:c5:
0d:c3:8b:cb:12:65:77:b3:7d:71:79:cf:42:15:17:22:ba:91:
dc:c0:6f:85:30:68:73:9e:c5:6c:f6:36:79:7b:3a:38:66:ff:
5e:df:62:7d:a4:92:a7:ea:f3:02:6f:e3:99:ac:51:1b:7a:f8:
7f:d9:00:8a:d7:07:d9:34:4f:c2:19:37:c1:8b:85:96:15:4a:
fc:ca:80:6c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZNK+nztXcT1+4T1HopURStPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQxMTIwMTkwOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDlkOTgyYzI1OTI2OTY5YjQzZGRhYjJhOGVhNTZkYzEyMDI3ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vEtqVuk3nreFQVYGiIkq/sbMFtN
w5ZkLibnQTVR2B7jLYA4E3Re2g4cBiyo1aOjwmEgQx2WO3zjXu4TWb+wm5cDRP3J
6FsTvySfhSBPDDzddZL1g4O93UDGVxgQ++5gmtoZ1g+ZRfdBdMZXohRgcyEtEVl6
MLZmW6BYnpQcFbauItCOkLmPeFFr+3pEFUadgo8bf+ijJEiIEhZbE6L00pL3fgts
fVC8Stf4WfDM3Mb5xHEo9uIaL2au4/OZhmy8sQeA9R9lsqG3w8h2RFMf7PHtfbEt
3+/qUw4JpJhhxxmoMVEtaOKpPYQ9pw93uRIg4Y1QOOoor/7NyI+bJf6l5wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFO2dmCwlkmlptD3asqjqVtwSAn6qMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvN1oyWUxDV1NhV20wUGRxeXFPcFczQklDZnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKgbogXcD
BwQqCnnACgAwDQYJKoZIhvcNAQELBQADggEBAFNfhbzAHhOYsKccXktCPnmvGgaK
PAgUssIbM2JbSOpO9rfHajrdqqMyVapqUOQoFe2p9HV56QcRuqIDVAtmxm9qnFBT
xdw1NTZE1L8o+smYAHKLe5IxehDICU6QGESZ5FGvNFuCyk62TI/IASGagqSEbNes
QegmRhBtUgrlYkphESgIYSLX8rkS7zOecBYXFn/hQ7rzo6gtdHDbikJW9iHu/cJK
O6I7Am/bMxE5i7CHzvXgxQ3Di8sSZXezfXF5z0IVFyK6kdzAb4UwaHOexWz2Nnl7
Ojhm/17fYn2kkqfq8wJv45msURt6+H/ZAIrXB9k0T8IZN8GLhZYVSvzKgGw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:44 2025 by rpki-client