Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/I0zEXQPIhRNmZqdVlJl3NNqo61Q.roa
File: I0zEXQPIhRNmZqdVlJl3NNqo61Q.roa (raw, json)
Hash identifier: 58xN2CWD+IwLMI5NAKHJMM9u/jDF1kaDiVjo/V1O3TU=
Subject key identifier: 23:4C:C4:5D:03:C8:85:13:66:66:A7:55:94:99:77:34:DA:A8:EB:54
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0194093D9116BBAC246B644FD87DE2148F03
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/I0zEXQPIhRNmZqdVlJl3NNqo61Q.roa
Signing time: Fri 27 Dec 2024 17:50:17 +0000
ROA not before: Fri 27 Dec 2024 17:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205602
IP address blocks: 2a06:e881:116::/48 maxlen: 48
2a0a:79c0:b00::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:3d:91:16:bb:ac:24:6b:64:4f:d8:7d:e2:14:8f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Dec 27 17:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=234cc45d03c885136666a75594997734daa8eb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9b:37:32:76:8e:61:ee:6d:a9:40:1b:3e:22:
16:ab:d0:9b:85:ba:a7:ed:5a:f9:6a:6a:15:0b:90:
c7:e9:46:a4:b8:1b:b0:2a:fe:66:69:b7:c3:13:12:
e3:63:ba:69:c4:aa:7c:8d:3f:c4:b0:4e:ae:43:d1:
74:37:1a:e3:a1:80:0c:b7:6c:bf:a0:54:7d:0b:78:
6b:84:4c:d5:87:67:d2:68:a6:e6:54:ac:71:22:d9:
51:f1:05:27:ff:05:2a:e6:3f:26:02:18:3a:29:c0:
e8:5f:3e:65:c6:c1:54:8f:bb:00:4e:76:6d:d7:76:
e2:dd:60:27:fa:95:16:71:3f:7f:6f:ae:2c:ae:75:
cb:94:14:a6:0d:8c:59:36:ec:cb:04:18:f7:1f:90:
8e:f7:95:2e:31:23:c6:42:c6:b8:c4:b1:c0:09:da:
0e:51:29:f2:27:be:10:99:47:3e:55:d7:9c:85:4f:
9b:2a:84:ff:64:92:0e:4e:ee:db:9b:f5:c3:a1:aa:
55:91:b0:97:88:a8:3c:40:5b:92:01:73:c3:1b:57:
da:6b:b5:e7:10:95:14:8f:9f:15:8a:7e:cd:ce:5c:
73:e2:84:01:51:4d:b9:5b:e5:2b:23:c6:c3:c8:d2:
2a:53:30:43:41:97:42:b0:c6:aa:2f:e2:18:ca:7b:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4C:C4:5D:03:C8:85:13:66:66:A7:55:94:99:77:34:DA:A8:EB:54
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/I0zEXQPIhRNmZqdVlJl3NNqo61Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:116::/48
2a0a:79c0:b00::/40
Signature Algorithm: sha256WithRSAEncryption
d1:9c:3a:2d:dc:b8:64:08:2f:c1:ed:89:07:7b:50:a6:9d:56:
7b:b8:de:c3:61:0a:e9:c9:a0:fa:d4:84:2a:e3:5e:2a:d6:10:
6c:8a:bb:e8:51:f9:09:49:65:74:28:2a:4a:b0:69:90:41:34:
df:23:72:e6:ae:20:f8:f0:51:40:fa:21:a2:0a:1f:47:fc:68:
f6:34:3c:90:35:82:12:d1:6e:0c:72:81:f4:f7:7c:c1:c9:40:
d0:ab:01:c5:ad:36:2c:9a:a9:b3:7e:6c:e1:20:32:ec:96:7b:
74:3d:8f:bc:5e:74:a0:eb:58:7b:cb:2a:66:59:6b:84:a3:c5:
bf:f8:10:b0:e2:99:eb:84:30:a7:08:e7:92:4f:f7:4c:a6:6b:
81:24:b6:69:6f:fb:3c:32:2c:aa:07:77:32:1d:19:70:01:c5:
9d:3f:c5:cf:3b:43:0c:58:c9:11:ae:d8:e8:61:63:1e:08:36:
ce:a4:c4:55:9f:c8:f6:75:70:a3:b2:af:22:3d:11:50:c0:43:
97:74:04:ca:c9:f5:55:10:d2:2a:ea:9b:7f:69:36:b4:35:e8:
b0:3b:da:c4:39:b3:9f:15:73:95:3b:1b:c2:c4:de:dd:60:70:
15:46:5d:de:b1:36:5e:d5:71:3b:e8:5c:4b:49:fb:3f:16:e8:
9f:dd:3e:c4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQJPZEWu6wka2RP2H3iFI8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQxMjI3MTc1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRjYzQ1ZDAzYzg4NTEzNjY2NmE3NTU5NDk5NzczNGRhYThlYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJs3MnaOYe5tqUAbPiIWq9Cbhbqn
7Vr5amoVC5DH6UakuBuwKv5mabfDExLjY7ppxKp8jT/EsE6uQ9F0NxrjoYAMt2y/
oFR9C3hrhEzVh2fSaKbmVKxxItlR8QUn/wUq5j8mAhg6KcDoXz5lxsFUj7sATnZt
13bi3WAn+pUWcT9/b64srnXLlBSmDYxZNuzLBBj3H5CO95UuMSPGQsa4xLHACdoO
USnyJ74QmUc+VdechU+bKoT/ZJIOTu7bm/XDoapVkbCXiKg8QFuSAXPDG1faa7Xn
EJUUj58Vin7Nzlxz4oQBUU25W+UrI8bDyNIqUzBDQZdCsMaqL+IYynucOwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFCNMxF0DyIUTZmanVZSZdzTaqOtUMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvSTB6RVhRUEloUk5tWnFkVmxKbDNOTnFvNjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgbogQEW
AwYAKgp5wAswDQYJKoZIhvcNAQELBQADggEBANGcOi3cuGQIL8HtiQd7UKadVnu4
3sNhCunJoPrUhCrjXirWEGyKu+hR+QlJZXQoKkqwaZBBNN8jcuauIPjwUUD6IaIK
H0f8aPY0PJA1ghLRbgxygfT3fMHJQNCrAcWtNiyaqbN+bOEgMuyWe3Q9j7xedKDr
WHvLKmZZa4Sjxb/4ELDimeuEMKcI55JP90yma4Ektmlv+zwyLKoHdzIdGXABxZ0/
xc87QwxYyRGu2OhhYx4INs6kxFWfyPZ1cKOyryI9EVDAQ5d0BMrJ9VUQ0irqm39p
NrQ16LA72sQ5s58Vc5U7G8LE3t1gcBVGXd6xNl7VcTvoXEtJ+z8W6J/dPsQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:16:45 2025 by rpki-client