Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vP-7WkkmFpKkpyLTu7HjmJzXYC0.roa
File: vP-7WkkmFpKkpyLTu7HjmJzXYC0.roa (raw, json)
Hash identifier: M8fRZa60KqvoqQurLa4kNAi+EIpisMXOZfvpL4rVFZg=
Subject key identifier: BC:FF:BB:5A:49:26:16:92:A4:A7:22:D3:BB:B1:E3:98:9C:D7:60:2D
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01927FB132D1A393A6850301C104F0191B1F
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vP-7WkkmFpKkpyLTu7HjmJzXYC0.roa
Signing time: Sat 12 Oct 2024 07:46:12 +0000
ROA not before: Sat 12 Oct 2024 07:46:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205227
IP address blocks: 2a09:a780::/30 maxlen: 30
2a09:a784::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7f:b1:32:d1:a3:93:a6:85:03:01:c1:04:f0:19:1b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 12 07:46:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcffbb5a49261692a4a722d3bbb1e3989cd7602d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:73:98:e1:d2:6c:d7:2b:7c:18:65:ef:bc:a4:
b0:b2:e2:b6:57:cc:a6:94:c5:32:9c:53:7d:b2:06:
53:a3:7f:ef:3c:25:c6:81:67:91:47:4c:a9:b7:29:
6f:55:ea:43:24:9a:cb:c9:e5:a8:ee:17:7f:65:74:
06:28:09:29:fa:db:be:fc:74:c5:2f:1e:c4:45:bd:
25:82:2c:12:07:c6:32:8f:88:81:d3:2c:65:c7:bf:
ee:8f:5f:44:eb:b7:08:9b:8c:6a:af:fa:fc:fb:21:
fa:6e:6b:13:7a:0b:1c:b4:93:12:54:73:fa:d5:59:
98:88:08:3f:04:5c:2e:d7:16:f9:e6:1c:5e:72:33:
30:11:38:b9:1f:a0:fc:f5:d9:da:06:c0:92:51:f5:
9f:92:22:6f:36:d2:48:08:4c:0c:3b:4d:da:b8:8a:
79:a2:9f:bb:4a:ad:af:47:bf:63:1f:7c:d3:cf:3b:
fd:b1:5f:62:b4:0c:b6:73:67:ac:05:e5:c7:45:d8:
ef:97:1e:b4:c1:4f:78:4c:90:e8:cc:6b:de:67:88:
2f:7b:a3:33:d1:3d:87:bb:4e:e9:ca:d2:8e:1b:c4:
a2:f5:3c:6c:0b:42:bb:e9:a0:5a:4d:f4:cd:17:15:
06:08:3d:fe:b4:78:9b:ff:73:56:65:86:fb:9c:34:
62:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FF:BB:5A:49:26:16:92:A4:A7:22:D3:BB:B1:E3:98:9C:D7:60:2D
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vP-7WkkmFpKkpyLTu7HjmJzXYC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a780::/29
Signature Algorithm: sha256WithRSAEncryption
89:c3:44:52:7c:9d:9a:8a:19:77:8a:5a:34:7e:02:bd:11:b3:
2b:dc:94:a0:a6:a4:17:ef:bd:0a:66:d9:24:ab:b4:ea:80:7b:
b2:4a:a0:3e:d8:ca:ec:aa:ac:61:8b:39:36:83:51:eb:7a:8c:
b6:3e:19:76:0e:d9:fa:19:96:1f:49:d9:5c:e6:7e:9a:90:66:
95:c8:36:55:15:cc:a8:12:4e:55:76:f6:42:e8:d7:2d:c4:d9:
a8:62:87:df:dc:e8:c7:dd:05:c4:2e:54:2d:cc:8d:6c:02:f6:
06:cc:61:2f:20:bd:f8:d6:4e:64:83:7e:db:f9:f5:ba:cb:0f:
8d:53:08:6c:9a:39:7e:85:11:77:0f:bc:80:ac:d8:2a:56:1f:
ce:5b:14:95:59:38:f9:b8:2a:b1:08:76:a5:0b:8b:fa:c7:6a:
bd:61:1e:89:39:b1:07:c4:57:91:3b:6c:ab:8a:e9:d9:c8:61:
f5:95:4e:79:9a:62:a2:96:e9:5e:20:9c:9d:08:29:63:55:e6:
a2:74:66:f3:c6:01:2d:d5:d4:49:d6:93:ea:b9:87:db:43:5b:
be:aa:df:af:07:a1:04:76:b9:5b:de:ac:52:9e:85:b7:84:67:
df:34:cb:58:4f:19:b8:dd:e6:b1:07:00:39:c2:16:30:74:e0:
c1:dc:ff:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ/sTLRo5OmhQMBwQTwGRsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQxMDEyMDc0NjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ZmYmI1YTQ5MjYxNjkyYTRhNzIyZDNiYmIxZTM5ODljZDc2MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnOY4dJs1yt8GGXvvKSwsuK2V8ym
lMUynFN9sgZTo3/vPCXGgWeRR0yptylvVepDJJrLyeWo7hd/ZXQGKAkp+tu+/HTF
Lx7ERb0lgiwSB8Yyj4iB0yxlx7/uj19E67cIm4xqr/r8+yH6bmsTegsctJMSVHP6
1VmYiAg/BFwu1xb55hxecjMwETi5H6D89dnaBsCSUfWfkiJvNtJICEwMO03auIp5
op+7Sq2vR79jH3zTzzv9sV9itAy2c2esBeXHRdjvlx60wU94TJDozGveZ4gve6Mz
0T2Hu07pytKOG8Si9TxsC0K76aBaTfTNFxUGCD3+tHib/3NWZYb7nDRioQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLz/u1pJJhaSpKci07ux45ic12AtMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvdlAtN1dra21GcEtrcHlMVHU3SGptSnpYWUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmngDAN
BgkqhkiG9w0BAQsFAAOCAQEAicNEUnydmooZd4paNH4CvRGzK9yUoKakF++9CmbZ
JKu06oB7skqgPtjK7KqsYYs5NoNR63qMtj4Zdg7Z+hmWH0nZXOZ+mpBmlcg2VRXM
qBJOVXb2QujXLcTZqGKH39zox90FxC5ULcyNbAL2BsxhLyC9+NZOZIN+2/n1ussP
jVMIbJo5foURdw+8gKzYKlYfzlsUlVk4+bgqsQh2pQuL+sdqvWEeiTmxB8RXkTts
q4rp2chh9ZVOeZpiopbpXiCcnQgpY1XmonRm88YBLdXUSdaT6rmH20Nbvqrfrweh
BHa5W96sUp6Ft4Rn3zTLWE8ZuN3msQcAOcIWMHTgwdz/Hw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:03:07 2025 by rpki-client