Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/byfZkmLSb7ajm_75Ax6iG_ZlCu4.roa
File: byfZkmLSb7ajm_75Ax6iG_ZlCu4.roa (raw, json)
Hash identifier: ER/6VxPqiJN/K5DSIpfRV2uSXC5bS6RfspWAI1iq+yg=
Subject key identifier: 6F:27:D9:92:62:D2:6F:B6:A3:9B:FE:F9:03:1E:A2:1B:F6:65:0A:EE
Certificate issuer: /CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Certificate serial: 018EAEC33D0CD1F53F6A959A6837A7745C13
Authority key identifier: 52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/byfZkmLSb7ajm_75Ax6iG_ZlCu4.roa
Signing time: Fri 05 Apr 2024 14:56:54 +0000
ROA not before: Fri 05 Apr 2024 14:56:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201299
IP address blocks: 2a11:ffc0::/29 maxlen: 42
Validation: Failed, certificate revoked on Tue 01 Oct 2024 12:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:c3:3d:0c:d1:f5:3f:6a:95:9a:68:37:a7:74:5c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Validity
Not Before: Apr 5 14:56:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f27d99262d26fb6a39bfef9031ea21bf6650aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cd:eb:02:cb:38:a2:6e:85:11:71:13:c6:7d:
85:fe:e7:5b:cb:1b:c3:ad:85:31:3b:16:cd:b5:a4:
ec:42:70:b5:c9:f8:62:dd:8e:88:28:47:e0:6e:2f:
0a:bb:99:49:30:df:84:e6:0d:7a:f9:8d:54:7f:da:
77:1e:a7:9d:78:36:bd:8a:e5:4e:9b:db:c6:07:0c:
2d:5a:e3:31:7b:88:6e:79:d2:25:f3:af:13:7c:e6:
63:de:78:53:77:9a:96:4f:6e:f5:88:50:5a:e8:96:
e7:50:79:54:68:19:9c:ab:88:0e:c4:4a:b8:c0:cb:
2d:a6:bb:f4:a3:23:fd:d2:7b:c7:43:a1:62:e4:9b:
f0:77:ce:9b:76:ca:15:48:49:e5:31:e1:2e:1a:cd:
e8:9f:0b:3e:bc:7f:ed:3d:32:30:13:30:72:86:a8:
b0:d1:7a:fd:86:9a:97:70:4a:60:e1:67:9f:01:60:
e2:b9:af:93:5a:a4:7d:92:b6:df:9b:1d:ce:ae:12:
c0:20:e8:df:65:1d:2e:81:c2:e9:16:57:ca:eb:b0:
ae:47:f5:9b:41:be:32:58:5b:c5:dd:46:1c:6b:9b:
2a:04:9f:e6:13:b1:b6:52:6f:e6:29:a2:ca:a3:30:
11:c8:62:6b:f1:1b:24:ca:6e:67:11:12:3a:29:65:
76:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:27:D9:92:62:D2:6F:B6:A3:9B:FE:F9:03:1E:A2:1B:F6:65:0A:EE
X509v3 Authority Key Identifier:
keyid:52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/byfZkmLSb7ajm_75Ax6iG_ZlCu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/UkEeUtq30L4mdDE7a10udL0RNg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
84:5e:73:53:fb:0c:94:cb:5f:61:e8:e5:87:8d:61:b8:51:aa:
5b:a8:32:71:6b:9f:d5:d5:10:92:5d:c3:4f:88:e0:5a:f8:4d:
ab:2f:ae:cc:d3:fd:ad:63:31:81:34:ca:df:51:cf:e2:ea:77:
25:de:10:79:36:c7:4a:6d:27:25:61:19:d6:59:df:99:ca:89:
2a:02:68:c1:48:68:65:d8:77:d8:f0:c4:78:c1:63:59:c7:f5:
15:5d:bb:8c:68:dc:bf:59:ab:e9:16:90:0e:e6:94:e3:8d:45:
8b:89:ee:bf:bc:e6:92:ba:00:f0:1e:92:4f:7b:a7:16:fa:3d:
77:20:7c:2c:1b:8e:ac:56:3e:61:6e:95:7e:77:af:82:24:43:
a8:ef:2e:21:d9:5f:39:fe:92:b5:5b:a3:f6:e7:a1:61:fd:79:
68:3b:2e:c5:93:28:02:f0:11:02:67:ca:57:d9:a5:8f:49:3c:
da:7b:97:3b:36:de:10:7e:4c:bd:6d:8b:aa:ec:5a:c9:48:e5:
ab:03:f8:8d:e1:62:51:1d:46:6e:5d:b0:34:42:84:d8:21:f3:
c7:d8:53:06:1f:dc:29:5d:1b:cc:bf:9c:84:1c:7d:d7:c0:b3:
de:fa:f4:d0:de:26:9e:64:d9:b5:21:02:f6:4f:a5:81:61:9a:
ff:45:9f:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY6uwz0M0fU/apWaaDendFwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDExZTUyZGFiN2QwYmUyNjc0MzEzYjZiNWQyZTc0YmQx
MTM2MGUwHhcNMjQwNDA1MTQ1NjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI3ZDk5MjYyZDI2ZmI2YTM5YmZlZjkwMzFlYTIxYmY2NjUwYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM3rAss4om6FEXETxn2F/udbyxvD
rYUxOxbNtaTsQnC1yfhi3Y6IKEfgbi8Ku5lJMN+E5g16+Y1Uf9p3HqedeDa9iuVO
m9vGBwwtWuMxe4huedIl868TfOZj3nhTd5qWT271iFBa6JbnUHlUaBmcq4gOxEq4
wMstprv0oyP90nvHQ6Fi5Jvwd86bdsoVSEnlMeEuGs3onws+vH/tPTIwEzByhqiw
0Xr9hpqXcEpg4WefAWDiua+TWqR9krbfmx3OrhLAIOjfZR0ugcLpFlfK67CuR/Wb
Qb4yWFvF3UYca5sqBJ/mE7G2Um/mKaLKozARyGJr8Rskym5nERI6KWV2GwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG8n2ZJi0m+2o5v++QMeohv2ZQruMB8GA1UdIwQY
MBaAFFJBHlLat9C+JnQxO2tdLnS9ETYOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzIt
ZDBjZmU0MzAxNmRlLzEvYnlmWmttTFNiN2FqbV83NUF4NmlHX1psQ3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzItZDBjZmU0MzAxNmRl
LzEvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhH/wDAN
BgkqhkiG9w0BAQsFAAOCAQEAhF5zU/sMlMtfYejlh41huFGqW6gycWuf1dUQkl3D
T4jgWvhNqy+uzNP9rWMxgTTK31HP4up3Jd4QeTbHSm0nJWEZ1lnfmcqJKgJowUho
Zdh32PDEeMFjWcf1FV27jGjcv1mr6RaQDuaU441Fi4nuv7zmkroA8B6ST3unFvo9
dyB8LBuOrFY+YW6VfnevgiRDqO8uIdlfOf6StVuj9uehYf15aDsuxZMoAvARAmfK
V9mlj0k82nuXOzbeEH5MvW2LquxayUjlqwP4jeFiUR1Gbl2wNEKE2CHzx9hTBh/c
KV0bzL+chBx918Cz3vr00N4mnmTZtSEC9k+lgWGa/0WfbA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:25 2025 by rpki-client