Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/vz2OjwRyxTaDTRaRfWJJ84O_uS4.roa
File: vz2OjwRyxTaDTRaRfWJJ84O_uS4.roa (raw, json)
Hash identifier: E0FO/365HVn5tuWj6zvfBjGXaJtxlLHLGNnHjQi2Jwg=
Subject key identifier: BF:3D:8E:8F:04:72:C5:36:83:4D:16:91:7D:62:49:F3:83:BF:B9:2E
Certificate issuer: /CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Certificate serial: 01928FD3BED8D4DFBBC594055F59C18B5BAA
Authority key identifier: F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/vz2OjwRyxTaDTRaRfWJJ84O_uS4.roa
Signing time: Tue 15 Oct 2024 10:57:51 +0000
ROA not before: Tue 15 Oct 2024 10:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 2a0e:dc00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 24 Oct 2024 11:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:d3:be:d8:d4:df:bb:c5:94:05:5f:59:c1:8b:5b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Validity
Not Before: Oct 15 10:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf3d8e8f0472c536834d16917d6249f383bfb92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4c:9d:2a:b9:81:13:4c:f4:b1:27:c9:2a:16:
f3:05:5a:4a:d1:21:d9:a1:2d:04:15:ce:d9:76:b4:
14:b6:a8:4d:52:07:9e:55:70:0e:bb:f2:f6:ad:76:
ce:09:a5:3f:98:04:21:7a:26:3e:ce:30:3d:60:7b:
19:6b:55:4f:c9:8e:16:a9:b8:de:77:90:ba:d5:e4:
77:35:60:c9:08:a4:19:37:c4:f1:13:c1:32:05:4a:
89:fd:ba:47:b8:d5:44:55:4e:7c:c1:2f:fe:0b:7a:
cc:24:83:35:9b:fa:81:7a:82:02:6f:dd:ac:6f:eb:
92:fe:ae:ea:28:50:5d:08:35:9c:29:2c:56:55:cc:
a6:e2:38:15:05:92:91:81:38:c0:e8:82:df:f6:ee:
84:8a:9c:b2:22:02:62:89:c0:53:6f:05:51:48:39:
ed:b8:05:58:fa:6c:10:39:d0:3c:8c:f0:29:16:1d:
f9:c6:1e:aa:bc:a0:00:d3:51:63:09:58:ec:83:e8:
be:33:cc:60:96:38:21:71:4e:d1:15:fd:48:96:f4:
27:fd:14:03:c4:bc:46:59:97:67:57:e9:44:eb:68:
4d:8e:5d:de:82:6c:52:a0:42:fa:b0:93:91:9a:fe:
8c:4d:8e:50:fa:99:7e:48:44:cf:08:db:b1:7f:91:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3D:8E:8F:04:72:C5:36:83:4D:16:91:7D:62:49:F3:83:BF:B9:2E
X509v3 Authority Key Identifier:
keyid:F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/vz2OjwRyxTaDTRaRfWJJ84O_uS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
63:46:e8:b7:bf:ac:0c:4a:b2:73:e4:b4:9b:13:44:d8:42:c9:
21:a2:bc:13:32:a9:c3:26:ce:b3:c0:84:d2:38:f3:81:84:f9:
bb:7b:74:6c:72:e7:66:3f:62:37:5b:42:5d:64:f4:20:f7:ec:
ec:27:31:4e:75:96:a3:24:df:de:f6:fb:72:19:f6:70:b9:b8:
11:bd:4e:09:be:8f:e7:ed:12:15:37:24:2e:18:bf:8f:c4:81:
70:d4:2b:00:17:4c:dd:bf:4a:02:45:71:14:29:cc:1e:d7:11:
2b:29:54:94:13:12:ca:8d:73:50:34:7d:e7:c4:13:cb:b8:e6:
4d:7c:eb:6a:dd:74:d5:83:56:52:30:87:9a:91:e0:d8:e0:e6:
3e:f0:f2:f8:6f:08:81:1b:d9:02:c9:27:02:fd:94:e3:e8:87:
f3:b0:88:06:44:52:de:03:57:d6:cc:c7:d4:b5:6f:67:18:55:
4b:88:95:92:7a:80:f5:dc:0e:b9:07:43:87:36:9b:e1:21:44:
50:96:de:79:fa:b2:ac:08:b0:19:2e:41:ee:ad:b1:98:dc:db:
de:2a:2a:8a:03:b7:b4:f2:a2:94:f8:c4:c2:3c:e3:4c:ec:c8:
91:59:8d:0f:7f:7b:23:e7:2a:04:6f:41:7e:71:ef:36:a9:54:
14:1c:35:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZKP077Y1N+7xZQFX1nBi1uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDZkZGVlMzRjNWJiOGVjMGViOTE5Y2UyNjU2YmYwY2Q4
NTVkNTQwHhcNMjQxMDE1MTA1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNkOGU4ZjA0NzJjNTM2ODM0ZDE2OTE3ZDYyNDlmMzgzYmZiOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUydKrmBE0z0sSfJKhbzBVpK0SHZ
oS0EFc7ZdrQUtqhNUgeeVXAOu/L2rXbOCaU/mAQheiY+zjA9YHsZa1VPyY4Wqbje
d5C61eR3NWDJCKQZN8TxE8EyBUqJ/bpHuNVEVU58wS/+C3rMJIM1m/qBeoICb92s
b+uS/q7qKFBdCDWcKSxWVcym4jgVBZKRgTjA6ILf9u6EipyyIgJiicBTbwVRSDnt
uAVY+mwQOdA8jPApFh35xh6qvKAA01FjCVjsg+i+M8xgljghcU7RFf1IlvQn/RQD
xLxGWZdnV+lE62hNjl3egmxSoEL6sJORmv6MTY5Q+pl+SETPCNuxf5GD2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL89jo8EcsU2g00WkX1iSfODv7kuMB8GA1UdIwQY
MBaAFPjW3e40xbuOwOuRnOJla/DNhV1UMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OYmQ3alRGdTQ3QTY1R2M0bVZyOE0yRlhWUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZi
LTA5NGQwZGIxYWQyYy8xL3Z6Mk9qd1J5eFRhRFRSYVJmV0pKODRPX3VTNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZiLTA5NGQwZGIxYWQy
Yy8xLzEtTmJkN2pURnU0N0E2NUdjNG1WcjhNMkZYVlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqDtwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjRui3v6wMSrJz5LSbE0TYQskhorwTMqnDJs6z
wITSOPOBhPm7e3RscudmP2I3W0JdZPQg9+zsJzFOdZajJN/e9vtyGfZwubgRvU4J
vo/n7RIVNyQuGL+PxIFw1CsAF0zdv0oCRXEUKcwe1xErKVSUExLKjXNQNH3nxBPL
uOZNfOtq3XTVg1ZSMIeakeDY4OY+8PL4bwiBG9kCyScC/ZTj6IfzsIgGRFLeA1fW
zMfUtW9nGFVLiJWSeoD13A65B0OHNpvhIURQlt55+rKsCLAZLkHurbGY3NveKiqK
A7e08qKU+MTCPONM7MiRWY0Pf3sj5yoEb0F+ce82qVQUHDVe
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:19:41 2025 by rpki-client