Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/aZzOBUyJYXLxPltq05sRC3v6-c4.roa
File: aZzOBUyJYXLxPltq05sRC3v6-c4.roa (raw, json)
Hash identifier: lNkhr/aDLXjq7PqD46lz3yAkcJwa5L9+3P2ANx6//oI=
Subject key identifier: 69:9C:CE:05:4C:89:61:72:F1:3E:5B:6A:D3:9B:11:0B:7B:FA:F9:CE
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D5BD6F5E10E0255548F4A2579220A5469
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/aZzOBUyJYXLxPltq05sRC3v6-c4.roa
Signing time: Tue 30 Jan 2024 19:27:10 +0000
ROA not before: Tue 30 Jan 2024 19:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47316
IP address blocks: 2a12:c6c7:100::/40 maxlen: 48
2a12:c6c7:200::/40 maxlen: 48
2a12:c6c7:300::/40 maxlen: 48
2a12:c6c7:400::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Feb 2024 05:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:d6:f5:e1:0e:02:55:54:8f:4a:25:79:22:0a:54:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Jan 30 19:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699cce054c896172f13e5b6ad39b110b7bfaf9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:be:dd:37:e9:a4:91:67:54:8c:df:06:2a:ae:
50:1e:02:3e:d0:0e:21:58:05:87:fb:fc:9c:0c:9e:
ca:ed:79:c2:aa:80:4b:9d:08:50:44:1d:51:be:03:
a3:a8:47:57:ad:a3:1b:0c:46:1e:bd:d4:3d:fd:f7:
8d:79:d7:6e:d6:52:75:ac:05:a5:28:c4:be:ae:11:
51:a8:34:b4:5b:69:b1:68:3e:b8:56:fb:49:74:a1:
50:ae:c8:86:23:de:83:6c:88:95:f5:07:ee:0a:fe:
2c:66:9e:be:15:72:fe:73:37:7d:87:2c:93:2c:6b:
ce:56:83:10:7f:3b:46:dd:a9:a2:58:93:72:bf:84:
82:6f:0b:f4:f1:08:10:c2:9e:7f:c4:fc:a3:e4:a4:
1c:e5:73:96:dd:03:4c:e4:82:88:9f:cf:af:c3:34:
dc:1b:5e:f8:e9:bc:92:05:92:63:52:36:68:e9:3e:
82:25:e3:ea:b6:65:17:5f:5b:18:53:f1:e3:25:88:
67:dd:cb:f2:7f:e1:0a:3a:1b:8a:66:eb:f7:3c:86:
f9:39:6d:b4:29:c7:40:e0:27:36:fa:37:f7:36:6d:
4d:c5:a2:1e:94:63:29:1f:c3:cf:99:83:63:5b:eb:
9b:51:42:43:2d:a0:aa:9d:1c:4e:6d:03:67:cb:05:
ca:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9C:CE:05:4C:89:61:72:F1:3E:5B:6A:D3:9B:11:0B:7B:FA:F9:CE
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/aZzOBUyJYXLxPltq05sRC3v6-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c7:100::-2a12:c6c7:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:09:bc:56:71:0e:ec:1a:77:81:11:d9:e9:c1:a4:68:cd:83:
b8:6b:89:11:84:e2:b4:f5:38:9e:7c:00:25:bb:67:ad:18:3e:
c4:5d:5b:79:7f:46:07:91:dc:27:93:9d:9c:e7:0b:2a:c1:8e:
c0:a2:e1:c2:8f:f2:75:b0:6e:a9:ac:a5:a7:3f:73:aa:6f:12:
45:db:18:da:cd:de:05:e9:88:2d:7e:46:81:af:b9:9c:f6:95:
57:21:40:28:28:d9:77:fa:50:84:2a:89:a2:37:52:14:d7:8c:
c3:22:93:83:d3:f5:c0:28:e3:54:df:96:96:b1:69:b4:1a:3c:
a7:29:83:77:a5:e0:34:31:fb:ea:99:45:8a:5e:19:86:3f:86:
e9:09:bc:ea:f3:eb:be:c0:c3:01:07:fc:1b:dc:a1:6f:66:bd:
b9:22:5c:47:b3:52:ac:38:b5:5d:96:6b:be:aa:7e:2d:4a:e4:
67:1b:0d:cd:c9:64:06:27:ff:2e:b3:0c:ad:ee:e4:e3:8b:59:
6a:b8:3b:26:10:b7:ce:db:f6:bb:4e:f2:a7:1c:f0:90:55:6e:
5a:ed:4f:80:f5:5c:93:f1:bc:09:55:ac:ac:67:cd:1f:49:78:
9c:12:5c:4b:52:83:f3:68:4f:83:03:10:10:65:4c:6d:ad:24:
0a:ab:a5:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1b1vXhDgJVVI9KJXkiClRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMTMwMTkyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTljY2UwNTRjODk2MTcyZjEzZTViNmFkMzliMTEwYjdiZmFmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr77dN+mkkWdUjN8GKq5QHgI+0A4h
WAWH+/ycDJ7K7XnCqoBLnQhQRB1RvgOjqEdXraMbDEYevdQ9/feNeddu1lJ1rAWl
KMS+rhFRqDS0W2mxaD64VvtJdKFQrsiGI96DbIiV9QfuCv4sZp6+FXL+czd9hyyT
LGvOVoMQfztG3amiWJNyv4SCbwv08QgQwp5/xPyj5KQc5XOW3QNM5IKIn8+vwzTc
G1746bySBZJjUjZo6T6CJePqtmUXX1sYU/HjJYhn3cvyf+EKOhuKZuv3PIb5OW20
KcdA4Cc2+jf3Nm1NxaIelGMpH8PPmYNjW+ubUUJDLaCqnRxObQNnywXK2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGmczgVMiWFy8T5batObEQt7+vnOMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvYVp6T0JVeUpZWEx4UGx0cTA1c1JDM3Y2LWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqEsbH
AQMGACoSxscEMA0GCSqGSIb3DQEBCwUAA4IBAQAeCbxWcQ7sGneBEdnpwaRozYO4
a4kRhOK09TiefAAlu2etGD7EXVt5f0YHkdwnk52c5wsqwY7AouHCj/J1sG6prKWn
P3OqbxJF2xjazd4F6YgtfkaBr7mc9pVXIUAoKNl3+lCEKomiN1IU14zDIpOD0/XA
KONU35aWsWm0GjynKYN3peA0MfvqmUWKXhmGP4bpCbzq8+u+wMMBB/wb3KFvZr25
IlxHs1KsOLVdlmu+qn4tSuRnGw3NyWQGJ/8uswyt7uTji1lquDsmELfO2/a7TvKn
HPCQVW5a7U+A9VyT8bwJVaysZ80fSXicElxLUoPzaE+DAxAQZUxtrSQKq6We
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:33:36 2025 by rpki-client