Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-exKtRbbKLh9NGtBizbU6Qs91nY.roa
File: 1-exKtRbbKLh9NGtBizbU6Qs91nY.roa (raw, json)
Hash identifier: lpGUGnwnf3JuDnYve72WAVx+p0Jo5z0gOwnEBvUU/as=
Subject key identifier: F9:EC:4A:B5:16:DB:28:B8:7D:34:6B:41:8B:36:D4:E9:0B:3D:D6:76
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E6E8F49975C2F9702E23089431BCB
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-exKtRbbKLh9NGtBizbU6Qs91nY.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43443
IP address blocks: 2a03:9c00:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6e:8f:49:97:5c:2f:97:02:e2:30:89:43:1b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ec4ab516db28b87d346b418b36d4e90b3dd676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:95:a3:32:b2:bd:4a:fd:0c:0e:59:09:51:80:
df:ee:9c:cc:42:5b:9c:39:b9:ed:2c:77:97:02:d6:
9a:24:64:b1:52:73:72:eb:65:aa:8e:e5:a6:9e:32:
20:d4:8d:63:b3:49:16:65:3a:f5:82:43:0d:3b:1d:
95:36:ce:52:d3:b0:de:4f:16:3c:a9:5d:86:1a:a7:
b8:80:bd:47:75:57:74:04:09:b2:8b:32:fe:9d:85:
6e:e8:b6:85:12:1a:6a:33:a0:d4:42:81:d0:4f:eb:
43:be:42:a4:c0:f3:6f:c0:3b:11:2f:ea:98:c1:13:
13:42:85:10:83:fe:89:a2:f3:d4:b1:df:e7:15:ca:
53:e4:4f:29:a0:ed:82:2b:85:ab:57:03:7b:32:63:
32:18:8b:85:67:8f:a2:67:70:0a:c1:19:3f:9c:2d:
3d:5d:b9:9d:71:de:c9:92:a3:f2:00:a1:b9:07:a4:
c6:69:12:68:47:63:39:1c:09:bf:7a:46:a8:83:c3:
03:1e:48:53:13:e8:62:c0:c5:4a:43:e3:4a:66:a3:
3e:79:01:0a:ad:c4:91:7f:7d:59:f3:be:09:4b:d9:
d3:ff:d2:c4:70:a3:53:28:44:ec:bf:8b:5f:42:d2:
0f:21:b7:9f:22:62:22:1e:d6:08:4e:80:9e:0f:35:
54:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EC:4A:B5:16:DB:28:B8:7D:34:6B:41:8B:36:D4:E9:0B:3D:D6:76
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1-exKtRbbKLh9NGtBizbU6Qs91nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:a::/48
Signature Algorithm: sha256WithRSAEncryption
c2:0c:a6:ae:4f:66:d5:24:fd:87:3c:63:81:d4:cb:ef:46:4f:
c5:e7:a6:15:9f:e1:fd:e2:29:d3:80:05:db:b7:b4:7a:b0:d1:
3f:82:67:24:c8:bf:24:7d:e2:6e:d9:a9:4c:49:54:dd:1b:e9:
91:75:33:b9:03:7a:05:9a:41:c0:f8:57:b1:0b:26:07:6d:5d:
c9:54:9e:fc:b1:27:b3:af:32:88:72:62:4a:26:43:f4:37:df:
e2:cb:e0:d5:f9:73:ad:ca:8a:16:6d:45:78:86:e6:48:77:03:
90:1d:8d:3b:c1:c3:19:93:cd:77:71:9d:30:c8:bd:cb:cb:f6:
5f:ab:fb:5f:0b:85:5b:0d:07:32:a6:fd:02:1b:bc:69:d2:85:
f1:f9:40:0e:69:81:26:11:59:68:49:b0:6c:65:3a:1e:be:99:
ce:89:54:e1:67:80:14:71:f1:d9:64:fb:a1:ad:b3:a8:d9:03:
08:ce:04:ed:ab:1f:f6:8c:c4:7c:e4:f2:14:87:0d:d5:1f:73:
b5:56:7a:9e:e9:2c:c6:bf:dd:92:55:a5:35:48:a6:82:20:c5:
27:aa:be:6d:7b:7e:46:1b:5a:47:a1:3e:ec:5f:f5:ed:6e:15:
9a:c9:7c:71:57:8c:ea:00:17:15:a8:4f:bc:4d:d9:31:a9:b1:
1f:36:f4:a5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzJTm6PSZdcL5cC4jCJQxvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVjNGFiNTE2ZGIyOGI4N2QzNDZiNDE4YjM2ZDRlOTBiM2RkNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5WjMrK9Sv0MDlkJUYDf7pzMQluc
ObntLHeXAtaaJGSxUnNy62WqjuWmnjIg1I1js0kWZTr1gkMNOx2VNs5S07DeTxY8
qV2GGqe4gL1HdVd0BAmyizL+nYVu6LaFEhpqM6DUQoHQT+tDvkKkwPNvwDsRL+qY
wRMTQoUQg/6JovPUsd/nFcpT5E8poO2CK4WrVwN7MmMyGIuFZ4+iZ3AKwRk/nC09
Xbmdcd7JkqPyAKG5B6TGaRJoR2M5HAm/ekaog8MDHkhTE+hiwMVKQ+NKZqM+eQEK
rcSRf31Z874JS9nT/9LEcKNTKETsv4tfQtIPIbefImIiHtYIToCeDzVUwQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPnsSrUW2yi4fTRrQYs21OkLPdZ2MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvMS1leEt0UmJiS0xoOU5HdEJpemJVNlFzOTFuWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVj
Mi8xLzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoDnAAA
CjANBgkqhkiG9w0BAQsFAAOCAQEAwgymrk9m1ST9hzxjgdTL70ZPxeemFZ/h/eIp
04AF27e0erDRP4JnJMi/JH3ibtmpTElU3RvpkXUzuQN6BZpBwPhXsQsmB21dyVSe
/LEns68yiHJiSiZD9Dff4svg1flzrcqKFm1FeIbmSHcDkB2NO8HDGZPNd3GdMMi9
y8v2X6v7XwuFWw0HMqb9Ahu8adKF8flADmmBJhFZaEmwbGU6Hr6ZzolU4WeAFHHx
2WT7oa2zqNkDCM4E7asf9ozEfOTyFIcN1R9ztVZ6nuksxr/dklWlNUimgiDFJ6q+
bXt+RhtaR6E+7F/17W4Vmsl8cVeM6gAXFahPvE3ZMamxHzb0pQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:06:28 2025 by rpki-client