Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/iby67bEcnLElXCeK2EAa6BXTKSE.roa
File: iby67bEcnLElXCeK2EAa6BXTKSE.roa (raw, json)
Hash identifier: OZwFj7DDlrGydoR36osb8WFxWIOXyS3wAB6K41LQ6Fw=
Subject key identifier: 89:BC:BA:ED:B1:1C:9C:B1:25:5C:27:8A:D8:40:1A:E8:15:D3:29:21
Certificate issuer: /CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Certificate serial: 0193AB035467176A664B0401C738114E1E4F
Authority key identifier: DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/iby67bEcnLElXCeK2EAa6BXTKSE.roa
Signing time: Mon 09 Dec 2024 10:42:22 +0000
ROA not before: Mon 09 Dec 2024 10:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216246
IP address blocks: 2a01:e5c0::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 13 Dec 2024 18:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:03:54:67:17:6a:66:4b:04:01:c7:38:11:4e:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da7d5fca1e469929d4a8b6f57af3cbcdc639a35e
Validity
Not Before: Dec 9 10:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89bcbaedb11c9cb1255c278ad8401ae815d32921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:e5:c7:6e:4d:58:d4:55:08:c0:14:2b:29:
0e:e5:9d:b8:8a:f4:a5:71:a8:c4:65:a0:76:9b:5d:
0c:ac:dc:0d:9c:67:b4:75:13:0a:6c:01:d1:c4:4c:
bc:80:50:b8:75:0d:6f:42:da:ea:4b:90:1f:ea:09:
f8:0f:dc:0a:bf:f4:36:23:24:82:fb:79:ec:dd:dc:
5a:5f:64:f3:46:fb:d2:f7:fb:61:1a:9c:a1:ec:d6:
8a:75:c7:fa:62:7e:75:02:30:56:f8:c4:6f:f3:6d:
49:ab:66:2c:47:7a:54:80:d1:b8:81:c6:bb:8d:fd:
4a:55:0e:0e:13:22:0f:7b:d1:94:fa:47:cd:85:3a:
cf:38:8a:77:e7:9b:02:3a:86:c3:e5:4c:ba:84:98:
73:d0:33:62:8a:b5:4a:3c:86:78:95:ce:df:ec:11:
f6:7b:53:67:41:f6:a8:57:2b:3a:dc:d8:52:07:6c:
2f:94:b1:cc:ac:f8:8d:12:cd:38:0d:df:bf:9f:0c:
1e:bd:24:7e:c0:71:a9:cb:a9:29:37:76:c5:11:bd:
44:d7:60:b2:9b:0b:de:2e:cf:1c:7f:57:a2:03:51:
9d:bd:07:70:ef:3e:9e:d3:c7:2a:96:2f:5e:18:a5:
15:f5:c5:4f:d5:dd:ff:c5:02:6c:bd:4c:d1:07:14:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BC:BA:ED:B1:1C:9C:B1:25:5C:27:8A:D8:40:1A:E8:15:D3:29:21
X509v3 Authority Key Identifier:
keyid:DA:7D:5F:CA:1E:46:99:29:D4:A8:B6:F5:7A:F3:CB:CD:C6:39:A3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n1fyh5GmSnUqLb1evPLzcY5o14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/iby67bEcnLElXCeK2EAa6BXTKSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/060f32-a48b-4657-a58b-41b730327c78/1/2n1fyh5GmSnUqLb1evPLzcY5o14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e5c0::/36
Signature Algorithm: sha256WithRSAEncryption
89:e1:c4:c6:c0:0d:fe:b6:6f:db:62:f8:e5:4d:11:3d:6c:23:
bf:6b:24:7f:1d:ca:82:5c:98:95:90:58:4e:ca:89:3a:e6:89:
37:ef:9b:4d:e8:94:ae:92:d2:a9:8a:a3:9b:ea:a3:b8:71:e4:
83:fb:64:4b:36:77:2c:c9:32:88:e0:05:67:af:ed:1d:ef:8f:
34:50:6b:50:af:71:15:a8:38:38:86:b0:0e:47:3f:6b:8f:ff:
cc:42:9f:f6:73:50:1d:34:90:32:6d:b0:75:de:ca:b0:92:0d:
00:57:09:82:80:c0:5a:4c:39:46:7f:77:f0:07:7e:a3:f4:54:
46:c7:99:f6:e1:b0:23:58:73:09:35:50:c8:9d:25:12:b0:13:
83:32:a0:61:c7:c2:e3:76:1d:af:84:28:f9:9e:99:50:88:6f:
04:b4:25:ad:54:c7:68:ed:26:72:6e:57:c3:68:2d:7d:95:33:
bf:3c:a5:67:99:fb:16:4c:d7:e2:6a:d2:8b:bc:97:ea:c8:ab:
9d:22:d5:ff:e7:b5:07:57:11:18:fa:71:d2:9e:04:12:9f:c4:
41:19:ad:99:73:99:93:75:22:ff:1e:a4:03:26:66:86:73:4e:
5c:2b:72:d1:a0:ba:93:54:3a:61:3a:e9:d5:b9:c4:c9:fe:08:
46:b5:6d:3d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZOrA1RnF2pmSwQBxzgRTh5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2Q1ZmNhMWU0Njk5MjlkNGE4YjZmNTdhZjNjYmNkYzYz
OWEzNWUwHhcNMjQxMjA5MTA0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJjYmFlZGIxMWM5Y2IxMjU1YzI3OGFkODQwMWFlODE1ZDMyOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/rlx25NWNRVCMAUKykO5Z24ivSl
cajEZaB2m10MrNwNnGe0dRMKbAHRxEy8gFC4dQ1vQtrqS5Af6gn4D9wKv/Q2IySC
+3ns3dxaX2TzRvvS9/thGpyh7NaKdcf6Yn51AjBW+MRv821Jq2YsR3pUgNG4gca7
jf1KVQ4OEyIPe9GU+kfNhTrPOIp355sCOobD5Uy6hJhz0DNiirVKPIZ4lc7f7BH2
e1NnQfaoVys63NhSB2wvlLHMrPiNEs04Dd+/nwwevSR+wHGpy6kpN3bFEb1E12Cy
mwveLs8cf1eiA1GdvQdw7z6e08cqli9eGKUV9cVP1d3/xQJsvUzRBxSaXwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIm8uu2xHJyxJVwnithAGugV0ykhMB8GA1UdIwQY
MBaAFNp9X8oeRpkp1Ki29Xrzy83GOaNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGIt
NDFiNzMwMzI3Yzc4LzEvaWJ5NjdiRWNuTEVsWENlSzJFQWE2QlhUS1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wNjBmMzItYTQ4Yi00NjU3LWE1OGItNDFiNzMwMzI3Yzc4
LzEvMm4xZnloNUdtU25VcUxiMWV2UEx6Y1k1bzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgHlwAAw
DQYJKoZIhvcNAQELBQADggEBAInhxMbADf62b9ti+OVNET1sI79rJH8dyoJcmJWQ
WE7KiTrmiTfvm03olK6S0qmKo5vqo7hx5IP7ZEs2dyzJMojgBWev7R3vjzRQa1Cv
cRWoODiGsA5HP2uP/8xCn/ZzUB00kDJtsHXeyrCSDQBXCYKAwFpMOUZ/d/AHfqP0
VEbHmfbhsCNYcwk1UMidJRKwE4MyoGHHwuN2Ha+EKPmemVCIbwS0Ja1Ux2jtJnJu
V8NoLX2VM788pWeZ+xZM1+Jq0ou8l+rIq50i1f/ntQdXERj6cdKeBBKfxEEZrZlz
mZN1Iv8epAMmZoZzTlwrctGgupNUOmE66dW5xMn+CEa1bT0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:45:06 2025 by rpki-client