Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e7b40c-414b-473a-b8c7-b7b1481625b1/1/tSvr38ObB0-1eC7Z-K0qQPIPAdc.roa
File: tSvr38ObB0-1eC7Z-K0qQPIPAdc.roa (raw, json)
Hash identifier: XpCXW15mUTrB++qvgndiiC7MsT8q2iqb+K2hot2nt8k=
Subject key identifier: B5:2B:EB:DF:C3:9B:07:4F:B5:78:2E:D9:F8:AD:2A:40:F2:0F:01:D7
Certificate issuer: /CN=a669f1c21370c44dfd10e2af688c8c4e0ea12955
Certificate serial: 018CCA285CC1460FBFD8011A64EF8593D4B4
Authority key identifier: A6:69:F1:C2:13:70:C4:4D:FD:10:E2:AF:68:8C:8C:4E:0E:A1:29:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmnxwhNwxE39EOKvaIyMTg6hKVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7b40c-414b-473a-b8c7-b7b1481625b1/1/tSvr38ObB0-1eC7Z-K0qQPIPAdc.roa
Signing time: Tue 02 Jan 2024 12:31:31 +0000
ROA not before: Tue 02 Jan 2024 12:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211723
IP address blocks: 2001:67c:296c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:5c:c1:46:0f:bf:d8:01:1a:64:ef:85:93:d4:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a669f1c21370c44dfd10e2af688c8c4e0ea12955
Validity
Not Before: Jan 2 12:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b52bebdfc39b074fb5782ed9f8ad2a40f20f01d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:74:70:82:78:3a:96:be:a3:f0:67:6c:c7:
d7:03:78:82:ca:64:26:08:5f:61:32:1f:57:f7:6f:
df:72:d0:33:27:42:4e:3a:db:94:bf:b1:d7:2e:4d:
22:b5:c8:0b:72:df:dd:33:51:cf:81:0c:9c:09:d4:
06:c1:17:9e:09:70:12:76:25:ce:81:a0:ad:4d:8a:
1b:af:ca:b0:dc:1f:5a:3a:c3:01:23:63:f5:cf:09:
6e:ca:f1:5c:94:8e:bf:d7:2c:06:19:ae:6d:9f:ce:
13:cb:e6:a5:96:fa:f6:68:b6:77:92:56:66:0c:73:
30:23:26:09:91:5e:72:9e:08:6b:3d:0d:dc:5f:b2:
0b:c3:45:6e:99:af:b0:fb:2d:c7:dc:cd:f1:7e:98:
89:d5:0c:a2:b4:c7:f3:de:7e:60:2f:64:42:f2:e6:
38:67:5b:b4:c3:3c:63:dc:bd:50:f7:85:3a:3d:dd:
d4:1d:12:01:5c:81:10:97:d8:29:ac:ea:62:cc:d4:
3b:3e:77:52:bd:e1:d2:0c:48:a0:ec:74:1a:61:5b:
b3:0d:2c:76:50:a4:57:46:d3:df:d8:e0:e3:22:b3:
61:1e:ca:fe:3a:03:99:04:74:06:40:6d:a3:93:06:
28:94:e1:bd:7a:c9:15:b5:10:36:bd:65:39:97:1c:
84:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2B:EB:DF:C3:9B:07:4F:B5:78:2E:D9:F8:AD:2A:40:F2:0F:01:D7
X509v3 Authority Key Identifier:
keyid:A6:69:F1:C2:13:70:C4:4D:FD:10:E2:AF:68:8C:8C:4E:0E:A1:29:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmnxwhNwxE39EOKvaIyMTg6hKVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7b40c-414b-473a-b8c7-b7b1481625b1/1/tSvr38ObB0-1eC7Z-K0qQPIPAdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7b40c-414b-473a-b8c7-b7b1481625b1/1/pmnxwhNwxE39EOKvaIyMTg6hKVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:296c::/48
Signature Algorithm: sha256WithRSAEncryption
7b:1d:92:e0:15:83:41:31:31:80:52:b9:7c:98:54:3c:12:7a:
b8:42:09:c8:61:62:0f:8d:97:54:3f:64:ea:e6:3f:bb:9f:12:
e9:77:7e:b1:36:66:37:8f:4a:ca:b2:c8:d1:7d:e3:85:4b:82:
1b:c3:3c:01:45:74:1d:66:db:56:f8:0a:b9:39:51:f0:61:dc:
80:f1:c2:3f:a0:fc:8e:88:37:a5:52:78:60:51:ba:8f:06:0b:
94:a8:56:d7:a2:9d:0e:19:25:c4:50:bf:dd:a2:f0:47:d1:8f:
75:f5:6d:90:40:0f:00:64:eb:28:b5:d3:45:53:b8:fa:16:39:
20:d7:31:51:a7:7d:a2:c0:6b:bb:6e:0e:13:1c:f2:bc:04:b6:
93:bc:71:32:0a:72:6a:0c:c9:6d:cd:aa:4f:3a:c0:9b:fb:31:
23:74:45:ca:e4:05:86:32:32:e6:a2:61:65:e4:2a:9b:59:98:
bd:35:8c:ef:15:e6:ae:61:82:7d:f4:df:84:16:12:0a:c4:ba:
96:c5:fd:6f:5a:de:20:58:d2:1c:1d:3c:96:2f:62:fd:97:84:
66:69:af:17:84:57:66:d2:2a:0d:fd:eb:fc:4b:50:dd:60:67:
42:cc:d8:aa:8e:d8:f2:27:29:63:f4:79:bb:22:af:a7:d6:57:
2c:bb:3e:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKFzBRg+/2AEaZO+Fk9S0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjlmMWMyMTM3MGM0NGRmZDEwZTJhZjY4OGM4YzRlMGVh
MTI5NTUwHhcNMjQwMTAyMTIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTJiZWJkZmMzOWIwNzRmYjU3ODJlZDlmOGFkMmE0MGYyMGYwMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9l0cIJ4Opa+o/BnbMfXA3iCymQm
CF9hMh9X92/fctAzJ0JOOtuUv7HXLk0itcgLct/dM1HPgQycCdQGwReeCXASdiXO
gaCtTYobr8qw3B9aOsMBI2P1zwluyvFclI6/1ywGGa5tn84Ty+allvr2aLZ3klZm
DHMwIyYJkV5ynghrPQ3cX7ILw0Vuma+w+y3H3M3xfpiJ1QyitMfz3n5gL2RC8uY4
Z1u0wzxj3L1Q94U6Pd3UHRIBXIEQl9gprOpizNQ7PndSveHSDEig7HQaYVuzDSx2
UKRXRtPf2ODjIrNhHsr+OgOZBHQGQG2jkwYolOG9eskVtRA2vWU5lxyE4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLUr69/DmwdPtXgu2fitKkDyDwHXMB8GA1UdIwQY
MBaAFKZp8cITcMRN/RDir2iMjE4OoSlVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1ueHdoTnd4RTM5RU9LdmFJeU1UZzZoS1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lN2I0MGMtNDE0Yi00NzNhLWI4Yzct
YjdiMTQ4MTYyNWIxLzEvdFN2cjM4T2JCMC0xZUM3Wi1LMHFRUElQQWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lN2I0MGMtNDE0Yi00NzNhLWI4YzctYjdiMTQ4MTYyNWIx
LzEvcG1ueHdoTnd4RTM5RU9LdmFJeU1UZzZoS1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCls
MA0GCSqGSIb3DQEBCwUAA4IBAQB7HZLgFYNBMTGAUrl8mFQ8Enq4QgnIYWIPjZdU
P2Tq5j+7nxLpd36xNmY3j0rKssjRfeOFS4IbwzwBRXQdZttW+Aq5OVHwYdyA8cI/
oPyOiDelUnhgUbqPBguUqFbXop0OGSXEUL/dovBH0Y919W2QQA8AZOsotdNFU7j6
Fjkg1zFRp32iwGu7bg4THPK8BLaTvHEyCnJqDMltzapPOsCb+zEjdEXK5AWGMjLm
omFl5CqbWZi9NYzvFeauYYJ99N+EFhIKxLqWxf1vWt4gWNIcHTyWL2L9l4Rmaa8X
hFdm0ioN/ev8S1DdYGdCzNiqjtjyJylj9Hm7Iq+n1lcsuz4t
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:23:15 2025 by rpki-client