Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEUdgjKOAHdDcHlI2q4lhrExV8E.roa
File: bEUdgjKOAHdDcHlI2q4lhrExV8E.roa (raw, json)
Hash identifier: BY6xBOGBcFVfliJIJnQNPhHo0EPgD3wGzFExGXzNdT8=
Subject key identifier: 6C:45:1D:82:32:8E:00:77:43:70:79:48:DA:AE:25:86:B1:31:57:C1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC501090D6C7112198F5A4445DAD356FE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEUdgjKOAHdDcHlI2q4lhrExV8E.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14315
IP address blocks: 192.159.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:09:0d:6c:71:12:19:8f:5a:44:45:da:d3:56:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c451d82328e007743707948daae2586b13157c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0b:0e:dd:59:42:e2:1a:29:9f:88:0f:36:6a:
63:8b:e6:de:d1:39:79:6b:2b:c7:05:01:9f:e2:3b:
0d:54:58:1e:6c:cc:e8:26:79:79:60:83:34:0d:81:
a5:1c:3d:dc:ae:83:48:4d:ba:a7:21:fb:6c:54:53:
70:8b:d1:f0:f9:20:54:e3:09:28:19:c4:d3:1f:c4:
7c:1f:b4:53:31:13:7f:b0:18:26:48:5e:46:fa:94:
05:b3:43:a0:19:61:0f:c8:22:4b:4a:26:44:1f:0b:
55:73:a6:b1:d7:ff:6a:39:d7:67:dc:2b:3d:4f:b3:
a5:97:21:b4:c0:de:d8:4b:70:e4:27:11:5c:3a:eb:
76:43:5e:ef:2f:14:da:9c:9f:a4:ab:4d:b1:15:b4:
cb:c7:8b:0a:1a:5d:a8:0c:36:71:64:4e:48:3e:01:
eb:7c:da:aa:39:54:2a:fd:cd:2f:6e:7d:6c:8b:3e:
d9:2e:4b:e0:32:c0:0d:b0:3e:c1:31:c2:3e:ed:b9:
bc:26:9d:6b:8a:b1:da:cb:5b:6d:01:77:9f:7c:1b:
fc:89:24:48:5c:3b:f6:81:38:65:7d:5d:a9:af:2e:
25:be:71:e8:59:c3:3a:37:86:e3:77:41:19:75:5d:
70:01:9d:c1:1f:c8:e0:ce:d5:30:ef:ec:8f:51:16:
d6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:45:1D:82:32:8E:00:77:43:70:79:48:DA:AE:25:86:B1:31:57:C1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bEUdgjKOAHdDcHlI2q4lhrExV8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.159.99.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ed:ff:a5:08:46:1d:41:f7:d3:3b:b7:ed:ef:31:84:c5:0d:
16:0d:65:c0:ad:82:45:7d:d3:6d:d7:e1:90:aa:ec:83:cd:b4:
4f:e4:40:df:29:f2:15:00:e1:04:ae:ca:f2:bf:83:c7:e7:7c:
6e:a1:9d:13:c3:99:cf:a0:2e:ee:eb:5c:db:2e:54:d5:df:1a:
a4:20:97:5c:70:49:f2:85:1d:a0:68:32:a4:66:ed:6f:13:26:
b9:d5:68:c1:b3:05:20:7b:44:31:d9:58:31:a5:e6:30:a0:8b:
d7:a6:f1:df:a0:59:9f:ff:4a:79:c5:70:7d:c8:97:5a:7a:86:
6b:a7:2b:60:0a:3b:8b:d1:c4:c9:27:1a:33:c4:8f:da:ee:e5:
a1:13:7b:e2:df:32:ad:c5:ab:26:d4:07:69:7e:fa:a3:f4:7b:
a0:f9:d4:ca:79:7e:bd:8f:7b:62:00:03:42:21:50:1e:e6:9b:
ae:56:90:45:dc:e8:14:cc:cf:41:2b:4c:5c:92:c1:9d:c8:3a:
ec:4e:47:a9:5b:b7:63:ed:83:6e:46:d9:5d:b9:83:06:11:62:
6b:ba:90:e1:7e:e4:69:e7:fe:f0:54:28:65:91:d4:5c:05:cd:
d7:28:b4:0c:48:ce:64:70:11:07:55:de:28:4c:2c:e6:51:fe:
10:b0:08:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAQkNbHESGY9aREXa01b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQ1MWQ4MjMyOGUwMDc3NDM3MDc5NDhkYWFlMjU4NmIxMzE1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwsO3VlC4hopn4gPNmpji+be0Tl5
ayvHBQGf4jsNVFgebMzoJnl5YIM0DYGlHD3croNITbqnIftsVFNwi9Hw+SBU4wko
GcTTH8R8H7RTMRN/sBgmSF5G+pQFs0OgGWEPyCJLSiZEHwtVc6ax1/9qOddn3Cs9
T7OllyG0wN7YS3DkJxFcOut2Q17vLxTanJ+kq02xFbTLx4sKGl2oDDZxZE5IPgHr
fNqqOVQq/c0vbn1siz7ZLkvgMsANsD7BMcI+7bm8Jp1rirHay1ttAXeffBv8iSRI
XDv2gThlfV2pry4lvnHoWcM6N4bjd0EZdV1wAZ3BH8jgztUw7+yPURbWZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxFHYIyjgB3Q3B5SNquJYaxMVfBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYkVVZGdqS09BSGREY0hsSTJxNGxockV4VjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJ9jMA0G
CSqGSIb3DQEBCwUAA4IBAQCX7f+lCEYdQffTO7ft7zGExQ0WDWXArYJFfdNt1+GQ
quyDzbRP5EDfKfIVAOEErsryv4PH53xuoZ0Tw5nPoC7u61zbLlTV3xqkIJdccEny
hR2gaDKkZu1vEya51WjBswUge0Qx2VgxpeYwoIvXpvHfoFmf/0p5xXB9yJdaeoZr
pytgCjuL0cTJJxozxI/a7uWhE3vi3zKtxasm1Adpfvqj9Hug+dTKeX69j3tiAANC
IVAe5puuVpBF3OgUzM9BK0xcksGdyDrsTkepW7dj7YNuRtlduYMGEWJrupDhfuRp
5/7wVChlkdRcBc3XKLQMSM5kcBEHVd4oTCzmUf4QsAhC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:32 2025 by rpki-client