Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/4Y2NNYeHWAWVaPMmiN5WIBOeTsM.roa
File: 4Y2NNYeHWAWVaPMmiN5WIBOeTsM.roa (raw, json)
Hash identifier: vjoEV1ogvv/WpFnv5AnJxorcEUvTJvyMT2+E2P24tEU=
Subject key identifier: E1:8D:8D:35:87:87:58:05:95:68:F3:26:88:DE:56:20:13:9E:4E:C3
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 018CC94CDF647C83A7DF16752AAD0EEB682E
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/4Y2NNYeHWAWVaPMmiN5WIBOeTsM.roa
Signing time: Tue 02 Jan 2024 08:31:47 +0000
ROA not before: Tue 02 Jan 2024 08:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207080
IP address blocks: 2a0a:5940::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:df:64:7c:83:a7:df:16:75:2a:ad:0e:eb:68:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 2 08:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e18d8d35878758059568f32688de5620139e4ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4b:33:9d:74:d6:c0:e7:22:eb:3b:23:d4:56:
88:5b:7f:37:0d:14:ff:4e:82:0f:23:7f:fe:d4:12:
05:e8:cf:bf:20:e6:60:5f:89:e9:ef:8b:37:c0:f9:
13:29:9e:b7:fc:17:1a:38:a1:e0:20:13:b8:dc:05:
1e:45:d1:89:a1:93:c4:e6:dc:ce:eb:45:49:9b:ad:
e3:b8:b5:13:c1:00:11:f0:9a:21:ff:0f:1a:a3:3d:
a5:da:8a:a5:e3:3d:62:c5:97:91:50:14:61:71:9b:
c5:31:26:9a:de:f5:2a:2d:20:be:72:50:5b:95:76:
2d:15:91:a5:e8:b6:13:d8:ff:7c:0a:1b:17:df:02:
7e:2d:16:f3:a3:f0:67:10:76:af:eb:3b:c2:c7:51:
14:69:c5:16:77:6c:50:e7:9e:64:a0:b7:83:76:d8:
56:bb:17:89:49:4f:e9:17:51:38:b4:35:95:87:4f:
3f:d4:3b:20:44:2a:63:90:01:27:a9:79:64:e0:5b:
fe:9e:68:e6:8c:66:05:be:03:8d:0c:db:fc:cc:e3:
0d:26:c8:79:94:7b:d3:00:b1:15:34:cf:13:5c:be:
fb:71:d1:96:b2:0d:9c:00:cf:4a:0c:d4:cc:5c:4c:
2a:01:a2:09:36:e3:c9:99:83:ae:a5:f9:2e:11:b5:
4e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8D:8D:35:87:87:58:05:95:68:F3:26:88:DE:56:20:13:9E:4E:C3
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/4Y2NNYeHWAWVaPMmiN5WIBOeTsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:5940::/48
Signature Algorithm: sha256WithRSAEncryption
25:4a:de:44:03:22:5a:40:e0:55:92:f6:33:81:e5:13:83:38:
91:9c:33:b3:0a:7d:fa:c6:d3:63:f0:ab:62:88:a7:20:b7:30:
4b:00:cd:01:38:b4:46:ed:a5:cb:0d:cb:b1:76:b3:de:04:a1:
7c:f5:c1:7a:72:d3:ed:00:d8:19:62:2b:8b:aa:a4:bf:5f:09:
fe:bc:4f:bd:f8:41:48:d0:87:98:19:d1:fa:bb:c9:e6:76:8a:
76:57:3e:b7:d1:82:a4:99:3d:21:ee:3c:bd:c8:83:07:71:06:
ce:99:e7:2c:6b:07:75:5f:83:98:8d:8b:7c:e0:f4:e8:eb:a1:
29:ef:87:63:59:bb:ef:98:73:fe:29:5d:18:36:2b:3a:2f:ae:
d9:cd:d8:fc:a3:c1:59:9f:9b:43:5b:8a:70:0c:32:8e:8f:31:
dd:ea:fa:09:d2:89:66:10:d0:38:48:e9:57:79:65:f2:28:d4:
e7:4a:34:a4:c3:7f:f6:0f:e4:67:11:1d:02:fe:33:05:08:72:
40:26:65:d4:c9:9a:43:e2:a1:32:68:d4:ed:d1:e9:9c:e9:d3:
8c:98:2e:ee:76:18:62:88:a5:9e:d4:93:a0:cd:15:61:44:e7:
bc:f9:34:f6:8e:d8:9d:6d:19:51:de:83:30:a9:70:ae:34:ff:
b6:cb:ba:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTN9kfIOn3xZ1Kq0O62guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4
YmUxYmQwHhcNMjQwMTAyMDgzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThkOGQzNTg3ODc1ODA1OTU2OGYzMjY4OGRlNTYyMDEzOWU0ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEsznXTWwOci6zsj1FaIW383DRT/
ToIPI3/+1BIF6M+/IOZgX4np74s3wPkTKZ63/BcaOKHgIBO43AUeRdGJoZPE5tzO
60VJm63juLUTwQAR8Joh/w8aoz2l2oql4z1ixZeRUBRhcZvFMSaa3vUqLSC+clBb
lXYtFZGl6LYT2P98ChsX3wJ+LRbzo/BnEHav6zvCx1EUacUWd2xQ555koLeDdthW
uxeJSU/pF1E4tDWVh08/1DsgRCpjkAEnqXlk4Fv+nmjmjGYFvgONDNv8zOMNJsh5
lHvTALEVNM8TXL77cdGWsg2cAM9KDNTMXEwqAaIJNuPJmYOupfkuEbVO2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOGNjTWHh1gFlWjzJojeViATnk7DMB8GA1UdIwQY
MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt
N2U4YzZkNGQ5YmVmLzEvNFkyTk5ZZUhXQVdWYVBNbWlONVdJQk9lVHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm
LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpZQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAlSt5EAyJaQOBVkvYzgeUTgziRnDOzCn36xtNj
8KtiiKcgtzBLAM0BOLRG7aXLDcuxdrPeBKF89cF6ctPtANgZYiuLqqS/Xwn+vE+9
+EFI0IeYGdH6u8nmdop2Vz630YKkmT0h7jy9yIMHcQbOmecsawd1X4OYjYt84PTo
66Ep74djWbvvmHP+KV0YNis6L67Zzdj8o8FZn5tDW4pwDDKOjzHd6voJ0olmENA4
SOlXeWXyKNTnSjSkw3/2D+RnER0C/jMFCHJAJmXUyZpD4qEyaNTt0emc6dOMmC7u
dhhiiKWe1JOgzRVhROe8+TT2jtidbRlR3oMwqXCuNP+2y7qR
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:10 2025 by rpki-client