Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cf11b4-797b-4820-bfea-53cd91b28c4f/1/5s99nJRM2eMbXzt-Pb8JUUeMtJU.roa
File: 5s99nJRM2eMbXzt-Pb8JUUeMtJU.roa (raw, json)
Hash identifier: YKfz3Fban6WshxhpRVMgdw5j0CS3+dTCgPi0vXb0lvQ=
Subject key identifier: E6:CF:7D:9C:94:4C:D9:E3:1B:5F:3B:7E:3D:BF:09:51:47:8C:B4:95
Certificate issuer: /CN=023f63fb2bfc631c44f4bb6d94bdf28b3ec9dff7
Certificate serial: 01907CAD1D85616AC4A8C6316F1D9FAFF213
Authority key identifier: 02:3F:63:FB:2B:FC:63:1C:44:F4:BB:6D:94:BD:F2:8B:3E:C9:DF:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aj9j-yv8YxxE9LttlL3yiz7J3_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cf11b4-797b-4820-bfea-53cd91b28c4f/1/5s99nJRM2eMbXzt-Pb8JUUeMtJU.roa
Signing time: Thu 04 Jul 2024 07:37:18 +0000
ROA not before: Thu 04 Jul 2024 07:37:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214710
IP address blocks: 2001:67c:eb8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7c:ad:1d:85:61:6a:c4:a8:c6:31:6f:1d:9f:af:f2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=023f63fb2bfc631c44f4bb6d94bdf28b3ec9dff7
Validity
Not Before: Jul 4 07:37:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6cf7d9c944cd9e31b5f3b7e3dbf0951478cb495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:c8:e9:e9:e2:fa:18:80:48:7f:a1:74:81:
4d:e9:dd:27:84:58:3e:7b:da:1d:29:28:f5:65:19:
e0:57:45:72:fa:98:fd:5d:97:c2:d9:30:5a:af:12:
c9:c6:dd:80:aa:cf:91:0f:20:c0:94:84:63:51:38:
42:07:ff:19:b0:0e:b3:79:93:30:34:2a:e4:c8:b1:
ce:0b:98:12:79:3d:c2:4e:f8:7f:53:e0:6a:a7:c4:
a3:26:14:89:05:15:5d:53:9c:f2:25:8b:db:26:0c:
fe:61:a2:93:b2:7d:5e:17:38:d9:2a:e1:1a:f5:8f:
17:3e:dd:97:c5:b7:0f:0c:27:7b:d4:ed:79:ec:6a:
07:53:d1:07:06:64:3a:9c:2e:e6:0f:e7:89:78:95:
5e:6c:c2:bc:37:f2:28:96:56:4f:e8:d8:43:62:18:
4e:b6:4f:54:17:e2:4c:41:56:e6:6d:a8:22:de:0c:
30:75:65:07:b2:24:b3:4b:95:d0:9a:8a:85:5e:3a:
5a:27:33:23:cf:af:3b:27:8c:66:6f:f6:b2:c7:99:
dd:a6:f1:3b:79:2f:a2:c5:b6:22:8b:9f:8c:88:46:
d6:52:16:26:69:00:71:fa:b4:62:dc:f2:8a:3f:ce:
e8:27:b1:76:b6:81:7c:27:c6:70:fe:99:26:1f:41:
88:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CF:7D:9C:94:4C:D9:E3:1B:5F:3B:7E:3D:BF:09:51:47:8C:B4:95
X509v3 Authority Key Identifier:
keyid:02:3F:63:FB:2B:FC:63:1C:44:F4:BB:6D:94:BD:F2:8B:3E:C9:DF:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aj9j-yv8YxxE9LttlL3yiz7J3_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cf11b4-797b-4820-bfea-53cd91b28c4f/1/5s99nJRM2eMbXzt-Pb8JUUeMtJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cf11b4-797b-4820-bfea-53cd91b28c4f/1/Aj9j-yv8YxxE9LttlL3yiz7J3_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:eb8::/48
Signature Algorithm: sha256WithRSAEncryption
7c:7e:e9:6f:d7:88:b3:f6:4b:a9:70:44:bd:71:a1:4f:b9:7d:
93:1f:79:c0:4d:1d:ab:70:91:b2:63:63:32:6a:5c:13:32:03:
fa:79:24:e0:8c:91:62:2e:8a:4e:f4:a3:80:c7:00:3d:9d:7a:
80:a8:18:52:5e:76:a1:0d:9d:96:be:5b:12:96:7e:f0:85:81:
55:19:fd:c9:79:af:40:52:cb:6b:62:dc:5e:70:67:a5:ad:40:
b0:5e:78:32:da:5d:75:65:b5:cc:82:f7:69:55:98:82:42:9f:
77:8c:0a:44:90:3c:5e:b3:23:af:bc:32:ff:8c:32:79:29:af:
80:4a:31:22:47:96:3d:f4:8a:99:1c:a0:30:ed:81:88:89:71:
77:43:1b:20:df:9e:8c:c3:ea:ce:64:af:a0:2a:5a:e7:fd:72:
dd:f6:86:ab:92:01:30:42:84:ff:e9:0c:e4:6f:0f:5b:8e:a9:
d8:ed:9e:57:5a:c9:22:07:0e:97:57:c5:e1:b9:fb:b0:29:a5:
54:4c:bc:c9:c0:2e:4c:8c:54:d0:e6:b5:1f:85:ec:4a:83:17:
66:e5:c9:ef:97:4a:c3:32:50:53:52:17:2d:53:c3:74:38:9e:
a6:36:d7:b4:2e:93:f7:cb:b5:bd:4b:06:32:c8:8f:af:35:ef:
e5:1c:81:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZB8rR2FYWrEqMYxbx2fr/ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyM2Y2M2ZiMmJmYzYzMWM0NGY0YmI2ZDk0YmRmMjhiM2Vj
OWRmZjcwHhcNMjQwNzA0MDczNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmNmN2Q5Yzk0NGNkOWUzMWI1ZjNiN2UzZGJmMDk1MTQ3OGNiNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XvI6eni+hiASH+hdIFN6d0nhFg+
e9odKSj1ZRngV0Vy+pj9XZfC2TBarxLJxt2Aqs+RDyDAlIRjUThCB/8ZsA6zeZMw
NCrkyLHOC5gSeT3CTvh/U+Bqp8SjJhSJBRVdU5zyJYvbJgz+YaKTsn1eFzjZKuEa
9Y8XPt2XxbcPDCd71O157GoHU9EHBmQ6nC7mD+eJeJVebMK8N/IollZP6NhDYhhO
tk9UF+JMQVbmbagi3gwwdWUHsiSzS5XQmoqFXjpaJzMjz687J4xmb/ayx5ndpvE7
eS+ixbYii5+MiEbWUhYmaQBx+rRi3PKKP87oJ7F2toF8J8Zw/pkmH0GIPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFObPfZyUTNnjG187fj2/CVFHjLSVMB8GA1UdIwQY
MBaAFAI/Y/sr/GMcRPS7bZS98os+yd/3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWo5ai15djhZeHhFOUx0dGxMM3lpejdKM19jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZjExYjQtNzk3Yi00ODIwLWJmZWEt
NTNjZDkxYjI4YzRmLzEvNXM5OW5KUk0yZU1iWHp0LVBiOEpVVWVNdEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZjExYjQtNzk3Yi00ODIwLWJmZWEtNTNjZDkxYjI4YzRm
LzEvQWo5ai15djhZeHhFOUx0dGxMM3lpejdKM19jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA64
MA0GCSqGSIb3DQEBCwUAA4IBAQB8fulv14iz9kupcES9caFPuX2TH3nATR2rcJGy
Y2MyalwTMgP6eSTgjJFiLopO9KOAxwA9nXqAqBhSXnahDZ2WvlsSln7whYFVGf3J
ea9AUstrYtxecGelrUCwXngy2l11ZbXMgvdpVZiCQp93jApEkDxesyOvvDL/jDJ5
Ka+ASjEiR5Y99IqZHKAw7YGIiXF3Qxsg356Mw+rOZK+gKlrn/XLd9oarkgEwQoT/
6Qzkbw9bjqnY7Z5XWskiBw6XV8XhufuwKaVUTLzJwC5MjFTQ5rUfhexKgxdm5cnv
l0rDMlBTUhctU8N0OJ6mNte0LpP3y7W9SwYyyI+vNe/lHIEC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:48 2025 by rpki-client