Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/jIa7_eHxHAgK7YSwlyYzxcJw3VU.roa
File: jIa7_eHxHAgK7YSwlyYzxcJw3VU.roa (raw, json)
Hash identifier: N50v0CVEJ4pMFSa5/C/GDcJ6NVBerJaNfARRff0GAZY=
Subject key identifier: 8C:86:BB:FD:E1:F1:1C:08:0A:ED:84:B0:97:26:33:C5:C2:70:DD:55
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 01941FFA0D4060D57359F1C6483A9DBA860F
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/jIa7_eHxHAgK7YSwlyYzxcJw3VU.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216291
IP address blocks: 2a13:cc87:fc00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Jan 2025 00:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:40:60:d5:73:59:f1:c6:48:3a:9d:ba:86:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c86bbfde1f11c080aed84b0972633c5c270dd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:59:16:de:b0:14:3f:3a:c3:3c:86:b9:c1:
2d:e2:e4:3e:7a:28:5f:5e:c8:1f:96:ca:76:d4:3b:
dc:ea:06:01:8c:2d:49:83:08:74:2a:73:72:36:56:
00:c9:bb:ce:7c:b6:21:4a:2e:2a:0e:4d:8b:78:9d:
5f:57:38:04:2e:1b:a7:a3:33:b1:0e:3f:df:cc:09:
eb:f7:d6:35:49:15:fe:97:62:bf:d8:44:b7:75:4a:
7c:9e:d5:14:df:76:be:48:cc:ca:3c:c9:5b:54:8f:
8d:ff:80:2c:9e:39:00:71:03:cb:f3:48:d2:ec:02:
4b:c3:f8:e5:49:7f:32:aa:04:5c:a6:d6:30:a9:aa:
44:89:d8:4d:88:95:94:a4:ed:7e:41:5b:34:23:4b:
8a:4d:73:27:c7:52:f5:38:e1:7f:46:93:cf:60:3f:
8d:33:e0:c3:5b:e3:4d:1e:5a:d8:81:71:90:32:f1:
29:3b:df:7d:8b:b3:55:43:cc:44:ac:e1:4a:64:e4:
d1:84:bb:c3:aa:e2:43:c6:5f:1c:a8:5f:7f:92:c8:
72:41:d8:0c:c8:af:5e:b5:7f:18:d4:8c:26:4a:e9:
38:23:4d:62:1c:e3:4b:ab:63:60:5e:ba:a0:aa:ec:
d8:a7:31:ae:f3:96:68:c2:83:3d:32:f4:c2:95:d9:
70:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:86:BB:FD:E1:F1:1C:08:0A:ED:84:B0:97:26:33:C5:C2:70:DD:55
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/jIa7_eHxHAgK7YSwlyYzxcJw3VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cc87:fc00::/48
Signature Algorithm: sha256WithRSAEncryption
43:2e:a4:81:1e:83:b4:d2:b4:0d:16:e0:78:6b:04:eb:ec:37:
f6:fe:25:15:c8:0e:7e:f3:d1:ce:65:e5:39:97:4a:f7:9b:04:
bc:1b:4c:0a:fe:65:38:b0:24:ba:9d:4e:aa:59:1a:1a:e2:0a:
db:9b:60:8b:c0:22:b0:a2:62:74:dc:be:25:e4:18:a8:55:c7:
55:ab:29:45:c2:c9:f3:45:bf:38:df:b7:98:87:4e:3c:eb:5e:
be:6f:89:7f:db:91:9a:71:b6:91:cd:7b:62:c2:0d:5d:03:81:
40:f3:73:d4:29:53:1e:9b:3d:ff:0c:ed:ae:86:a6:95:8b:77:
6f:4a:b0:84:b7:40:2f:6d:5a:6d:5b:8b:3f:f3:2c:3b:f0:32:
61:0d:86:fd:57:57:4e:a0:0d:d5:4d:98:7d:20:ec:73:61:b4:
25:41:8c:2e:06:eb:f1:48:f7:30:c8:d1:a1:67:96:1b:15:f1:
aa:8f:3d:39:69:16:55:cd:75:cd:c3:4a:9b:71:15:a2:2b:d5:
34:de:65:a5:b5:eb:df:f1:fe:af:9a:88:75:65:38:3d:55:48:
81:e9:c2:38:59:b6:72:51:b7:dc:50:48:c6:eb:92:e7:bc:6a:
13:71:bb:1a:1d:1d:bd:35:5a:b3:b6:26:cb:c2:17:08:39:8e:
7d:d6:a5:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+g1AYNVzWfHGSDqduoYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzg2YmJmZGUxZjExYzA4MGFlZDg0YjA5NzI2MzNjNWMyNzBkZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW1ZFt6wFD86wzyGucEt4uQ+eihf
Xsgflsp21Dvc6gYBjC1Jgwh0KnNyNlYAybvOfLYhSi4qDk2LeJ1fVzgELhunozOx
Dj/fzAnr99Y1SRX+l2K/2ES3dUp8ntUU33a+SMzKPMlbVI+N/4AsnjkAcQPL80jS
7AJLw/jlSX8yqgRcptYwqapEidhNiJWUpO1+QVs0I0uKTXMnx1L1OOF/RpPPYD+N
M+DDW+NNHlrYgXGQMvEpO999i7NVQ8xErOFKZOTRhLvDquJDxl8cqF9/kshyQdgM
yK9etX8Y1IwmSuk4I01iHONLq2NgXrqgquzYpzGu85ZowoM9MvTCldlwFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIyGu/3h8RwICu2EsJcmM8XCcN1VMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvaklhN19lSHhIQWdLN1lTd2x5WXp4Y0p3M1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPMh/wA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDLqSBHoO00rQNFuB4awTr7Df2/iUVyA5+89HO
ZeU5l0r3mwS8G0wK/mU4sCS6nU6qWRoa4grbm2CLwCKwomJ03L4l5BioVcdVqylF
wsnzRb8437eYh048616+b4l/25GacbaRzXtiwg1dA4FA83PUKVMemz3/DO2uhqaV
i3dvSrCEt0AvbVptW4s/8yw78DJhDYb9V1dOoA3VTZh9IOxzYbQlQYwuBuvxSPcw
yNGhZ5YbFfGqjz05aRZVzXXNw0qbcRWiK9U03mWltevf8f6vmoh1ZTg9VUiB6cI4
WbZyUbfcUEjG65LnvGoTcbsaHR29NVqztibLwhcIOY591qU/
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:50:19 2025 by rpki-client