Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Rx3Ne8itqnMrj6PRGLF-tcycqQo.roa
File: Rx3Ne8itqnMrj6PRGLF-tcycqQo.roa (raw, json)
Hash identifier: r2EH6ZfiAUTTPUq17wHHbfpLngdYg/J8SP2Rmvhs3k4=
Subject key identifier: 47:1D:CD:7B:C8:AD:AA:73:2B:8F:A3:D1:18:B1:7E:B5:CC:9C:A9:0A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 01942825728770AA6AB67B152ED8399A3924
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Rx3Ne8itqnMrj6PRGLF-tcycqQo.roa
Signing time: Thu 02 Jan 2025 17:52:10 +0000
ROA not before: Thu 02 Jan 2025 17:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57110
IP address blocks: 2a0f:b241:12::/48 maxlen: 48
2a0f:b241:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 23:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:72:87:70:aa:6a:b6:7b:15:2e:d8:39:9a:39:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=471dcd7bc8adaa732b8fa3d118b17eb5cc9ca90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:3f:60:f9:11:9e:39:3a:2b:8c:55:4e:45:
a0:b5:bc:2c:e4:c7:3d:68:9c:c4:38:93:b6:e2:d0:
c8:d9:21:5d:cf:1b:23:42:a3:26:29:59:59:b6:5f:
0d:9b:0f:4c:f9:a6:84:13:2d:58:41:09:39:84:35:
48:af:6e:48:cf:33:30:7f:f4:81:37:28:ea:34:9b:
6b:a6:5b:3d:c6:16:e9:09:67:8d:1a:53:09:90:8c:
c2:39:80:d8:49:ec:cf:33:dc:7d:2a:7e:08:fd:b1:
5a:7b:7e:23:3e:d4:b4:5f:e3:69:fc:d6:28:e4:fd:
82:5f:09:14:70:74:de:ce:36:80:8e:b9:17:b7:e5:
7a:cc:cb:87:8e:15:5e:d1:52:64:d4:50:f0:a9:13:
7d:6c:ea:f6:24:b9:b4:a0:0c:4b:ed:45:56:10:a3:
43:cb:a2:98:bc:93:67:63:8f:9d:17:fa:49:9d:82:
17:84:10:a6:90:c6:fd:54:15:35:46:77:e1:38:65:
f0:dd:41:ce:41:7a:ee:92:b8:6f:24:67:f6:d0:2d:
86:74:b8:37:ec:d4:23:75:6e:82:fa:df:ba:39:e7:
df:38:3a:4a:c8:04:c3:25:6b:5a:b7:0d:66:b8:75:
cb:9d:df:94:87:c9:54:b7:83:0a:00:e5:20:2d:20:
8b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1D:CD:7B:C8:AD:AA:73:2B:8F:A3:D1:18:B1:7E:B5:CC:9C:A9:0A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/Rx3Ne8itqnMrj6PRGLF-tcycqQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:12::/47
Signature Algorithm: sha256WithRSAEncryption
72:89:5e:66:c1:25:bb:d3:07:67:f5:a8:3f:96:a5:ae:d1:44:
5f:8e:66:0e:71:3e:5b:8d:d3:56:97:e9:40:ff:c0:6d:85:dc:
f9:7d:18:22:ce:ba:98:a1:9b:a3:b3:7f:67:c2:af:2a:01:07:
ee:6e:b2:c2:90:e5:f1:8c:0a:c1:ad:3a:b4:6a:ad:40:d9:50:
5e:a8:97:f7:ac:0c:c7:e8:cc:2a:e4:1e:84:2b:86:c4:50:0a:
eb:27:90:b4:43:e7:62:67:e7:31:f3:89:9f:7e:f2:2a:bd:d3:
ab:b6:71:b8:34:f4:08:db:b0:61:1f:86:a2:88:29:7d:80:06:
96:38:70:33:a7:11:6c:1b:af:94:ab:03:98:c8:b4:a7:36:da:
7c:cb:15:fd:a5:92:12:83:d6:8e:13:d9:9e:f9:cf:2e:59:15:
e2:cc:a3:56:31:9a:1e:3f:47:d3:56:ca:07:ba:03:61:a6:af:
6b:52:ac:e4:82:2e:7b:21:f4:df:82:c9:ed:6c:a1:33:61:d4:
8e:44:b1:68:46:5d:73:9f:f4:ac:3a:1f:1e:51:ab:4d:bf:d3:
66:14:d4:82:95:f8:bb:bd:20:1d:87:93:b7:c4:fa:40:b3:d6:
31:bc:9a:c0:91:3c:ef:4e:8f:a0:98:69:ed:c4:8a:2f:30:bd:
4f:37:3a:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXKHcKpqtnsVLtg5mjkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFkY2Q3YmM4YWRhYTczMmI4ZmEzZDExOGIxN2ViNWNjOWNhOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3o/YPkRnjk6K4xVTkWgtbws5Mc9
aJzEOJO24tDI2SFdzxsjQqMmKVlZtl8Nmw9M+aaEEy1YQQk5hDVIr25IzzMwf/SB
NyjqNJtrpls9xhbpCWeNGlMJkIzCOYDYSezPM9x9Kn4I/bFae34jPtS0X+Np/NYo
5P2CXwkUcHTezjaAjrkXt+V6zMuHjhVe0VJk1FDwqRN9bOr2JLm0oAxL7UVWEKND
y6KYvJNnY4+dF/pJnYIXhBCmkMb9VBU1RnfhOGXw3UHOQXrukrhvJGf20C2GdLg3
7NQjdW6C+t+6OeffODpKyATDJWtatw1muHXLnd+Uh8lUt4MKAOUgLSCL3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEcdzXvIrapzK4+j0RixfrXMnKkKMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvUngzTmU4aXRxbk1yajZQUkdMRi10Y3ljcVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg+yQQAS
MA0GCSqGSIb3DQEBCwUAA4IBAQByiV5mwSW70wdn9ag/lqWu0URfjmYOcT5bjdNW
l+lA/8Bthdz5fRgizrqYoZujs39nwq8qAQfubrLCkOXxjArBrTq0aq1A2VBeqJf3
rAzH6Mwq5B6EK4bEUArrJ5C0Q+diZ+cx84mffvIqvdOrtnG4NPQI27BhH4aiiCl9
gAaWOHAzpxFsG6+UqwOYyLSnNtp8yxX9pZISg9aOE9me+c8uWRXizKNWMZoeP0fT
VsoHugNhpq9rUqzkgi57IfTfgsntbKEzYdSORLFoRl1zn/SsOh8eUatNv9NmFNSC
lfi7vSAdh5O3xPpAs9YxvJrAkTzvTo+gmGntxIovML1PNzqu
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:59:34 2025 by rpki-client