Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/CicAHWRR5XOwNMJCvxwZATnlww8.roa
File: CicAHWRR5XOwNMJCvxwZATnlww8.roa (raw, json)
Hash identifier: HD4XTQ66LapfO87iOiV3HPYGdxRYCImk1DdsXwOnng0=
Subject key identifier: 0A:27:00:1D:64:51:E5:73:B0:34:C2:42:BF:1C:19:01:39:E5:C3:0F
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 018CC5DCF81E647F67319D6B24B05FFAC556
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/CicAHWRR5XOwNMJCvxwZATnlww8.roa
Signing time: Mon 01 Jan 2024 16:30:42 +0000
ROA not before: Mon 01 Jan 2024 16:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207705
IP address blocks: 2a0f:607:1072::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:f8:1e:64:7f:67:31:9d:6b:24:b0:5f:fa:c5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 16:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a27001d6451e573b034c242bf1c190139e5c30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:91:42:24:cb:93:4f:d8:32:8d:b1:9a:97:86:
3a:7e:0d:26:30:a1:90:08:7a:f4:53:50:db:28:14:
ce:b3:91:e2:64:75:3e:c6:46:5f:30:eb:d5:d4:07:
5b:ee:f8:cf:76:a3:31:c1:3a:fe:ed:f3:86:5c:f5:
6c:44:59:45:a5:40:4c:6c:44:c9:d7:a6:05:b5:98:
7a:48:a8:bc:96:d6:48:56:2a:6e:c8:84:71:8d:d3:
bf:ec:5f:35:65:e6:4d:6c:5c:3c:a7:cb:7c:b3:c5:
5e:a4:3f:05:aa:d5:89:2f:db:1a:7c:3c:02:c7:45:
fd:ca:1e:49:aa:44:43:5c:ec:9a:1f:02:fb:00:ac:
66:3e:2f:02:c6:c7:56:a9:cd:26:eb:b3:d4:e6:2b:
f7:15:98:59:f4:87:85:b4:12:90:e5:83:5b:0e:e7:
4f:11:cf:6e:0d:3e:b3:50:06:e5:50:48:5e:ea:c7:
ed:e5:64:a1:a5:26:1d:8f:1f:15:a6:4c:a7:9c:21:
b6:a7:b7:d3:d1:c5:6f:d8:fe:d5:50:0a:75:26:72:
b8:3b:d2:2a:fd:b2:06:d3:fe:da:b6:6b:f1:81:f8:
f5:06:15:06:d6:42:46:e4:b6:d6:bd:00:34:2e:40:
08:fb:04:da:7b:88:d4:ed:c2:d3:ff:8e:01:a8:fa:
f0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:27:00:1D:64:51:E5:73:B0:34:C2:42:BF:1C:19:01:39:E5:C3:0F
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/CicAHWRR5XOwNMJCvxwZATnlww8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1072::/48
Signature Algorithm: sha256WithRSAEncryption
9d:eb:18:cd:db:77:4c:4d:c8:fc:ea:d0:ec:14:80:cf:da:fb:
a6:1b:7c:13:be:40:82:71:7a:4d:d9:2a:4f:f8:59:67:87:2d:
7c:e8:ec:dd:36:02:9b:90:01:59:15:f3:08:9c:cf:b4:c1:d5:
83:30:35:8f:0d:2e:32:11:1b:31:a3:61:87:6d:5a:8f:5f:be:
2d:ca:e5:27:92:c2:da:41:b1:84:1c:f6:e9:2b:79:65:92:7d:
db:99:c2:e8:bd:1d:20:8d:11:1e:b4:8a:68:85:5d:27:f7:4b:
d4:5e:57:ee:7f:e3:0e:47:a6:19:8f:7c:27:61:48:ad:59:ee:
51:a8:26:8f:ee:13:62:84:99:22:d3:6b:00:18:1e:ec:e1:b6:
fd:60:09:89:be:c2:71:52:98:46:dd:94:e0:b8:3c:7d:22:12:
a9:69:ca:bd:31:f2:9d:42:08:35:b1:c6:df:ec:f1:39:5f:b8:
7a:05:05:e2:f6:6f:9e:2c:63:2c:d8:99:ba:ac:7c:9b:8c:33:
93:12:b5:f0:c1:73:a1:e1:38:88:8e:5a:73:52:ff:ab:ac:7f:
1f:30:bd:cc:50:c9:4a:2a:5d:42:34:9f:9a:4d:87:07:30:f3:
f2:01:23:cc:71:a5:fe:93:d7:ac:c4:cf:2e:c0:20:99:02:71:
d8:97:71:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3PgeZH9nMZ1rJLBf+sVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjQwMTAxMTYzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTI3MDAxZDY0NTFlNTczYjAzNGMyNDJiZjFjMTkwMTM5ZTVjMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZFCJMuTT9gyjbGal4Y6fg0mMKGQ
CHr0U1DbKBTOs5HiZHU+xkZfMOvV1Adb7vjPdqMxwTr+7fOGXPVsRFlFpUBMbETJ
16YFtZh6SKi8ltZIVipuyIRxjdO/7F81ZeZNbFw8p8t8s8VepD8FqtWJL9safDwC
x0X9yh5JqkRDXOyaHwL7AKxmPi8CxsdWqc0m67PU5iv3FZhZ9IeFtBKQ5YNbDudP
Ec9uDT6zUAblUEhe6sft5WShpSYdjx8VpkynnCG2p7fT0cVv2P7VUAp1JnK4O9Iq
/bIG0/7atmvxgfj1BhUG1kJG5LbWvQA0LkAI+wTae4jU7cLT/44BqPrwmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAonAB1kUeVzsDTCQr8cGQE55cMPMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvQ2ljQUhXUlI1WE93Tk1KQ3Z4d1pBVG5sd3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBy
MA0GCSqGSIb3DQEBCwUAA4IBAQCd6xjN23dMTcj86tDsFIDP2vumG3wTvkCCcXpN
2SpP+Flnhy186OzdNgKbkAFZFfMInM+0wdWDMDWPDS4yERsxo2GHbVqPX74tyuUn
ksLaQbGEHPbpK3llkn3bmcLovR0gjREetIpohV0n90vUXlfuf+MOR6YZj3wnYUit
We5RqCaP7hNihJki02sAGB7s4bb9YAmJvsJxUphG3ZTguDx9IhKpacq9MfKdQgg1
scbf7PE5X7h6BQXi9m+eLGMs2Jm6rHybjDOTErXwwXOh4TiIjlpzUv+rrH8fML3M
UMlKKl1CNJ+aTYcHMPPyASPMcaX+k9esxM8uwCCZAnHYl3GR
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:11 2025 by rpki-client