Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2E111CEUC4UDQ0ae2LhnxNwre64.roa
File: 2E111CEUC4UDQ0ae2LhnxNwre64.roa (raw, json)
Hash identifier: ezBu1i97qBo0kK/Vv5Uo6vG/5BTSmunz68fEj2q2T30=
Subject key identifier: D8:4D:75:D4:21:14:0B:85:03:43:46:9E:D8:B8:67:C4:DC:2B:7B:AE
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0191663F30AFD48665B91F17C2E5E1602B2A
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2E111CEUC4UDQ0ae2LhnxNwre64.roa
Signing time: Sun 18 Aug 2024 16:08:22 +0000
ROA not before: Sun 18 Aug 2024 16:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0f:7803:f98f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:66:3f:30:af:d4:86:65:b9:1f:17:c2:e5:e1:60:2b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Aug 18 16:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d84d75d421140b850343469ed8b867c4dc2b7bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:00:bb:2c:2c:b1:43:5f:1b:44:15:96:35:
22:8a:8f:d5:8c:f0:71:9a:5b:43:06:23:ad:51:a5:
68:79:8f:62:0a:d4:50:e9:c8:b3:21:56:3d:39:01:
1c:ef:fb:75:58:7a:b8:a0:fe:c2:05:85:58:99:03:
bb:9e:1d:ee:6b:8a:3e:3d:b4:3e:38:72:a6:72:e4:
ff:1e:1e:e6:a7:26:02:16:b4:dc:fd:53:30:82:f5:
67:70:71:4a:83:de:1e:b0:d6:49:db:7c:2e:79:90:
4f:9d:1f:ee:44:95:c7:60:ce:74:46:dc:2b:ac:f3:
0a:a5:95:e7:61:b2:2d:ce:fc:f7:62:de:e9:db:18:
dd:48:04:3b:68:02:4c:f8:dd:13:ef:47:0e:a0:91:
55:bd:6d:70:43:e9:7b:3f:77:1f:91:6a:c2:4f:5d:
e7:f9:89:32:b4:b3:74:54:23:30:ff:f3:7a:f6:c0:
f3:9e:e2:32:eb:80:52:81:a7:f0:88:13:24:74:f5:
d4:cc:fb:f1:02:76:fb:09:b7:9c:65:98:f6:4d:52:
d6:7f:8c:f3:56:19:45:a7:86:55:70:6a:f9:6f:5c:
71:d9:f3:59:a1:fa:43:df:53:82:76:29:f2:b1:9e:
f3:5b:57:d1:f3:46:f9:0d:7c:43:e5:10:b7:07:35:
86:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4D:75:D4:21:14:0B:85:03:43:46:9E:D8:B8:67:C4:DC:2B:7B:AE
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2E111CEUC4UDQ0ae2LhnxNwre64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:f98f::/48
Signature Algorithm: sha256WithRSAEncryption
68:67:67:12:cf:fb:4d:fe:a4:c7:a0:41:17:6b:e9:88:47:7b:
97:05:d5:57:e4:63:5c:0c:13:0e:e6:3a:3c:e4:72:ba:4f:ea:
16:b9:0e:7f:f5:ca:6b:09:9c:2a:a5:62:ed:03:30:75:0c:41:
e0:73:77:f8:cd:d9:ce:d1:11:aa:5e:0f:bf:8e:7b:e8:ef:99:
b5:5c:df:29:39:05:e5:ea:86:63:d9:96:cc:78:93:5f:fe:a8:
39:56:61:ab:c1:49:b0:50:37:eb:c3:f3:dc:ed:61:77:7f:73:
5f:2a:c4:1a:96:7d:90:12:63:7d:ec:f4:e3:13:57:1e:79:15:
58:ec:b6:de:f5:96:8a:b6:dd:19:f6:22:28:6f:a8:6c:75:59:
11:f6:41:34:0b:89:9a:24:df:4a:f8:6c:5c:5c:b6:c6:bf:21:
91:2e:a2:5e:b1:9e:c0:5a:c5:c0:86:3e:be:46:7d:fd:38:ef:
c7:c4:b4:ec:1a:fd:f9:1c:aa:5d:bb:f8:d7:14:a5:ba:aa:5c:
7d:66:b7:ab:96:d3:bd:03:50:4b:5e:2a:80:43:f1:1a:39:b8:
19:44:d0:2e:a9:d7:29:f2:79:03:4e:3f:3c:9b:f2:06:dc:da:
e0:2f:fd:c1:cf:a7:f2:3c:b6:54:e4:52:a1:69:43:51:bc:f7:
aa:e1:c0:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZFmPzCv1IZluR8XwuXhYCsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwODE4MTYwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRkNzVkNDIxMTQwYjg1MDM0MzQ2OWVkOGI4NjdjNGRjMmI3YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5UAuywssUNfG0QVljUiio/VjPBx
mltDBiOtUaVoeY9iCtRQ6cizIVY9OQEc7/t1WHq4oP7CBYVYmQO7nh3ua4o+PbQ+
OHKmcuT/Hh7mpyYCFrTc/VMwgvVncHFKg94esNZJ23wueZBPnR/uRJXHYM50Rtwr
rPMKpZXnYbItzvz3Yt7p2xjdSAQ7aAJM+N0T70cOoJFVvW1wQ+l7P3cfkWrCT13n
+YkytLN0VCMw//N69sDznuIy64BSgafwiBMkdPXUzPvxAnb7CbecZZj2TVLWf4zz
VhlFp4ZVcGr5b1xx2fNZofpD31OCdinysZ7zW1fR80b5DXxD5RC3BzWGNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNhNddQhFAuFA0NGnti4Z8TcK3uuMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvMkUxMTFDRVVDNFVEUTBhZTJMaG54TndyZTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94A/mP
MA0GCSqGSIb3DQEBCwUAA4IBAQBoZ2cSz/tN/qTHoEEXa+mIR3uXBdVX5GNcDBMO
5jo85HK6T+oWuQ5/9cprCZwqpWLtAzB1DEHgc3f4zdnO0RGqXg+/jnvo75m1XN8p
OQXl6oZj2ZbMeJNf/qg5VmGrwUmwUDfrw/Pc7WF3f3NfKsQaln2QEmN97PTjE1ce
eRVY7Lbe9ZaKtt0Z9iIob6hsdVkR9kE0C4maJN9K+GxcXLbGvyGRLqJesZ7AWsXA
hj6+Rn39OO/HxLTsGv35HKpdu/jXFKW6qlx9ZrerltO9A1BLXiqAQ/EaObgZRNAu
qdcp8nkDTj88m/IG3NrgL/3Bz6fyPLZU5FKhaUNRvPeq4cBV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:26 2025 by rpki-client