Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/kE20rpnBEMdKGq8A8WHna-yK4S4.roa
File: kE20rpnBEMdKGq8A8WHna-yK4S4.roa (raw, json)
Hash identifier: C7hLMtJJjmqg+mBCCrfl2Ga0M+68Xu8s2daJTXZDBT4=
Subject key identifier: 90:4D:B4:AE:99:C1:10:C7:4A:1A:AF:00:F1:61:E7:6B:EC:8A:E1:2E
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0190F4500B9DA9B684DC5FC069731AA914D0
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/kE20rpnBEMdKGq8A8WHna-yK4S4.roa
Signing time: Sat 27 Jul 2024 13:10:04 +0000
ROA not before: Sat 27 Jul 2024 13:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201386
IP address blocks: 2a0f:7803:f8a0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 25 Aug 2024 01:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f4:50:0b:9d:a9:b6:84:dc:5f:c0:69:73:1a:a9:14:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jul 27 13:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904db4ae99c110c74a1aaf00f161e76bec8ae12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:56:71:eb:5e:8b:17:ce:13:e8:eb:77:8e:
c0:1d:e3:ce:24:0e:b0:25:9a:3a:e6:39:e5:13:9e:
c9:80:09:b1:42:85:de:71:71:0d:39:62:5d:0b:d2:
82:75:eb:77:1b:04:a7:59:e0:98:77:c5:24:5e:c2:
fe:fe:28:92:1a:e8:65:58:59:73:47:ef:fa:ed:61:
4e:8c:35:93:21:61:cb:f1:78:5e:5a:53:13:dd:6f:
79:c0:9e:3a:0e:41:80:9a:f5:8f:83:ef:18:12:6b:
25:45:6d:d5:d4:e1:f7:a4:71:7c:1a:2a:9a:88:b2:
68:85:6c:9c:99:2a:48:45:d0:1e:59:90:3a:a8:c5:
cd:d4:74:cf:04:6d:f4:17:d7:fd:18:9d:a0:bb:00:
fb:04:ad:9c:62:5a:b5:c1:0a:96:5f:7f:db:8e:f8:
f4:24:2e:02:90:44:1c:11:87:8a:89:8d:5a:a3:92:
5b:4d:25:69:85:74:53:86:00:4c:2f:3d:6b:ca:0b:
a8:63:86:65:d0:a0:af:e2:34:52:60:be:42:b7:13:
be:4d:bb:39:79:ef:75:ea:aa:5d:35:43:08:13:ad:
48:91:0a:4d:73:68:28:f7:cc:f0:60:bf:c9:70:83:
02:96:0c:58:6c:74:4e:22:bd:2b:c2:74:9f:5f:37:
fd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4D:B4:AE:99:C1:10:C7:4A:1A:AF:00:F1:61:E7:6B:EC:8A:E1:2E
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/kE20rpnBEMdKGq8A8WHna-yK4S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:f8a0::/44
Signature Algorithm: sha256WithRSAEncryption
58:f4:c3:f2:07:58:b4:e6:f7:24:43:fb:d3:3b:e5:c4:16:c8:
93:9c:6c:6a:54:58:0f:2a:18:08:0f:0f:a4:ba:4b:5e:04:8f:
97:37:a2:eb:ee:22:9e:3f:34:5f:f5:5c:25:d3:07:44:7b:c3:
59:fe:c7:91:4b:4d:40:1c:52:e3:20:e3:a3:59:0d:93:59:5d:
cf:f9:a0:77:44:c4:76:bc:80:60:ec:3a:73:d3:13:fb:06:3a:
9c:a3:12:a4:47:f7:af:25:0b:d4:ba:c3:fa:df:4c:b5:a3:c0:
a3:cf:06:80:e7:c2:fa:d0:a6:c8:61:b0:6d:0c:0e:5c:46:9c:
da:24:3f:87:73:d4:4d:4b:53:df:04:63:7a:3f:a7:21:35:91:
65:7e:3e:9b:47:1c:71:22:88:f8:7e:a7:dc:c4:6c:cb:14:62:
50:5f:e1:94:80:22:74:f0:7c:81:99:f2:6f:39:74:a5:cf:91:
16:79:6e:93:f0:40:f8:9e:e1:cd:ff:0d:fa:2a:3f:37:2a:d4:
fa:a8:29:09:b5:d8:ad:a6:f1:8e:33:61:0f:67:25:5c:e0:40:
24:00:64:c6:3d:be:4f:be:93:b8:61:dc:23:93:a3:88:62:d9:
f1:2d:4e:0e:eb:1e:d8:88:3c:09:9c:03:8e:69:f4:f4:46:ea:
b4:23:e6:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZD0UAudqbaE3F/AaXMaqRTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwNzI3MTMxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRkYjRhZTk5YzExMGM3NGExYWFmMDBmMTYxZTc2YmVjOGFlMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJVWceteixfOE+jrd47AHePOJA6w
JZo65jnlE57JgAmxQoXecXENOWJdC9KCdet3GwSnWeCYd8UkXsL+/iiSGuhlWFlz
R+/67WFOjDWTIWHL8XheWlMT3W95wJ46DkGAmvWPg+8YEmslRW3V1OH3pHF8Giqa
iLJohWycmSpIRdAeWZA6qMXN1HTPBG30F9f9GJ2guwD7BK2cYlq1wQqWX3/bjvj0
JC4CkEQcEYeKiY1ao5JbTSVphXRThgBMLz1ryguoY4Zl0KCv4jRSYL5CtxO+Tbs5
ee916qpdNUMIE61IkQpNc2go98zwYL/JcIMClgxYbHROIr0rwnSfXzf9jQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJBNtK6ZwRDHShqvAPFh52vsiuEuMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEva0UyMHJwbkJFTWRLR3E4QThXSG5hLXlLNFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/ig
MA0GCSqGSIb3DQEBCwUAA4IBAQBY9MPyB1i05vckQ/vTO+XEFsiTnGxqVFgPKhgI
Dw+kukteBI+XN6Lr7iKePzRf9Vwl0wdEe8NZ/seRS01AHFLjIOOjWQ2TWV3P+aB3
RMR2vIBg7Dpz0xP7BjqcoxKkR/evJQvUusP630y1o8CjzwaA58L60KbIYbBtDA5c
RpzaJD+Hc9RNS1PfBGN6P6chNZFlfj6bRxxxIoj4fqfcxGzLFGJQX+GUgCJ08HyB
mfJvOXSlz5EWeW6T8ED4nuHN/w36Kj83KtT6qCkJtditpvGOM2EPZyVc4EAkAGTG
Pb5PvpO4Ydwjk6OIYtnxLU4O6x7YiDwJnAOOafT0Ruq0I+aC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:04 2025 by rpki-client