Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/pcD87wlLWxDAsUbiat2ckX-yuVU.roa
File: pcD87wlLWxDAsUbiat2ckX-yuVU.roa (raw, json)
Hash identifier: Y3pW9BcctlosmsSjfVbBlSvXPRjMavaPZ8ss534fDeA=
Subject key identifier: A5:C0:FC:EF:09:4B:5B:10:C0:B1:46:E2:6A:DD:9C:91:7F:B2:B9:55
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01936CDEF02D50BD9DFC8B9FFA0E2333D356
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/pcD87wlLWxDAsUbiat2ckX-yuVU.roa
Signing time: Wed 27 Nov 2024 09:06:10 +0000
ROA not before: Wed 27 Nov 2024 09:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 2a0f:7800:900::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:de:f0:2d:50:bd:9d:fc:8b:9f:fa:0e:23:33:d3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Nov 27 09:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5c0fcef094b5b10c0b146e26add9c917fb2b955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:fe:3b:ac:61:b3:0a:c8:bd:32:d4:fa:c5:
76:f3:44:9c:5a:23:f1:ab:09:19:02:2e:ac:c8:07:
72:0d:99:8e:60:5f:07:95:ef:3b:be:f4:d5:e1:a4:
fd:dd:b6:68:cc:fb:88:43:1f:8b:89:9a:23:bb:3e:
b9:f9:74:6f:b8:fc:3d:7f:7b:3a:cc:9e:52:0e:d4:
1d:98:33:59:c7:7c:eb:4c:ad:ed:f6:ac:0b:35:11:
3e:b1:4a:56:f2:18:a6:43:ea:e5:f3:c4:82:5b:26:
28:8b:ca:41:95:ce:ad:36:f6:e1:5c:5d:ae:b4:65:
55:64:7c:dc:0f:49:2e:16:30:b4:d0:a5:5b:11:58:
28:0b:56:cb:24:4d:31:a3:b6:e8:9d:a5:35:a1:bd:
a9:36:52:e2:cb:3a:e9:3b:c9:fb:13:8e:31:d7:43:
26:bf:15:bd:22:91:c1:2b:49:22:08:37:cf:d7:eb:
38:12:e1:9e:dc:7c:66:37:e3:45:a8:dd:33:98:03:
85:c3:78:21:39:9f:1b:b9:36:93:0c:8c:57:9b:db:
1e:75:e0:1e:4b:69:a6:29:a6:0f:18:4f:75:72:d9:
de:c7:19:fc:2b:15:6d:9b:f4:9a:26:9d:19:68:21:
9f:61:44:0f:6d:80:c0:ad:34:b6:1e:b8:e5:e9:96:
04:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C0:FC:EF:09:4B:5B:10:C0:B1:46:E2:6A:DD:9C:91:7F:B2:B9:55
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/pcD87wlLWxDAsUbiat2ckX-yuVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7800:900::/40
Signature Algorithm: sha256WithRSAEncryption
59:41:d7:75:9d:58:79:94:c3:21:6f:9e:db:f5:5c:63:ef:76:
d5:6d:09:02:d7:6b:03:73:3b:c0:a9:b0:a1:81:28:1b:90:d3:
0e:50:e5:9c:52:72:bc:07:9d:97:b1:5d:fc:b4:15:86:5d:d3:
f0:34:c6:d4:f8:56:8b:17:79:2f:06:59:ce:04:64:ee:14:74:
82:53:01:96:f0:4e:51:ba:9d:8d:17:8b:de:ad:6f:a0:e8:20:
7f:94:0b:f0:a9:20:ed:34:97:fd:08:5b:65:f7:a8:ea:d3:31:
19:bc:f7:97:a7:48:aa:47:f4:e2:3c:87:83:66:9f:2a:79:17:
97:19:8f:11:7f:76:1d:1f:08:b5:50:e1:9e:ae:d1:bf:c9:fd:
9e:dd:f7:53:52:f0:4f:78:40:69:25:2d:c6:78:28:83:f8:63:
a1:3d:d3:2b:e7:e9:a5:9f:8f:4e:b5:ef:bd:e4:4f:7e:9b:c4:
19:16:ec:71:60:54:16:f2:e3:2a:d1:a2:9a:56:17:5a:43:ff:
2d:b5:2b:2a:0b:d1:be:d4:97:c5:f0:6b:b4:46:50:9e:a1:2f:
7b:ba:6c:54:b0:f7:ee:e0:33:7a:0d:c9:11:69:7d:18:a1:b1:
2d:36:51:66:d7:1d:5f:d8:3f:c8:01:48:21:ee:93:1b:57:a7:
12:c4:db:7a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZNs3vAtUL2d/Iuf+g4jM9NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQxMTI3MDkwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWMwZmNlZjA5NGI1YjEwYzBiMTQ2ZTI2YWRkOWM5MTdmYjJiOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHn+O6xhswrIvTLU+sV280ScWiPx
qwkZAi6syAdyDZmOYF8Hle87vvTV4aT93bZozPuIQx+LiZojuz65+XRvuPw9f3s6
zJ5SDtQdmDNZx3zrTK3t9qwLNRE+sUpW8himQ+rl88SCWyYoi8pBlc6tNvbhXF2u
tGVVZHzcD0kuFjC00KVbEVgoC1bLJE0xo7bonaU1ob2pNlLiyzrpO8n7E44x10Mm
vxW9IpHBK0kiCDfP1+s4EuGe3HxmN+NFqN0zmAOFw3ghOZ8buTaTDIxXm9sedeAe
S2mmKaYPGE91ctnexxn8KxVtm/SaJp0ZaCGfYUQPbYDArTS2Hrjl6ZYECQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKXA/O8JS1sQwLFG4mrdnJF/srlVMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvcGNEODd3bExXeERBc1ViaWF0MmNrWC15dVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg94AAkw
DQYJKoZIhvcNAQELBQADggEBAFlB13WdWHmUwyFvntv1XGPvdtVtCQLXawNzO8Cp
sKGBKBuQ0w5Q5ZxScrwHnZexXfy0FYZd0/A0xtT4VosXeS8GWc4EZO4UdIJTAZbw
TlG6nY0Xi96tb6DoIH+UC/CpIO00l/0IW2X3qOrTMRm895enSKpH9OI8h4Nmnyp5
F5cZjxF/dh0fCLVQ4Z6u0b/J/Z7d91NS8E94QGklLcZ4KIP4Y6E90yvn6aWfj061
773kT36bxBkW7HFgVBby4yrRoppWF1pD/y21KyoL0b7Ul8Xwa7RGUJ6hL3u6bFSw
9+7gM3oNyRFpfRihsS02UWbXHV/YP8gBSCHukxtXpxLE23o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:23 2025 by rpki-client