Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/prb7C5wEc0ZOWCmd9xX7ms4MnRA.roa
File: prb7C5wEc0ZOWCmd9xX7ms4MnRA.roa (raw, json)
Hash identifier: zT2bF9jU5bcmX8278dKsbmC1Rv2SYzsGsPgk+xbj3es=
Subject key identifier: A6:B6:FB:0B:9C:04:73:46:4E:58:29:9D:F7:15:FB:9A:CE:0C:9D:10
Certificate issuer: /CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Certificate serial: 018E7B5EF7A4EFE47CEA5A25F417F2F4B2D5
Authority key identifier: B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/prb7C5wEc0ZOWCmd9xX7ms4MnRA.roa
Signing time: Tue 26 Mar 2024 15:26:45 +0000
ROA not before: Tue 26 Mar 2024 15:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a14:2ec0:64b4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 19:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:5e:f7:a4:ef:e4:7c:ea:5a:25:f4:17:f2:f4:b2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Validity
Not Before: Mar 26 15:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6b6fb0b9c0473464e58299df715fb9ace0c9d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1b:6c:4b:43:29:d3:fd:5a:df:7e:66:fd:74:
19:c4:9b:f5:cb:b1:d1:53:a3:8e:d0:c2:fa:31:b3:
22:f9:8f:ac:79:88:d2:22:08:41:51:05:a2:bd:a1:
04:c8:6d:2c:03:e3:e4:ec:41:f5:3d:d5:91:a0:1d:
9c:4b:77:e2:7f:33:40:3f:21:83:83:84:28:91:05:
49:f9:50:5b:58:6e:a5:0d:ce:db:9d:3e:95:76:10:
96:1d:d3:23:09:5a:01:8f:e7:b0:58:a3:85:c8:dd:
4a:6d:60:d5:9f:67:59:63:fc:a3:29:d7:34:6c:41:
6c:18:fc:c8:d5:5f:d8:37:a2:34:2d:08:e0:e4:cd:
3c:fa:ed:ca:af:7f:77:c5:8b:72:92:69:09:39:a0:
14:08:0c:8f:f6:4d:64:b9:36:26:99:d2:01:9c:1e:
e5:72:61:97:b2:29:37:3c:3e:0f:b3:51:48:46:88:
ca:28:aa:66:b0:9b:d9:eb:d2:81:07:b7:ba:94:d9:
ca:fd:27:67:00:ec:1d:2b:73:07:5d:81:f6:92:06:
cc:dd:34:1d:8c:aa:33:3c:6e:95:68:8f:1a:97:f8:
e7:6f:9b:db:b3:a2:e4:51:51:ac:55:ab:06:62:7b:
6a:9a:7e:0c:dc:c5:fd:a4:5e:28:23:52:66:2f:61:
71:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B6:FB:0B:9C:04:73:46:4E:58:29:9D:F7:15:FB:9A:CE:0C:9D:10
X509v3 Authority Key Identifier:
keyid:B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/prb7C5wEc0ZOWCmd9xX7ms4MnRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2ec0:64b4::/48
Signature Algorithm: sha256WithRSAEncryption
45:07:7d:6c:a5:5d:7f:fd:2b:82:2e:5a:59:e6:3f:f3:fd:83:
9b:7a:de:b2:1d:3f:83:db:99:15:68:8d:02:08:44:d4:16:d2:
58:04:d7:07:12:87:08:cf:df:7d:91:11:b4:1f:48:16:1d:0a:
8b:74:5d:3b:f7:b1:10:68:d7:ce:8d:cf:d3:31:d2:12:1c:bd:
ad:99:20:79:0c:fd:63:ae:17:cb:35:45:d6:13:0f:94:70:b4:
09:e2:6b:99:25:b0:71:be:ec:63:d8:21:1f:19:bd:0e:2a:49:
97:57:3e:dc:09:b7:86:6c:42:cc:a3:2e:80:dd:87:35:49:ae:
61:8e:9a:6e:71:be:d7:5c:37:f3:08:5e:ab:22:9d:21:6d:5e:
6f:47:65:d8:f5:2f:52:18:ef:7d:d8:d0:22:a7:bd:71:e4:2b:
fa:4d:75:c9:5e:57:56:73:00:4c:17:ac:04:b7:7c:7a:59:31:
42:b0:cf:47:a0:52:b8:8c:93:cf:95:ef:d8:57:c7:5d:ce:aa:
b6:08:9d:53:c3:da:52:0e:5c:51:34:e4:68:a2:32:c8:c6:01:
bf:d9:1d:aa:55:06:2b:c9:78:fb:44:68:c0:49:5e:6f:18:e4:
7e:e0:ee:d2:0e:e8:13:d6:32:47:3c:69:a0:b9:f3:61:d3:10:
7c:46:c2:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY57Xvek7+R86lol9Bfy9LLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjY0MDM1MWFiMjFhMGRjN2FhYTE1ZmFiNWIxMTA5Nzc3
MTRhM2MwHhcNMjQwMzI2MTUyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI2ZmIwYjljMDQ3MzQ2NGU1ODI5OWRmNzE1ZmI5YWNlMGM5ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBtsS0Mp0/1a335m/XQZxJv1y7HR
U6OO0ML6MbMi+Y+seYjSIghBUQWivaEEyG0sA+Pk7EH1PdWRoB2cS3fifzNAPyGD
g4QokQVJ+VBbWG6lDc7bnT6VdhCWHdMjCVoBj+ewWKOFyN1KbWDVn2dZY/yjKdc0
bEFsGPzI1V/YN6I0LQjg5M08+u3Kr393xYtykmkJOaAUCAyP9k1kuTYmmdIBnB7l
cmGXsik3PD4Ps1FIRojKKKpmsJvZ69KBB7e6lNnK/SdnAOwdK3MHXYH2kgbM3TQd
jKozPG6VaI8al/jnb5vbs6LkUVGsVasGYntqmn4M3MX9pF4oI1JmL2FxLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKa2+wucBHNGTlgpnfcV+5rODJ0QMB8GA1UdIwQY
MBaAFLImQDUashoNx6qhX6tbEQl3cUo8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQt
MTc5ZTZlNDI5MGMwLzEvcHJiN0M1d0VjMFpPV0NtZDl4WDdtczRNblJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQtMTc5ZTZlNDI5MGMw
LzEvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQuwGS0
MA0GCSqGSIb3DQEBCwUAA4IBAQBFB31spV1//SuCLlpZ5j/z/YObet6yHT+D25kV
aI0CCETUFtJYBNcHEocIz999kRG0H0gWHQqLdF0797EQaNfOjc/TMdISHL2tmSB5
DP1jrhfLNUXWEw+UcLQJ4muZJbBxvuxj2CEfGb0OKkmXVz7cCbeGbELMoy6A3Yc1
Sa5hjppucb7XXDfzCF6rIp0hbV5vR2XY9S9SGO992NAip71x5Cv6TXXJXldWcwBM
F6wEt3x6WTFCsM9HoFK4jJPPle/YV8ddzqq2CJ1Tw9pSDlxRNORoojLIxgG/2R2q
VQYryXj7RGjASV5vGOR+4O7SDugT1jJHPGmgufNh0xB8RsIt
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:25:53 2025 by rpki-client