Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/eac2af-4bd3-4392-b5f4-48459d07b41e/1/veURvF7oE_Bmf9TBFcHPJO48eHM.roa
File: veURvF7oE_Bmf9TBFcHPJO48eHM.roa (raw, json)
Hash identifier: uxDLH/PBZ9Keh7ug0a8BRfti/ehWGZZcOrG5kyNbILI=
Subject key identifier: BD:E5:11:BC:5E:E8:13:F0:66:7F:D4:C1:15:C1:CF:24:EE:3C:78:73
Certificate issuer: /CN=204995c3627f7aacdfe23915e442e3d3900631af
Certificate serial: 018CC2DADE385C67B3826F67CE2CCB56F340
Authority key identifier: 20:49:95:C3:62:7F:7A:AC:DF:E2:39:15:E4:42:E3:D3:90:06:31:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEmVw2J_eqzf4jkV5ELj05AGMa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/eac2af-4bd3-4392-b5f4-48459d07b41e/1/veURvF7oE_Bmf9TBFcHPJO48eHM.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45038
IP address blocks: 2001:67c:630::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:de:38:5c:67:b3:82:6f:67:ce:2c:cb:56:f3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204995c3627f7aacdfe23915e442e3d3900631af
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bde511bc5ee813f0667fd4c115c1cf24ee3c7873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:82:55:49:0c:70:ba:59:27:9b:ae:56:23:94:
44:82:a0:4d:d2:62:c2:10:a8:b9:d5:72:bb:d5:07:
39:b6:a0:ad:39:44:d5:d9:e1:69:77:22:e6:38:4c:
74:53:63:78:ca:b5:29:22:b9:e1:03:e2:e3:4a:24:
26:37:a2:7d:b5:87:7a:e7:52:5a:15:45:be:ff:7e:
49:ea:13:53:0c:1d:e6:a2:75:f6:6f:e8:41:ab:95:
3b:0b:0d:9d:a9:ca:be:9d:e6:36:e0:04:43:58:1e:
e9:20:61:e7:94:8a:3c:f9:0a:de:89:bd:72:5c:c6:
c0:4e:77:64:17:33:be:99:2a:e1:6b:82:a8:a7:9c:
59:a9:6b:ef:6c:ec:95:e3:da:f4:d5:f6:8d:f9:64:
ab:0b:9e:2e:18:74:a5:4b:85:56:91:24:56:8e:5e:
38:6c:3e:7a:3f:2f:0f:2b:00:1d:f8:9f:04:d5:05:
7d:1c:16:81:18:42:74:0d:83:e7:ed:99:08:95:2b:
97:6c:9c:cf:0c:71:9b:5c:cf:df:8c:2b:6f:67:8a:
0a:5d:be:29:88:63:e7:ad:00:3d:4e:0f:bd:59:04:
59:4b:d9:40:40:c6:72:d3:73:3a:90:05:29:f5:66:
9a:67:7b:2e:7b:95:a4:6f:ec:53:b8:1a:8c:b6:ef:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E5:11:BC:5E:E8:13:F0:66:7F:D4:C1:15:C1:CF:24:EE:3C:78:73
X509v3 Authority Key Identifier:
keyid:20:49:95:C3:62:7F:7A:AC:DF:E2:39:15:E4:42:E3:D3:90:06:31:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEmVw2J_eqzf4jkV5ELj05AGMa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eac2af-4bd3-4392-b5f4-48459d07b41e/1/veURvF7oE_Bmf9TBFcHPJO48eHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eac2af-4bd3-4392-b5f4-48459d07b41e/1/IEmVw2J_eqzf4jkV5ELj05AGMa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:630::/48
Signature Algorithm: sha256WithRSAEncryption
60:b8:60:ed:5e:92:92:d9:ff:4a:9a:32:6f:13:79:fe:c8:b2:
c7:66:13:4e:b2:44:d7:29:62:93:ac:09:c9:54:d2:ea:58:99:
75:6c:1c:50:80:49:24:26:96:74:da:77:d3:e0:86:59:f5:72:
9c:14:4d:f9:3d:a3:ed:59:09:2c:d7:27:8d:4f:80:93:c1:45:
b0:b3:a7:ab:02:d1:e3:e2:9a:29:8e:63:5b:62:7f:eb:55:47:
00:15:fc:19:25:77:3e:c8:70:75:5d:ed:d2:1c:26:32:58:ee:
e7:6d:4c:e5:1d:62:69:62:3b:de:3e:8e:87:99:87:9e:4b:76:
0f:4c:7c:c2:1c:3a:4a:02:08:3a:85:f6:dc:10:2b:25:1a:e2:
1a:ad:d0:f4:71:e4:89:d5:1b:ac:6c:ad:b1:f6:b2:63:89:5e:
ef:86:aa:57:4f:d0:3c:a7:d2:a3:af:43:5f:b5:85:ff:c5:89:
c3:e8:94:a2:02:1b:73:d7:80:a6:0e:ed:54:cb:80:35:23:20:
60:74:e2:98:a9:2a:cc:96:2f:c5:4b:1c:3a:e1:9a:e8:e8:a0:
fe:ec:8f:23:4c:1f:e3:74:07:36:73:a0:02:0f:24:f1:e4:98:
40:6c:76:08:5f:37:fc:a0:83:e2:a8:aa:b7:45:71:10:e6:3a:
41:f4:b4:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2t44XGezgm9nzizLVvNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDk5NWMzNjI3ZjdhYWNkZmUyMzkxNWU0NDJlM2QzOTAw
NjMxYWYwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGU1MTFiYzVlZTgxM2YwNjY3ZmQ0YzExNWMxY2YyNGVlM2M3ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYJVSQxwulknm65WI5REgqBN0mLC
EKi51XK71Qc5tqCtOUTV2eFpdyLmOEx0U2N4yrUpIrnhA+LjSiQmN6J9tYd651Ja
FUW+/35J6hNTDB3monX2b+hBq5U7Cw2dqcq+neY24ARDWB7pIGHnlIo8+Qreib1y
XMbATndkFzO+mSrha4Kop5xZqWvvbOyV49r01faN+WSrC54uGHSlS4VWkSRWjl44
bD56Py8PKwAd+J8E1QV9HBaBGEJ0DYPn7ZkIlSuXbJzPDHGbXM/fjCtvZ4oKXb4p
iGPnrQA9Tg+9WQRZS9lAQMZy03M6kAUp9WaaZ3sue5Wkb+xTuBqMtu8tlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL3lEbxe6BPwZn/UwRXBzyTuPHhzMB8GA1UdIwQY
MBaAFCBJlcNif3qs3+I5FeRC49OQBjGvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVtVncySl9lcXpmNGprVjVFTGowNUFHTWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lYWMyYWYtNGJkMy00MzkyLWI1ZjQt
NDg0NTlkMDdiNDFlLzEvdmVVUnZGN29FX0JtZjlUQkZjSFBKTzQ4ZUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lYWMyYWYtNGJkMy00MzkyLWI1ZjQtNDg0NTlkMDdiNDFl
LzEvSUVtVncySl9lcXpmNGprVjVFTGowNUFHTWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAYw
MA0GCSqGSIb3DQEBCwUAA4IBAQBguGDtXpKS2f9KmjJvE3n+yLLHZhNOskTXKWKT
rAnJVNLqWJl1bBxQgEkkJpZ02nfT4IZZ9XKcFE35PaPtWQks1yeNT4CTwUWws6er
AtHj4popjmNbYn/rVUcAFfwZJXc+yHB1Xe3SHCYyWO7nbUzlHWJpYjvePo6HmYee
S3YPTHzCHDpKAgg6hfbcECslGuIardD0ceSJ1RusbK2x9rJjiV7vhqpXT9A8p9Kj
r0NftYX/xYnD6JSiAhtz14CmDu1Uy4A1IyBgdOKYqSrMli/FSxw64Zro6KD+7I8j
TB/jdAc2c6ACDyTx5JhAbHYIXzf8oIPiqKq3RXEQ5jpB9LSe
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:58:15 2025 by rpki-client