Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/5iuIoZCzvZZQfQqhdJRfyO5Y0Ok.roa
File: 5iuIoZCzvZZQfQqhdJRfyO5Y0Ok.roa (raw, json)
Hash identifier: k/hyZPS5vqXSZeFYZYvLSk8Rp6GBrOA39N3xoEljDnE=
Subject key identifier: E6:2B:88:A1:90:B3:BD:96:50:7D:0A:A1:74:94:5F:C8:EE:58:D0:E9
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 018CC26D472C88CD939835DEBC7975A51A8B
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/5iuIoZCzvZZQfQqhdJRfyO5Y0Ok.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49846
IP address blocks: 2a01:348:317:8000::/49 maxlen: 49
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:47:2c:88:cd:93:98:35:de:bc:79:75:a5:1a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e62b88a190b3bd96507d0aa174945fc8ee58d0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:af:3a:db:f7:27:7f:a3:0c:03:ad:bc:2b:
b6:2a:df:2d:39:03:49:c1:a8:ca:57:7b:34:33:41:
58:6c:df:6d:3f:a6:d9:6f:6f:e9:39:53:fc:73:88:
13:eb:e6:7e:cb:a6:7f:2a:f9:88:c4:0d:d7:63:96:
e1:f8:31:e3:40:5e:e8:9e:3d:d5:99:82:0a:03:db:
28:e2:37:56:ab:99:61:3c:03:90:4b:0e:c8:0c:06:
ca:ea:b4:f0:7a:b7:00:da:4f:6b:44:0b:9b:5a:37:
1b:a9:44:48:5e:58:83:4a:f2:09:83:38:13:39:62:
1b:60:27:c8:ca:18:3e:04:fe:12:12:99:fa:f7:51:
9b:f3:7e:bb:67:e0:36:17:28:53:db:a9:3c:ba:0d:
5f:92:d2:07:f5:1f:ce:b0:36:09:db:38:21:16:92:
e9:97:c8:66:fd:c7:e4:95:4e:00:d1:8d:15:c9:63:
c7:d6:7f:16:4c:e3:0c:8f:88:85:fd:ef:40:08:f5:
b7:69:f6:70:30:3c:82:0d:ae:e8:91:cd:b1:f9:ba:
ac:f3:28:81:dd:71:12:1a:02:3e:e6:84:5b:77:90:
0e:b6:7c:f7:1b:50:18:90:e9:ce:6a:72:dc:82:79:
21:f1:ff:20:71:70:90:90:d9:98:af:0c:5a:b6:3a:
15:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2B:88:A1:90:B3:BD:96:50:7D:0A:A1:74:94:5F:C8:EE:58:D0:E9
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/5iuIoZCzvZZQfQqhdJRfyO5Y0Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:348:317:8000::/49
Signature Algorithm: sha256WithRSAEncryption
a5:40:55:c8:8a:49:32:1c:02:b2:69:6d:09:e8:d6:8b:e9:a9:
f9:5f:01:11:cc:57:e8:d6:b4:b7:70:ff:0e:91:7b:d7:84:0c:
da:81:25:9e:bc:1a:b9:c5:82:5a:ff:af:57:8f:ab:46:31:4d:
a3:fa:57:2d:56:2e:11:85:f0:70:43:ef:2f:b7:f7:d0:58:32:
f6:bd:eb:45:9d:a1:ac:91:7d:aa:3d:c7:bb:3c:b6:8e:21:7f:
5c:21:7f:8d:97:b2:d8:01:01:fe:4e:af:da:0a:d0:bd:47:b4:
8c:8b:da:e9:3b:76:0a:8e:b2:32:d0:9d:93:a6:54:f1:04:88:
ce:3a:63:a6:af:3f:1d:fd:a0:05:f1:18:3b:e2:4a:e6:3d:31:
ed:e8:d6:a1:b2:a3:f2:b6:d1:a6:12:1d:38:08:33:93:f8:52:
e2:ef:b7:05:9e:f7:23:f5:23:67:7c:e7:ac:19:b8:c2:ae:1d:
b9:fb:8c:17:95:0d:44:77:ae:30:77:2e:b5:4e:86:b4:fa:f3:
38:23:c9:41:15:0f:8c:dd:84:22:72:11:7e:4e:69:15:e9:7c:
62:d1:3c:8d:30:e3:31:30:1c:b0:10:70:15:f2:ec:aa:d1:b7:
af:70:94:fc:69:39:1c:59:b4:5a:ac:ef:b9:07:c0:2d:e7:99:
0f:0b:86:f7
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzCbUcsiM2TmDXevHl1pRqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODU2NTU3YzQxNDZhOGI1MGRjNGQ5NDQyNGIwNjY4MGNl
Zjc1NWIwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJiODhhMTkwYjNiZDk2NTA3ZDBhYTE3NDk0NWZjOGVlNThkMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorWvOtv3J3+jDAOtvCu2Kt8tOQNJ
wajKV3s0M0FYbN9tP6bZb2/pOVP8c4gT6+Z+y6Z/KvmIxA3XY5bh+DHjQF7onj3V
mYIKA9so4jdWq5lhPAOQSw7IDAbK6rTwercA2k9rRAubWjcbqURIXliDSvIJgzgT
OWIbYCfIyhg+BP4SEpn691Gb8367Z+A2FyhT26k8ug1fktIH9R/OsDYJ2zghFpLp
l8hm/cfklU4A0Y0VyWPH1n8WTOMMj4iF/e9ACPW3afZwMDyCDa7okc2x+bqs8yiB
3XESGgI+5oRbd5AOtnz3G1AYkOnOanLcgnkh8f8gcXCQkNmYrwxatjoV5QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFOYriKGQs72WUH0KoXSUX8juWNDpMB8GA1UdIwQY
MBaAFIyFZVfEFGqLUNxNlEJLBmgM73VbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEt
MmE2YjlhMGNjYWJkLzEvNWl1SW9aQ3p2WlpRZlFxaGRKUmZ5TzVZME9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDZhZGItN2FhNy00YjgyLWIwNWEtMmE2YjlhMGNjYWJk
LzEvaklWbFY4UVVhb3RRM0UyVVFrc0dhQXp2ZFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgHKgEDSAMX
gDANBgkqhkiG9w0BAQsFAAOCAQEApUBVyIpJMhwCsmltCejWi+mp+V8BEcxX6Na0
t3D/DpF714QM2oElnrwaucWCWv+vV4+rRjFNo/pXLVYuEYXwcEPvL7f30Fgy9r3r
RZ2hrJF9qj3Huzy2jiF/XCF/jZey2AEB/k6v2grQvUe0jIva6Tt2Co6yMtCdk6ZU
8QSIzjpjpq8/Hf2gBfEYO+JK5j0x7ejWobKj8rbRphIdOAgzk/hS4u+3BZ73I/Uj
Z3znrBm4wq4dufuMF5UNRHeuMHcutU6GtPrzOCPJQRUPjN2EInIRfk5pFel8YtE8
jTDjMTAcsBBwFfLsqtG3r3CU/Gk5HFm0WqzvuQfALeeZDwuG9w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:48 2025 by rpki-client