Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/vlKWWpugRs6eZT3-ukFCfXQQ07Q.roa
File: vlKWWpugRs6eZT3-ukFCfXQQ07Q.roa (raw, json)
Hash identifier: VNus/l5WO9cLJl+w0Hg2jC4fq0r86xKmDXBFw3jVqB4=
Subject key identifier: BE:52:96:5A:9B:A0:46:CE:9E:65:3D:FE:BA:41:42:7D:74:10:D3:B4
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0C44950BA4F2ECFE884D9EC60B5C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/vlKWWpugRs6eZT3-ukFCfXQQ07Q.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203728
IP address blocks: 2a09:ff00:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Jan 2025 20:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0c:44:95:0b:a4:f2:ec:fe:88:4d:9e:c6:0b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be52965a9ba046ce9e653dfeba41427d7410d3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:56:c0:82:f8:2a:85:27:5e:4b:c7:50:ca:5c:
94:79:05:df:8f:ed:5c:09:8e:a4:79:14:ee:54:25:
b4:7e:c7:3f:31:f2:29:f5:47:63:3e:5a:5d:ea:d6:
84:f1:cb:fb:fc:6f:e6:ee:78:5a:7d:1b:01:a8:37:
ec:20:dd:8d:d2:1e:49:6f:27:ef:4b:fd:c3:27:11:
a2:f3:8e:02:98:fa:ee:b9:83:6d:3d:02:9e:08:49:
0c:d2:e3:72:d3:6c:5d:4a:c0:20:75:8c:96:b4:44:
22:b3:f7:26:2e:7e:cb:33:a0:11:35:31:85:59:6d:
fb:a7:3d:2b:77:16:5d:47:7e:77:b5:f3:dc:ba:5a:
34:7b:40:8d:af:c9:cc:72:14:26:79:3b:a4:bb:54:
99:6f:e2:79:08:10:e5:67:db:7e:ca:f5:09:92:3b:
7f:c1:1c:38:a2:3a:37:d9:01:2e:7e:3b:06:3b:13:
a7:60:54:22:a2:9b:c3:32:23:bf:55:bd:6f:77:fd:
11:85:f9:9f:2d:87:f6:2e:5e:fe:e3:76:ab:43:21:
e9:db:e9:f6:be:87:c4:76:ff:1e:72:43:06:a5:69:
5d:16:76:9c:c8:00:bb:7b:ea:e6:a4:5c:82:62:83:
80:0a:05:e7:ba:aa:de:a2:1b:49:88:a6:7f:96:6b:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:52:96:5A:9B:A0:46:CE:9E:65:3D:FE:BA:41:42:7D:74:10:D3:B4
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/vlKWWpugRs6eZT3-ukFCfXQQ07Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:100::/48
Signature Algorithm: sha256WithRSAEncryption
63:2b:51:e8:27:2e:3f:b1:24:96:6d:70:2f:69:dc:b7:3c:cb:
ef:3a:ec:20:91:b6:ae:93:d2:35:0f:13:45:e5:64:a6:dc:4f:
fd:b3:27:1b:e5:63:58:89:25:cf:a7:14:60:21:d3:18:86:a2:
7e:b6:7b:47:86:01:0a:57:b1:c5:7e:e2:cc:38:62:76:99:05:
00:f3:f6:28:6c:da:2c:57:5f:d2:89:2a:76:cf:64:5d:90:03:
f8:9e:4e:e6:a1:5f:b9:e7:c2:84:de:b2:95:ae:65:c9:8d:11:
1c:d5:b4:c7:50:44:3a:5e:97:59:c9:1f:39:a5:41:c9:9e:d8:
38:23:8b:47:61:81:f7:11:f4:42:64:4a:c6:2d:84:21:42:43:
2f:7a:4a:48:09:2a:22:ff:93:d9:cd:d0:c0:82:30:69:91:51:
17:71:2c:9b:ca:0d:98:cb:51:e1:57:ed:cd:07:ef:e2:18:d9:
97:40:39:66:4c:00:cf:9e:b8:9a:fa:6f:ae:91:27:e4:7e:20:
cb:7c:e5:b1:d7:e5:30:21:1c:b6:15:06:91:71:2b:bb:48:13:
09:46:9a:2c:a9:b0:77:fd:24:6d:8e:50:9f:79:dd:00:87:4f:
7e:74:e2:90:1b:e7:00:9e:af:f7:ed:0f:38:9f:d8:8b:f9:0c:
04:ea:93:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQmawxElQuk8uz+iE2exgtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUyOTY1YTliYTA0NmNlOWU2NTNkZmViYTQxNDI3ZDc0MTBkM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVbAgvgqhSdeS8dQylyUeQXfj+1c
CY6keRTuVCW0fsc/MfIp9UdjPlpd6taE8cv7/G/m7nhafRsBqDfsIN2N0h5Jbyfv
S/3DJxGi844CmPruuYNtPQKeCEkM0uNy02xdSsAgdYyWtEQis/cmLn7LM6ARNTGF
WW37pz0rdxZdR353tfPculo0e0CNr8nMchQmeTuku1SZb+J5CBDlZ9t+yvUJkjt/
wRw4ojo32QEufjsGOxOnYFQiopvDMiO/Vb1vd/0RhfmfLYf2Ll7+43arQyHp2+n2
vofEdv8eckMGpWldFnacyAC7e+rmpFyCYoOACgXnuqreohtJiKZ/lmtmuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL5SllqboEbOnmU9/rpBQn10ENO0MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvdmxLV1dwdWdSczZlWlQzLXVrRkNmWFFRMDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgn/AAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjK1HoJy4/sSSWbXAvady3PMvvOuwgkbauk9I1
DxNF5WSm3E/9sycb5WNYiSXPpxRgIdMYhqJ+tntHhgEKV7HFfuLMOGJ2mQUA8/Yo
bNosV1/SiSp2z2RdkAP4nk7moV+558KE3rKVrmXJjREc1bTHUEQ6XpdZyR85pUHJ
ntg4I4tHYYH3EfRCZErGLYQhQkMvekpICSoi/5PZzdDAgjBpkVEXcSybyg2Yy1Hh
V+3NB+/iGNmXQDlmTADPnria+m+ukSfkfiDLfOWx1+UwIRy2FQaRcSu7SBMJRpos
qbB3/SRtjlCfed0Ah09+dOKQG+cAnq/37Q84n9iL+QwE6pMd
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:41:54 2025 by rpki-client