Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/xGVfXYSRiH8yUbR50NVGCiUZR9s.roa
File: xGVfXYSRiH8yUbR50NVGCiUZR9s.roa (raw, json)
Hash identifier: YTTNH3ihhrLPE5PB1doGGzOXyp/g4neIJbLxtqxyqFg=
Subject key identifier: C4:65:5F:5D:84:91:88:7F:32:51:B4:79:D0:D5:46:0A:25:19:47:DB
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019194ECA617A6A2D4A3EB07866AAF22FA0A
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/xGVfXYSRiH8yUbR50NVGCiUZR9s.roa
Signing time: Tue 27 Aug 2024 17:40:22 +0000
ROA not before: Tue 27 Aug 2024 17:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a0b:e9c0::/30 maxlen: 30
2a0b:e9c4::/30 maxlen: 30
2a0c:f641::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:ec:a6:17:a6:a2:d4:a3:eb:07:86:6a:af:22:fa:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 27 17:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4655f5d8491887f3251b479d0d5460a251947db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:20:d9:24:2b:e3:51:50:bf:59:9c:6d:ed:77:
73:4d:56:91:0f:28:35:73:4b:88:0e:5e:c2:6d:6e:
6e:f3:90:36:c1:24:93:33:2e:b4:eb:b6:30:b8:09:
77:10:a5:63:c2:72:ed:c5:36:34:32:12:3d:ec:b4:
7c:07:55:51:c0:0e:a0:e2:47:1c:d1:6d:8e:af:f7:
4c:df:d8:f7:89:cb:ff:28:5e:56:b9:d0:02:2b:99:
33:11:1f:8a:26:70:26:3d:0c:ea:ed:1b:e9:ba:58:
a0:50:f0:e5:71:82:cf:a9:99:47:75:38:31:39:ad:
f7:1e:51:47:f1:7c:dd:97:ea:ae:8c:52:c1:14:8a:
74:8c:0a:f1:b6:f5:8b:ea:3b:8a:56:f2:d1:89:9c:
3c:54:6b:37:d2:7d:b1:73:04:c7:3f:be:54:a5:a6:
57:ee:82:22:fa:15:a4:05:ad:37:c7:d9:aa:b7:95:
7b:83:19:96:d9:2c:53:7b:7e:d9:89:96:70:d6:8b:
88:a8:6d:2e:b9:46:4b:07:6f:f6:d5:f1:d2:cf:14:
f0:ab:8b:17:3d:63:3a:9e:0e:d6:ff:dc:df:b6:d5:
44:d2:de:5c:98:23:4b:c5:38:b2:51:1a:28:83:28:
c5:25:29:46:ad:54:d8:df:01:f2:e9:f3:77:2e:e0:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:65:5F:5D:84:91:88:7F:32:51:B4:79:D0:D5:46:0A:25:19:47:DB
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/xGVfXYSRiH8yUbR50NVGCiUZR9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:e9c0::/29
2a0c:f641::/32
Signature Algorithm: sha256WithRSAEncryption
46:50:13:53:19:8a:92:29:31:c0:17:58:77:01:18:e3:06:bc:
8b:a5:13:62:08:27:e6:78:03:00:da:a5:bc:9f:28:94:0f:8b:
ec:6a:f4:12:73:7e:bd:ad:f0:16:bc:7c:f2:52:d3:50:37:47:
b1:0d:bd:b9:ef:bb:1a:9b:d3:17:b4:47:3e:d2:f0:cb:49:dc:
a1:3d:0d:f6:f0:e3:0d:e0:5d:0b:59:eb:cf:3f:2d:5d:f9:4c:
d7:34:05:5f:23:bb:4e:25:75:49:45:b5:44:46:20:95:e4:81:
40:26:d3:fb:ad:bc:63:8e:18:1a:0a:12:7c:3e:82:eb:23:47:
25:0f:70:fc:b5:2d:81:0a:79:db:96:91:e7:7f:76:c0:1a:9c:
bd:ee:55:5b:b8:74:7b:fb:1a:3e:ac:37:d7:e8:dc:4c:78:ec:
e6:d9:12:b1:07:bf:d3:bb:98:dd:dd:46:8d:7f:b2:8a:d8:ef:
04:96:d1:eb:c8:a9:36:5d:21:e5:be:0d:0b:cc:ba:fd:8c:c5:
de:4c:19:e2:61:3c:38:48:33:cf:dd:a6:f9:6a:c9:e4:2f:4d:
7b:83:96:35:72:29:b7:b0:4e:1e:b5:06:11:46:07:fe:ad:9d:
30:44:69:3d:8a:94:96:dd:ca:4d:ef:4f:5e:26:f4:21:cd:65:
fd:81:00:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGU7KYXpqLUo+sHhmqvIvoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwODI3MTc0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY1NWY1ZDg0OTE4ODdmMzI1MWI0NzlkMGQ1NDYwYTI1MTk0N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSDZJCvjUVC/WZxt7XdzTVaRDyg1
c0uIDl7CbW5u85A2wSSTMy6067YwuAl3EKVjwnLtxTY0MhI97LR8B1VRwA6g4kcc
0W2Or/dM39j3icv/KF5WudACK5kzER+KJnAmPQzq7RvpuligUPDlcYLPqZlHdTgx
Oa33HlFH8Xzdl+qujFLBFIp0jArxtvWL6juKVvLRiZw8VGs30n2xcwTHP75UpaZX
7oIi+hWkBa03x9mqt5V7gxmW2SxTe37ZiZZw1ouIqG0uuUZLB2/21fHSzxTwq4sX
PWM6ng7W/9zfttVE0t5cmCNLxTiyURoogyjFJSlGrVTY3wHy6fN3LuB4UwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMRlX12EkYh/MlG0edDVRgolGUfbMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEveEdWZlhZU1JpSDh5VWJSNTBOVkdDaVVaUjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgvpwAMF
ACoM9kEwDQYJKoZIhvcNAQELBQADggEBAEZQE1MZipIpMcAXWHcBGOMGvIulE2II
J+Z4AwDapbyfKJQPi+xq9BJzfr2t8Ba8fPJS01A3R7ENvbnvuxqb0xe0Rz7S8MtJ
3KE9Dfbw4w3gXQtZ688/LV35TNc0BV8ju04ldUlFtURGIJXkgUAm0/utvGOOGBoK
Enw+gusjRyUPcPy1LYEKeduWked/dsAanL3uVVu4dHv7Gj6sN9fo3Ex47ObZErEH
v9O7mN3dRo1/sorY7wSW0evIqTZdIeW+DQvMuv2Mxd5MGeJhPDhIM8/dpvlqyeQv
TXuDljVyKbewTh61BhFGB/6tnTBEaT2KlJbdyk3vT14m9CHNZf2BAFU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:12 2025 by rpki-client