Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/wBu3NjLQFYuzM8Dmmxnn8j0CVVE.roa
File: wBu3NjLQFYuzM8Dmmxnn8j0CVVE.roa (raw, json)
Hash identifier: Qu+SZzNySbrC4ZsLz8xxlrVTwpIndZXHRPgpan1XK0w=
Subject key identifier: C0:1B:B7:36:32:D0:15:8B:B3:33:C0:E6:9B:19:E7:F2:3D:02:55:51
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 018D6A2AA5C53D4C7E4E128C4023F7A0FB36
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/wBu3NjLQFYuzM8Dmmxnn8j0CVVE.roa
Signing time: Fri 02 Feb 2024 14:13:16 +0000
ROA not before: Fri 02 Feb 2024 14:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 2a0f:bf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:17:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:2a:a5:c5:3d:4c:7e:4e:12:8c:40:23:f7:a0:fb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Feb 2 14:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c01bb73632d0158bb333c0e69b19e7f23d025551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:13:00:5e:b3:4f:32:64:21:6c:44:ac:e9:18:
f7:5d:ab:84:ab:90:ff:81:d6:70:c7:99:77:84:63:
cf:d0:6d:a3:4a:18:38:46:4f:50:e0:04:41:fb:e6:
c4:3b:22:be:fb:f6:9a:7c:7c:61:75:62:76:e0:56:
c0:2a:c1:43:2f:a7:b4:f8:5c:47:da:8b:11:71:dd:
05:23:81:15:da:cb:8a:1d:5c:3d:0e:ea:a9:fc:a3:
d7:75:de:77:50:c2:0d:86:7f:41:b0:06:0d:fe:4c:
8d:5d:85:55:9f:69:78:5a:92:aa:35:b7:b1:f9:f5:
c8:19:7c:02:17:47:83:99:62:14:e4:4d:12:49:8f:
c9:c8:61:7b:bc:2f:1c:77:d0:0a:bb:c1:c5:89:f5:
1a:83:4c:67:9f:62:52:a1:29:39:75:3a:fa:fe:86:
0f:85:8c:b5:1f:89:72:af:62:0a:6f:bb:b7:40:fd:
25:86:80:31:c4:b8:13:5b:6d:ce:77:62:ab:33:3e:
e5:4f:99:8d:2d:7d:26:17:37:af:09:6c:c3:98:cd:
bf:96:5c:c5:a5:3d:89:b6:c4:4f:28:17:11:0f:1f:
2a:21:88:da:85:c8:98:47:f4:f8:95:2d:e1:59:64:
15:0d:da:f6:20:10:73:2d:dc:17:39:3c:38:50:fd:
ca:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:1B:B7:36:32:D0:15:8B:B3:33:C0:E6:9B:19:E7:F2:3D:02:55:51
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/wBu3NjLQFYuzM8Dmmxnn8j0CVVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
20:e2:11:ab:ae:83:76:af:38:c1:f7:00:c2:5d:8c:d0:de:d6:
a4:0e:3d:f9:45:e8:2c:16:58:d7:10:8f:08:1d:79:fa:b5:c4:
ea:03:15:f7:2c:b7:8c:a8:32:68:59:2e:3a:fb:e2:f6:d4:74:
76:e8:d7:67:2c:d7:76:fa:0d:0c:7f:f0:57:8f:cc:c7:52:b8:
6b:c0:8d:13:30:c8:23:28:ee:8a:e9:39:3b:33:49:31:1e:73:
31:76:e0:36:db:f0:c5:41:72:f4:99:e9:96:36:2c:e9:71:ae:
21:40:1b:d0:01:f1:30:3c:c0:4f:45:7b:ec:b9:b6:b7:7f:09:
b9:9e:4d:37:17:2a:c1:45:ec:c6:b2:e1:03:15:a8:6d:71:c4:
e1:83:b0:76:69:9b:3c:63:a6:78:b6:00:28:62:9f:60:2f:77:
b2:55:78:76:e4:5a:08:a9:fd:32:2c:7e:7a:a9:a4:df:f1:ed:
22:53:8d:3c:aa:3b:15:28:9a:46:84:13:df:9e:e7:91:4d:71:
22:13:2a:ac:11:c1:0c:aa:cd:6c:34:8c:c2:4c:0b:1e:3c:19:
a8:28:96:e9:95:12:64:66:99:3c:3e:78:51:44:a5:8f:a9:16:
8c:c2:d7:b8:b5:fa:6c:ca:a4:ad:13:04:4a:e7:1f:cb:7a:76:
96:c6:d2:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1qKqXFPUx+ThKMQCP3oPs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwMjAyMTQxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDFiYjczNjMyZDAxNThiYjMzM2MwZTY5YjE5ZTdmMjNkMDI1NTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBMAXrNPMmQhbESs6Rj3XauEq5D/
gdZwx5l3hGPP0G2jShg4Rk9Q4ARB++bEOyK++/aafHxhdWJ24FbAKsFDL6e0+FxH
2osRcd0FI4EV2suKHVw9Duqp/KPXdd53UMINhn9BsAYN/kyNXYVVn2l4WpKqNbex
+fXIGXwCF0eDmWIU5E0SSY/JyGF7vC8cd9AKu8HFifUag0xnn2JSoSk5dTr6/oYP
hYy1H4lyr2IKb7u3QP0lhoAxxLgTW23Od2KrMz7lT5mNLX0mFzevCWzDmM2/llzF
pT2JtsRPKBcRDx8qIYjahciYR/T4lS3hWWQVDdr2IBBzLdwXOTw4UP3K+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMAbtzYy0BWLszPA5psZ5/I9AlVRMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvd0J1M05qTFFGWXV6TThEbW14bm44ajBDVlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+/ADAN
BgkqhkiG9w0BAQsFAAOCAQEAIOIRq66Ddq84wfcAwl2M0N7WpA49+UXoLBZY1xCP
CB15+rXE6gMV9yy3jKgyaFkuOvvi9tR0dujXZyzXdvoNDH/wV4/Mx1K4a8CNEzDI
Iyjuiuk5OzNJMR5zMXbgNtvwxUFy9JnpljYs6XGuIUAb0AHxMDzAT0V77Lm2t38J
uZ5NNxcqwUXsxrLhAxWobXHE4YOwdmmbPGOmeLYAKGKfYC93slV4duRaCKn9Mix+
eqmk3/HtIlONPKo7FSiaRoQT357nkU1xIhMqrBHBDKrNbDSMwkwLHjwZqCiW6ZUS
ZGaZPD54UUSlj6kWjMLXuLX6bMqkrRMESucfy3p2lsbSuQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:01 2025 by rpki-client