Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/c_kG7a1uQKyZzzVW86g1U_g5IQo.roa
File: c_kG7a1uQKyZzzVW86g1U_g5IQo.roa (raw, json)
Hash identifier: zJvoBV/8WSS4wJN8LAuXHq+yCy0pWnftbtmjTLgDC/Q=
Subject key identifier: 73:F9:06:ED:AD:6E:40:AC:99:CF:35:56:F3:A8:35:53:F8:39:21:0A
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 018CC9BC78D016DA49DC16819C0CDB565695
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/c_kG7a1uQKyZzzVW86g1U_g5IQo.roa
Signing time: Tue 02 Jan 2024 10:33:41 +0000
ROA not before: Tue 02 Jan 2024 10:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206785
IP address blocks: 2a00:c40:8095::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:78:d0:16:da:49:dc:16:81:9c:0c:db:56:56:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 2 10:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73f906edad6e40ac99cf3556f3a83553f839210a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:83:59:fb:2f:69:15:98:b3:c0:93:9f:26:
42:71:a8:be:cd:08:9b:d0:7c:04:03:47:e6:ec:17:
ba:4b:1f:9f:7f:c0:15:c5:ad:3a:b2:50:8b:d9:d3:
2a:f8:25:30:b7:ad:7b:39:90:69:46:0f:a9:89:da:
4e:da:f4:04:18:76:70:dc:c6:ac:80:f0:f6:c8:15:
15:82:84:ee:a3:10:c4:46:95:da:d1:02:17:89:e3:
db:e2:5f:40:f4:dc:45:3f:48:12:52:9b:f4:02:88:
d9:f4:63:53:51:6d:1f:be:ab:ad:dc:71:8a:c6:49:
7c:7b:68:25:b2:bd:77:49:05:6d:86:f2:df:36:12:
7d:df:d2:a2:e4:7c:84:9b:ea:43:0c:21:94:57:5a:
7c:62:e0:22:e6:9c:b3:0e:dd:0a:8b:2a:c7:c2:81:
d2:72:0d:5a:92:70:59:37:6a:42:c2:01:47:c6:21:
10:3d:03:eb:4b:c4:94:78:64:c0:c1:89:61:42:69:
52:a5:9a:c7:f4:db:75:86:ad:53:f5:57:8e:9b:24:
a1:77:f8:90:e8:e5:44:f3:de:49:3a:fe:76:86:c0:
68:55:e3:5c:e9:76:27:fd:97:d7:fb:f3:48:d5:38:
9b:f7:39:c3:8e:28:22:43:54:a9:3f:62:6f:7f:d9:
a8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F9:06:ED:AD:6E:40:AC:99:CF:35:56:F3:A8:35:53:F8:39:21:0A
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/c_kG7a1uQKyZzzVW86g1U_g5IQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:c40:8095::/48
Signature Algorithm: sha256WithRSAEncryption
19:db:45:32:de:66:e5:31:f1:a5:42:ca:b8:ab:c6:52:aa:0b:
97:75:9a:28:f0:30:67:04:48:22:df:d5:72:96:2b:c6:79:59:
0e:9c:26:e9:be:ba:62:b5:b6:f5:f8:75:b8:79:14:07:2f:a2:
9c:c0:e5:1d:c1:ae:a0:cf:45:9c:c2:77:e4:99:7c:88:2f:7b:
e2:e9:63:b8:f6:6d:b6:94:9d:5c:b7:c9:aa:1b:e5:f2:00:c1:
4b:29:ee:8c:ac:f2:e1:ae:b5:b5:01:c5:ab:46:ab:ec:68:ef:
76:67:bb:7f:17:08:a2:03:90:03:16:57:e1:9c:6f:df:b8:0b:
30:f5:d8:27:5a:ba:a0:eb:aa:fb:22:82:c5:c6:52:5a:a1:f7:
61:21:89:4d:ab:4a:b1:3f:d2:ff:41:27:e2:d5:10:27:2e:d8:
f1:63:7f:4b:cb:84:2c:f7:77:f5:db:52:70:10:df:c4:c7:84:
10:97:d5:99:8b:ad:6c:5c:4f:9b:77:f1:0a:4b:34:30:95:83:
4c:16:6a:b0:c0:7f:e9:2b:f9:bb:50:63:85:b0:19:c2:6a:6b:
47:38:f3:f9:fc:36:2e:21:10:10:e3:27:20:2a:61:5a:90:04:
69:59:b2:9c:3b:5e:74:53:1c:cc:57:c9:82:1f:32:ae:94:ee:
a4:58:1f:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvHjQFtpJ3BaBnAzbVlaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjQwMTAyMTAzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y5MDZlZGFkNmU0MGFjOTljZjM1NTZmM2E4MzU1M2Y4MzkyMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnACDWfsvaRWYs8CTnyZCcai+zQib
0HwEA0fm7Be6Sx+ff8AVxa06slCL2dMq+CUwt617OZBpRg+pidpO2vQEGHZw3Mas
gPD2yBUVgoTuoxDERpXa0QIXiePb4l9A9NxFP0gSUpv0AojZ9GNTUW0fvqut3HGK
xkl8e2glsr13SQVthvLfNhJ939Ki5HyEm+pDDCGUV1p8YuAi5pyzDt0KiyrHwoHS
cg1aknBZN2pCwgFHxiEQPQPrS8SUeGTAwYlhQmlSpZrH9Nt1hq1T9VeOmyShd/iQ
6OVE895JOv52hsBoVeNc6XYn/ZfX+/NI1Tib9znDjigiQ1SpP2Jvf9mo3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHP5Bu2tbkCsmc81VvOoNVP4OSEKMB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvY19rRzdhMXVRS3laenpWVzg2ZzFVX2c1SVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAMQICV
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ20Uy3mblMfGlQsq4q8ZSqguXdZoo8DBnBEgi
39VylivGeVkOnCbpvrpitbb1+HW4eRQHL6KcwOUdwa6gz0WcwnfkmXyIL3vi6WO4
9m22lJ1ct8mqG+XyAMFLKe6MrPLhrrW1AcWrRqvsaO92Z7t/FwiiA5ADFlfhnG/f
uAsw9dgnWrqg66r7IoLFxlJaofdhIYlNq0qxP9L/QSfi1RAnLtjxY39Ly4Qs93f1
21JwEN/Ex4QQl9WZi61sXE+bd/EKSzQwlYNMFmqwwH/pK/m7UGOFsBnCamtHOPP5
/DYuIRAQ4ycgKmFakARpWbKcO150UxzMV8mCHzKulO6kWB+u
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:37 2025 by rpki-client