Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d48090-2dbf-4b84-8596-98ce146f1824/1/XeIbEIJ5n1x9qFIts17XqM5mNO4.roa
File: XeIbEIJ5n1x9qFIts17XqM5mNO4.roa (raw, json)
Hash identifier: m5W6bDniMdkmBe0Juf7pmWk4Ay4MJwpHjLVqjPNPKnU=
Subject key identifier: 5D:E2:1B:10:82:79:9F:5C:7D:A8:52:2D:B3:5E:D7:A8:CE:66:34:EE
Certificate issuer: /CN=1e4c32086e1e984505691b01f5985df7a36b24ae
Certificate serial: 018CCA2B2EAD045A351B2D0A197EA6C06BC9
Authority key identifier: 1E:4C:32:08:6E:1E:98:45:05:69:1B:01:F5:98:5D:F7:A3:6B:24:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkwyCG4emEUFaRsB9Zhd96NrJK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/d48090-2dbf-4b84-8596-98ce146f1824/1/XeIbEIJ5n1x9qFIts17XqM5mNO4.roa
Signing time: Tue 02 Jan 2024 12:34:36 +0000
ROA not before: Tue 02 Jan 2024 12:34:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57277
IP address blocks: 2001:678:74c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:2e:ad:04:5a:35:1b:2d:0a:19:7e:a6:c0:6b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4c32086e1e984505691b01f5985df7a36b24ae
Validity
Not Before: Jan 2 12:34:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de21b1082799f5c7da8522db35ed7a8ce6634ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:01:c8:d4:99:56:c8:b0:c9:15:9a:5e:84:
9b:0a:4b:4f:f1:c0:9e:0e:50:fa:32:05:cb:16:5b:
9a:21:0a:a5:fd:f0:de:37:f3:be:05:31:69:9c:b6:
b1:90:47:7d:06:cb:ad:70:d2:0e:5a:6d:41:b0:25:
cd:39:18:65:89:cf:c4:db:c8:55:b6:d6:aa:e4:2f:
a1:9c:e0:8f:92:5b:02:88:1c:23:f1:77:b5:d8:21:
c5:69:bf:74:82:9c:7a:eb:52:e5:9f:5b:2b:b1:55:
2a:48:05:23:80:d5:b3:0e:51:c2:7c:ea:0c:e1:61:
10:15:d1:a6:49:d7:1b:7c:22:a0:62:4a:b5:0c:8b:
b2:4a:2a:48:94:0c:62:e5:c8:89:45:07:b7:83:4f:
71:36:a3:24:60:a9:33:1f:2f:13:a2:f1:e0:1b:01:
73:78:47:ee:c2:7d:b7:21:6e:37:eb:87:27:a2:a1:
60:a3:a5:d5:cc:4f:ed:e7:01:9f:9d:e2:e0:fa:d9:
05:71:72:8d:ca:05:ab:8b:9a:01:c7:26:31:16:bc:
88:0c:6a:d1:e3:25:67:8d:ec:cb:d4:60:23:13:28:
f4:7d:25:f8:51:00:cc:7b:2f:89:09:dc:a6:e8:c8:
5d:a7:98:1b:36:92:49:75:91:f9:0e:23:9f:69:68:
63:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E2:1B:10:82:79:9F:5C:7D:A8:52:2D:B3:5E:D7:A8:CE:66:34:EE
X509v3 Authority Key Identifier:
keyid:1E:4C:32:08:6E:1E:98:45:05:69:1B:01:F5:98:5D:F7:A3:6B:24:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkwyCG4emEUFaRsB9Zhd96NrJK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d48090-2dbf-4b84-8596-98ce146f1824/1/XeIbEIJ5n1x9qFIts17XqM5mNO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d48090-2dbf-4b84-8596-98ce146f1824/1/HkwyCG4emEUFaRsB9Zhd96NrJK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:74c::/48
Signature Algorithm: sha256WithRSAEncryption
c7:b4:6e:a7:03:d4:e6:a6:9b:e2:db:84:b0:72:08:a6:72:57:
b0:af:03:e7:30:27:b0:c3:5e:b0:1e:c3:81:3f:83:80:05:3c:
8a:e6:aa:0b:91:c7:87:b0:13:c7:ce:fe:8c:1e:8e:34:b2:6f:
c8:f2:52:00:bc:09:88:b9:0e:73:53:ca:ff:65:98:e0:35:cf:
10:a6:95:97:64:d2:6d:4f:88:23:27:fa:cc:8f:47:c8:0a:24:
7c:36:ca:72:88:5f:fa:04:aa:66:fb:60:f1:60:07:f7:42:65:
e8:3d:3a:37:c8:4c:e5:94:38:6c:60:46:8e:a2:99:9b:2e:80:
21:2a:43:a5:62:39:5f:cf:86:5e:2c:b0:bb:aa:0d:e9:9b:30:
68:e0:80:fd:3e:3f:20:c6:93:f2:b1:ea:29:8f:ad:e2:76:1f:
b8:f6:01:4c:04:e6:31:90:a7:c7:eb:1e:c8:84:49:3c:b2:6b:
38:b4:ef:cd:02:02:e1:ce:13:25:7f:75:45:fa:1e:04:59:cc:
9a:2b:d6:b0:a7:3c:12:e9:90:36:de:49:2e:d0:58:cb:35:1f:
91:3f:ca:de:74:f6:b5:7c:fb:70:15:6f:27:3e:8c:6e:b5:d0:
ff:77:02:1a:2c:ba:a2:0e:77:66:12:85:84:b7:90:00:5f:26:
d2:f9:c1:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKy6tBFo1Gy0KGX6mwGvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNGMzMjA4NmUxZTk4NDUwNTY5MWIwMWY1OTg1ZGY3YTM2
YjI0YWUwHhcNMjQwMTAyMTIzNDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUyMWIxMDgyNzk5ZjVjN2RhODUyMmRiMzVlZDdhOGNlNjYzNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhIByNSZVsiwyRWaXoSbCktP8cCe
DlD6MgXLFluaIQql/fDeN/O+BTFpnLaxkEd9BsutcNIOWm1BsCXNORhlic/E28hV
ttaq5C+hnOCPklsCiBwj8Xe12CHFab90gpx661Lln1srsVUqSAUjgNWzDlHCfOoM
4WEQFdGmSdcbfCKgYkq1DIuySipIlAxi5ciJRQe3g09xNqMkYKkzHy8TovHgGwFz
eEfuwn23IW4364cnoqFgo6XVzE/t5wGfneLg+tkFcXKNygWri5oBxyYxFryIDGrR
4yVnjezL1GAjEyj0fSX4UQDMey+JCdym6Mhdp5gbNpJJdZH5DiOfaWhjQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF3iGxCCeZ9cfahSLbNe16jOZjTuMB8GA1UdIwQY
MBaAFB5MMghuHphFBWkbAfWYXfejaySuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGt3eUNHNGVtRVVGYVJzQjlaaGQ5Nk5ySks0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kNDgwOTAtMmRiZi00Yjg0LTg1OTYt
OThjZTE0NmYxODI0LzEvWGVJYkVJSjVuMXg5cUZJdHMxN1hxTTVtTk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kNDgwOTAtMmRiZi00Yjg0LTg1OTYtOThjZTE0NmYxODI0
LzEvSGt3eUNHNGVtRVVGYVJzQjlaaGQ5Nk5ySks0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAdM
MA0GCSqGSIb3DQEBCwUAA4IBAQDHtG6nA9Tmppvi24SwcgimclewrwPnMCeww16w
HsOBP4OABTyK5qoLkceHsBPHzv6MHo40sm/I8lIAvAmIuQ5zU8r/ZZjgNc8QppWX
ZNJtT4gjJ/rMj0fICiR8NspyiF/6BKpm+2DxYAf3QmXoPTo3yEzllDhsYEaOopmb
LoAhKkOlYjlfz4ZeLLC7qg3pmzBo4ID9Pj8gxpPyseopj63idh+49gFMBOYxkKfH
6x7IhEk8sms4tO/NAgLhzhMlf3VF+h4EWcyaK9awpzwS6ZA23kku0FjLNR+RP8re
dPa1fPtwFW8nPoxutdD/dwIaLLqiDndmEoWEt5AAXybS+cFD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:20 2025 by rpki-client