Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aWUxVY81Ho1lcSkSiZw1IjIcRac.roa
File: aWUxVY81Ho1lcSkSiZw1IjIcRac.roa (raw, json)
Hash identifier: Q1A4VcYn2RIAHdmm+FtEf4nImnXQ9c2NLhWSYxPQ134=
Subject key identifier: 69:65:31:55:8F:35:1E:8D:65:71:29:12:89:9C:35:22:32:1C:45:A7
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CF1AC2836E13B0CDB8150FD9FCFC2FF40
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aWUxVY81Ho1lcSkSiZw1IjIcRac.roa
Signing time: Wed 10 Jan 2024 04:40:40 +0000
ROA not before: Wed 10 Jan 2024 04:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48503
IP address blocks: 2a03:32c0:7001::/48 maxlen: 48
2a03:32c0:5001::/48 maxlen: 48
2a03:32c0:6001::/48 maxlen: 48
2a03:32c0:5002::/48 maxlen: 48
2a03:32c0:5000::/48 maxlen: 48
2a03:32c0:6000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 03:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:ac:28:36:e1:3b:0c:db:81:50:fd:9f:cf:c2:ff:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 10 04:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=696531558f351e8d65712912899c3522321c45a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:29:a5:26:1b:ea:85:32:ac:8b:78:26:f3:
49:fa:14:7c:81:c2:d8:7d:3e:ab:bb:18:ac:89:36:
ca:e3:dc:97:64:c4:b8:17:48:23:64:33:b6:30:8f:
55:bd:fa:d4:01:93:e3:75:db:fb:d1:86:25:66:c2:
40:51:d9:18:9c:57:52:2f:03:5e:5d:cf:e1:f0:7d:
21:9f:32:ed:05:cf:9a:9a:04:c9:59:c1:41:6f:a6:
53:a7:0c:37:bc:b2:7e:14:ef:17:65:6b:70:d5:a2:
d2:23:74:fa:6b:06:c4:3b:1f:a8:68:de:36:df:9c:
a2:70:01:17:d6:4b:52:e1:a5:60:f7:a6:69:ab:f3:
81:de:9e:ae:01:0d:2a:a5:52:a7:2f:ed:1f:81:87:
fb:7e:09:63:5e:a3:49:95:f2:c9:63:51:7b:ea:33:
0b:5e:ae:9e:f4:91:c4:4f:07:48:2e:65:d6:bb:f7:
68:33:8d:9b:19:4c:93:d2:14:da:99:fc:2c:4c:9c:
59:42:78:b7:55:c7:d6:19:91:cd:f9:a6:46:ec:7a:
38:20:a0:8a:c4:98:7b:6b:8c:f5:e3:44:5a:dd:60:
11:5a:5b:6c:9e:c9:b3:b8:ba:f1:92:c8:74:02:ec:
fd:75:7a:48:0f:2b:69:16:85:8e:49:67:ca:a1:87:
f5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:65:31:55:8F:35:1E:8D:65:71:29:12:89:9C:35:22:32:1C:45:A7
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aWUxVY81Ho1lcSkSiZw1IjIcRac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:32c0:5000::-2a03:32c0:5002:ffff:ffff:ffff:ffff:ffff
2a03:32c0:6000::/47
2a03:32c0:7001::/48
Signature Algorithm: sha256WithRSAEncryption
72:57:f7:8f:97:5e:ab:f8:7c:a4:48:68:0a:bf:c8:c0:3b:a5:
93:e3:ba:81:e6:2e:5b:61:47:97:6c:c0:03:f1:43:12:67:69:
90:93:7a:3c:c8:06:94:7e:02:aa:d6:36:44:b5:03:a8:7e:f2:
7d:76:0c:7e:97:28:a3:99:fc:a0:cf:28:7e:77:ae:04:5c:6d:
8c:c9:08:8a:e1:a6:32:89:5b:8a:b4:1e:f4:36:06:0f:9e:9f:
8a:f0:a2:b9:02:70:cb:d4:f9:85:ed:ab:c9:0f:02:23:e7:61:
28:94:68:b9:34:45:c2:92:3b:04:d6:6e:5b:c9:8b:b8:db:57:
af:f8:cd:06:44:14:d2:9e:d4:37:e1:a6:48:a9:43:41:e3:5a:
e9:9e:d6:73:a6:87:18:91:f2:98:d5:f9:67:02:59:89:1f:3b:
c8:75:39:8b:df:3d:36:c0:b4:90:59:c0:c4:a7:f8:e6:69:0a:
86:21:86:d3:c9:88:e7:51:c4:7b:54:bc:1b:18:f0:47:2e:b1:
2c:a5:de:7c:fe:2b:64:c0:df:26:6d:37:10:5b:69:fe:13:e3:
af:8b:cf:b7:87:5f:47:33:85:be:ac:e2:97:fa:0e:58:77:ab:
64:e3:0d:5f:a8:00:d4:d7:48:dc:7d:ad:b8:af:c6:da:a2:20:
e0:5f:ef:d6
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzxrCg24TsM24FQ/Z/Pwv9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTEwMDQ0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY1MzE1NThmMzUxZThkNjU3MTI5MTI4OTljMzUyMjMyMWM0NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVAppSYb6oUyrIt4JvNJ+hR8gcLY
fT6ruxisiTbK49yXZMS4F0gjZDO2MI9VvfrUAZPjddv70YYlZsJAUdkYnFdSLwNe
Xc/h8H0hnzLtBc+amgTJWcFBb6ZTpww3vLJ+FO8XZWtw1aLSI3T6awbEOx+oaN42
35yicAEX1ktS4aVg96Zpq/OB3p6uAQ0qpVKnL+0fgYf7fgljXqNJlfLJY1F76jML
Xq6e9JHETwdILmXWu/doM42bGUyT0hTamfwsTJxZQni3VcfWGZHN+aZG7Ho4IKCK
xJh7a4z140Ra3WARWltsnsmzuLrxksh0Auz9dXpIDytpFoWOSWfKoYf1DQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGllMVWPNR6NZXEpEomcNSIyHEWnMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvYVdVeFZZODFIbzFsY1NrU2ladzFJakljUmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlMBEDBgQqAzLA
UAMHACoDMsBQAgMHASoDMsBgAAMHACoDMsBwATANBgkqhkiG9w0BAQsFAAOCAQEA
clf3j5deq/h8pEhoCr/IwDulk+O6geYuW2FHl2zAA/FDEmdpkJN6PMgGlH4CqtY2
RLUDqH7yfXYMfpcoo5n8oM8ofneuBFxtjMkIiuGmMolbirQe9DYGD56fivCiuQJw
y9T5he2ryQ8CI+dhKJRouTRFwpI7BNZuW8mLuNtXr/jNBkQU0p7UN+GmSKlDQeNa
6Z7Wc6aHGJHymNX5ZwJZiR87yHU5i989NsC0kFnAxKf45mkKhiGG08mI51HEe1S8
GxjwRy6xLKXefP4rZMDfJm03EFtp/hPjr4vPt4dfRzOFvqzil/oOWHerZOMNX6gA
1NdI3H2tuK/G2qIg4F/v1g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:47 2025 by rpki-client