Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Vn39jm42pLwbj2yOKKQ68Oxhyic.roa
File: Vn39jm42pLwbj2yOKKQ68Oxhyic.roa (raw, json)
Hash identifier: rxTLAzr4jnzYrINFXI8uZ7CWbofGDh+1Uu/IShDUcoo=
Subject key identifier: 56:7D:FD:8E:6E:36:A4:BC:1B:8F:6C:8E:28:A4:3A:F0:EC:61:CA:27
Certificate issuer: /CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Certificate serial: 018CC56EC84E6B6B4F9A5D9BE690700F2946
Authority key identifier: A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Vn39jm42pLwbj2yOKKQ68Oxhyic.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208583
IP address blocks: 2a0a:56c4:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c8:4e:6b:6b:4f:9a:5d:9b:e6:90:70:0f:29:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a0434bebe5dfa63dda78c24a4ebc1d2cd7369d
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=567dfd8e6e36a4bc1b8f6c8e28a43af0ec61ca27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b1:78:07:ed:56:5c:2a:91:32:81:20:09:b7:
ac:cc:4c:3b:6b:58:45:16:0b:19:b3:c4:93:45:82:
25:72:dc:6d:d4:a3:e2:cb:31:a0:bd:5e:8c:1e:69:
2d:06:d9:00:67:68:00:fd:4e:1c:86:65:ec:37:16:
b7:72:1b:f7:bf:9c:da:c4:ae:8a:25:f1:76:02:7e:
a2:0d:68:dd:92:df:d5:23:63:0b:3b:aa:bc:17:52:
30:2c:14:de:d8:c2:f2:d7:d5:ea:36:91:93:df:d7:
c3:b4:6c:af:db:9a:60:4f:99:a5:35:0b:1e:25:82:
5b:f5:95:48:4b:58:d9:71:dc:70:6d:3e:2c:6d:2a:
b1:dd:85:84:9c:f7:eb:56:84:9d:cc:bb:32:c4:02:
58:b3:36:79:e2:d1:01:4e:80:2f:98:bd:c8:8d:78:
01:cc:53:cb:e5:c2:60:0d:e2:c3:6d:a2:27:93:92:
81:94:2d:41:80:94:c3:cb:75:7a:39:a6:3b:2c:8a:
27:2b:94:df:3b:33:09:f3:b7:c5:32:a4:96:4e:9d:
68:28:14:79:62:fc:4f:71:4e:70:a4:16:45:98:94:
a1:71:30:a5:3f:10:cb:ad:7a:80:2b:70:fd:66:15:
71:af:ea:52:46:bd:f7:43:03:cc:1a:87:f3:f6:43:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7D:FD:8E:6E:36:A4:BC:1B:8F:6C:8E:28:A4:3A:F0:EC:61:CA:27
X509v3 Authority Key Identifier:
keyid:A6:A0:43:4B:EB:E5:DF:A6:3D:DA:78:C2:4A:4E:BC:1D:2C:D7:36:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBDS-vl36Y92njCSk68HSzXNp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/Vn39jm42pLwbj2yOKKQ68Oxhyic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d8398e-232c-45c2-b8e0-9ce4767da2c1/1/pqBDS-vl36Y92njCSk68HSzXNp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:56c4:4::/48
Signature Algorithm: sha256WithRSAEncryption
02:2f:bb:22:26:71:9b:28:28:ac:f0:41:67:24:81:a2:d8:bb:
74:77:e2:a6:32:5b:24:fc:15:7f:b4:35:79:4e:1f:d6:9b:95:
bd:d7:96:e9:8f:8c:39:fc:87:6a:f9:3e:eb:4d:d9:5a:08:b3:
83:d5:12:2c:d3:a4:b2:dc:99:89:13:67:17:f4:61:04:c8:0f:
86:62:b9:0b:9f:5b:a8:42:fb:24:f9:e3:30:5d:f9:13:21:5c:
17:59:8a:fb:e2:49:fa:1e:04:61:78:3f:c3:3e:d6:91:be:55:
96:d6:30:8c:60:b4:d4:d6:66:7f:c9:d0:b2:3a:aa:96:14:3c:
d6:62:eb:a6:da:4b:39:2c:ed:ab:58:ed:2c:f7:9c:a5:ac:53:
ba:3e:9a:b3:d2:7d:2d:92:08:b7:48:54:49:ce:d0:21:16:00:
78:b3:9d:43:d1:ad:97:d9:99:69:ed:4d:8b:b2:ba:ec:58:a1:
28:49:5c:fc:8b:cb:e8:86:41:74:b9:3c:1d:64:a8:54:c9:9c:
c5:3d:df:73:f4:a5:c2:da:cd:01:c5:4c:41:ce:1a:4f:10:40:
13:8d:a0:43:f5:b2:ec:b1:2f:c3:e5:73:94:53:37:0b:b6:2c:
dd:c3:bb:9a:d7:17:4f:35:ca:29:9a:c8:77:f1:10:91:22:a3:
a7:a9:b8:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbshOa2tPml2b5pBwDylGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA0MzRiZWJlNWRmYTYzZGRhNzhjMjRhNGViYzFkMmNk
NzM2OWQwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdkZmQ4ZTZlMzZhNGJjMWI4ZjZjOGUyOGE0M2FmMGVjNjFjYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrF4B+1WXCqRMoEgCbeszEw7a1hF
FgsZs8STRYIlctxt1KPiyzGgvV6MHmktBtkAZ2gA/U4chmXsNxa3chv3v5zaxK6K
JfF2An6iDWjdkt/VI2MLO6q8F1IwLBTe2MLy19XqNpGT39fDtGyv25pgT5mlNQse
JYJb9ZVIS1jZcdxwbT4sbSqx3YWEnPfrVoSdzLsyxAJYszZ54tEBToAvmL3IjXgB
zFPL5cJgDeLDbaInk5KBlC1BgJTDy3V6OaY7LIonK5TfOzMJ87fFMqSWTp1oKBR5
YvxPcU5wpBZFmJShcTClPxDLrXqAK3D9ZhVxr+pSRr33QwPMGofz9kO6eQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFZ9/Y5uNqS8G49sjiikOvDsYconMB8GA1UdIwQY
MBaAFKagQ0vr5d+mPdp4wkpOvB0s1zadMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAt
OWNlNDc2N2RhMmMxLzEvVm4zOWptNDJwTHdiajJ5T0tLUTY4T3hoeWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kODM5OGUtMjMyYy00NWMyLWI4ZTAtOWNlNDc2N2RhMmMx
LzEvcHFCRFMtdmwzNlk5Mm5qQ1NrNjhIU3pYTnAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpWxAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQACL7siJnGbKCis8EFnJIGi2Lt0d+KmMlsk/BV/
tDV5Th/Wm5W915bpj4w5/Idq+T7rTdlaCLOD1RIs06Sy3JmJE2cX9GEEyA+GYrkL
n1uoQvsk+eMwXfkTIVwXWYr74kn6HgRheD/DPtaRvlWW1jCMYLTU1mZ/ydCyOqqW
FDzWYuum2ks5LO2rWO0s95ylrFO6Ppqz0n0tkgi3SFRJztAhFgB4s51D0a2X2Zlp
7U2LsrrsWKEoSVz8i8vohkF0uTwdZKhUyZzFPd9z9KXC2s0BxUxBzhpPEEATjaBD
9bLssS/D5XOUUzcLtizdw7ua1xdPNcopmsh38RCRIqOnqbhQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:44:39 2025 by rpki-client