Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/61ed42-f722-4ba0-bd89-b549ffa04046/1/P2pVqvO7NPKKr0nNTi_QcVr8t_M.roa
File: P2pVqvO7NPKKr0nNTi_QcVr8t_M.roa (raw, json)
Hash identifier: 7K1LsEPKvXOISs1aG1GnGFKuwY85PCX1Q0NOcs5+HKw=
Subject key identifier: 3F:6A:55:AA:F3:BB:34:F2:8A:AF:49:CD:4E:2F:D0:71:5A:FC:B7:F3
Certificate issuer: /CN=5ea9fffaf09249b20cf7f567c3ccb9958b4f3110
Certificate serial: 0192F62F337534B1ABCB2EACB2AAC0936C1E
Authority key identifier: 5E:A9:FF:FA:F0:92:49:B2:0C:F7:F5:67:C3:CC:B9:95:8B:4F:31:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xqn_-vCSSbIM9_Vnw8y5lYtPMRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/61ed42-f722-4ba0-bd89-b549ffa04046/1/P2pVqvO7NPKKr0nNTi_QcVr8t_M.roa
Signing time: Mon 04 Nov 2024 07:59:01 +0000
ROA not before: Mon 04 Nov 2024 07:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21396
IP address blocks: 2a05:98c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:2f:33:75:34:b1:ab:cb:2e:ac:b2:aa:c0:93:6c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ea9fffaf09249b20cf7f567c3ccb9958b4f3110
Validity
Not Before: Nov 4 07:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6a55aaf3bb34f28aaf49cd4e2fd0715afcb7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:bd:c7:73:8d:8b:af:2d:b2:46:78:d2:7a:
f2:42:9b:d6:6a:25:d2:ce:53:46:12:b2:ba:46:b3:
02:2a:b4:9b:87:fd:d5:17:b7:e1:8d:f5:91:cd:76:
ef:78:05:f8:57:b4:e9:75:0c:f0:e2:31:7d:39:9b:
b9:df:8f:dc:bc:a4:89:c7:04:26:50:2b:a9:d6:7b:
52:c9:27:47:03:fd:f5:ea:e3:d6:68:c0:dd:60:6c:
26:da:fa:b5:4d:c1:7a:d1:c7:87:8a:0d:d3:39:97:
d7:5a:32:d0:89:41:1a:b2:50:e9:04:a1:b0:54:60:
50:c6:11:f4:d4:87:c6:2c:1e:e5:2f:52:34:11:62:
e0:3e:be:ce:74:3f:05:c8:46:32:5e:e2:bf:49:16:
0c:b2:4e:f1:e2:71:58:1f:69:b7:95:42:89:a2:fb:
55:81:90:7c:aa:0b:c6:aa:f3:12:a3:3c:e1:a1:84:
ce:19:40:bc:14:ec:0b:21:74:16:e3:e9:57:21:b3:
d9:2e:08:3d:40:28:b4:7e:b9:76:23:ea:a0:da:76:
b0:89:75:d0:c3:02:c3:4e:49:bf:c2:89:c9:c7:9a:
6c:c5:fb:a8:5f:9b:2e:f0:f5:0d:1f:a6:be:46:14:
80:e7:81:2e:92:6c:df:bb:6a:a4:af:cb:1e:df:e3:
12:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6A:55:AA:F3:BB:34:F2:8A:AF:49:CD:4E:2F:D0:71:5A:FC:B7:F3
X509v3 Authority Key Identifier:
keyid:5E:A9:FF:FA:F0:92:49:B2:0C:F7:F5:67:C3:CC:B9:95:8B:4F:31:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqn_-vCSSbIM9_Vnw8y5lYtPMRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/61ed42-f722-4ba0-bd89-b549ffa04046/1/P2pVqvO7NPKKr0nNTi_QcVr8t_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/61ed42-f722-4ba0-bd89-b549ffa04046/1/Xqn_-vCSSbIM9_Vnw8y5lYtPMRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:51:af:d5:14:25:55:26:c0:b4:e0:f6:de:49:cf:29:19:9e:
29:90:93:6c:0f:cc:15:a0:91:72:2a:96:29:25:54:89:c3:f5:
c7:5a:80:8e:d0:0d:3c:39:7a:87:d9:3a:fa:85:83:2b:b8:c4:
2f:75:db:c0:d2:bc:e2:f9:87:6e:a3:92:be:48:45:17:33:0c:
96:54:60:69:90:96:df:d3:45:42:0f:05:be:af:60:96:73:2e:
ad:60:50:4f:e2:04:4b:86:a5:ad:d3:f5:ff:db:5b:c9:9b:08:
cd:71:78:5b:2b:39:c5:50:fd:8a:68:20:d2:15:2d:74:7d:a4:
6a:07:e0:2a:b6:41:eb:87:6f:f5:58:0b:67:31:49:37:e0:24:
3a:d8:ab:39:9b:05:b7:ad:21:c8:9c:e5:f0:6a:24:b1:0a:78:
13:90:03:c2:b1:85:d3:e0:3a:ac:44:54:dc:6f:a0:d7:fe:8e:
e0:8b:74:bd:6e:bd:7d:21:bc:86:de:7d:f5:08:e7:08:d3:12:
62:aa:b8:75:3d:d8:ac:a1:0b:8a:5a:a1:cf:31:bd:1d:95:dd:
a7:16:11:da:4c:45:2b:e1:8b:e3:8e:4f:a4:a0:0e:5f:3e:fd:
f3:bb:59:b7:2e:7e:d6:16:c2:83:12:19:98:fd:af:f6:c5:e1:
5f:31:68:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZL2LzN1NLGryy6ssqrAk2weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTlmZmZhZjA5MjQ5YjIwY2Y3ZjU2N2MzY2NiOTk1OGI0
ZjMxMTAwHhcNMjQxMTA0MDc1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZhNTVhYWYzYmIzNGYyOGFhZjQ5Y2Q0ZTJmZDA3MTVhZmNiN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyK9x3ONi68tskZ40nryQpvWaiXS
zlNGErK6RrMCKrSbh/3VF7fhjfWRzXbveAX4V7TpdQzw4jF9OZu534/cvKSJxwQm
UCup1ntSySdHA/316uPWaMDdYGwm2vq1TcF60ceHig3TOZfXWjLQiUEaslDpBKGw
VGBQxhH01IfGLB7lL1I0EWLgPr7OdD8FyEYyXuK/SRYMsk7x4nFYH2m3lUKJovtV
gZB8qgvGqvMSozzhoYTOGUC8FOwLIXQW4+lXIbPZLgg9QCi0frl2I+qg2nawiXXQ
wwLDTkm/wonJx5psxfuoX5su8PUNH6a+RhSA54Eukmzfu2qkr8se3+MSxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD9qVarzuzTyiq9JzU4v0HFa/LfzMB8GA1UdIwQY
MBaAFF6p//rwkkmyDPf1Z8PMuZWLTzEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFuXy12Q1NTYklNOV9Wbnc4eTVsWXRQTVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82MWVkNDItZjcyMi00YmEwLWJkODkt
YjU0OWZmYTA0MDQ2LzEvUDJwVnF2TzdOUEtLcjBuTlRpX1FjVnI4dF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82MWVkNDItZjcyMi00YmEwLWJkODktYjU0OWZmYTA0MDQ2
LzEvWHFuXy12Q1NTYklNOV9Wbnc4eTVsWXRQTVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAuVGv1RQlVSbAtOD23knPKRmeKZCTbA/MFaCRciqW
KSVUicP1x1qAjtANPDl6h9k6+oWDK7jEL3XbwNK84vmHbqOSvkhFFzMMllRgaZCW
39NFQg8Fvq9glnMurWBQT+IES4alrdP1/9tbyZsIzXF4Wys5xVD9imgg0hUtdH2k
agfgKrZB64dv9VgLZzFJN+AkOtirOZsFt60hyJzl8GoksQp4E5ADwrGF0+A6rERU
3G+g1/6O4It0vW69fSG8ht599QjnCNMSYqq4dT3YrKELilqhzzG9HZXdpxYR2kxF
K+GL445PpKAOXz7987tZty5+1hbCgxIZmP2v9sXhXzFoeg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:09 2025 by rpki-client