Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/r6UcGRJPXJu59p-D2bEValTma-I.roa
File: r6UcGRJPXJu59p-D2bEValTma-I.roa (raw, json)
Hash identifier: EYqUd1rgHrjtlXZMVA1h2PxwYc7Z+9OB6NPerwj5Vws=
Subject key identifier: AF:A5:1C:19:12:4F:5C:9B:B9:F6:9F:83:D9:B1:15:6A:54:E6:6B:E2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191B263AF0940D456D767226B37B270944E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/r6UcGRJPXJu59p-D2bEValTma-I.roa
Signing time: Mon 02 Sep 2024 10:59:22 +0000
ROA not before: Mon 02 Sep 2024 10:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3175
IP address blocks: 2a04:a5c0::/29 maxlen: 29
2a0e:c380::/29 maxlen: 29
2a13:3c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 23 Sep 2024 11:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:63:af:09:40:d4:56:d7:67:22:6b:37:b2:70:94:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 2 10:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afa51c19124f5c9bb9f69f83d9b1156a54e66be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:86:f4:3d:a1:52:c1:b8:b8:2a:89:ea:8f:7e:
34:16:dd:56:b4:10:0c:21:f0:ac:70:87:c6:bd:a0:
90:e5:b3:9a:09:0d:f8:44:9f:07:9e:f0:60:99:02:
5b:01:1e:81:91:f0:aa:86:15:e5:15:07:09:63:32:
c6:99:32:f7:44:dd:00:5d:f8:5e:60:b5:51:7e:4b:
78:25:38:12:a9:36:6d:dd:18:b8:0a:14:b3:e0:34:
7a:d2:32:5f:5b:f8:e5:39:3e:27:f9:a0:f4:e9:ab:
48:dc:fd:cb:19:5f:90:c9:a1:b9:61:f8:67:43:3e:
70:01:ad:07:78:d0:2a:8f:76:56:6b:0e:52:98:fc:
5e:57:9d:0b:8b:a9:1c:a0:0e:b2:2f:ed:6d:fa:24:
f1:c6:ed:1e:88:2c:a4:6d:b9:f3:bb:9f:d1:65:96:
45:f4:e3:0f:54:53:39:05:0e:ab:35:be:58:16:db:
f5:d4:4d:d4:9d:91:33:e7:3b:b3:5d:56:b2:2d:cc:
01:80:b3:2a:ef:d0:ae:f6:84:a4:07:5e:45:85:bb:
3b:68:cf:a9:eb:93:93:c3:d7:b4:cd:44:ad:09:c3:
7f:01:fd:4f:c7:0b:73:5e:f6:5b:fe:17:3c:8d:c3:
0d:c5:14:23:5d:73:be:bd:78:f6:ea:ec:d7:66:18:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A5:1C:19:12:4F:5C:9B:B9:F6:9F:83:D9:B1:15:6A:54:E6:6B:E2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/r6UcGRJPXJu59p-D2bEValTma-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:c380::/29
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
d1:3b:4f:14:bf:b0:30:ac:61:0e:d9:69:65:2c:58:12:cc:fe:
4d:76:f8:e3:78:94:1f:0a:29:31:c1:56:84:4d:42:9a:25:d1:
7d:f4:11:f7:b4:93:70:b6:a2:79:bd:0c:e7:43:3b:bb:09:9d:
ed:6f:7e:18:0e:b7:63:72:c1:d0:cb:22:b6:88:e0:db:a0:09:
2f:45:b1:a3:37:ab:ff:e3:58:be:37:8d:bb:d0:8f:4e:1d:90:
86:25:b3:fe:a2:9d:9d:bd:be:d6:99:18:31:c8:23:81:4b:bd:
92:58:25:ae:68:fc:4e:0d:d2:d7:8e:cd:d2:40:6a:89:ad:40:
c4:a4:1a:b1:12:d8:69:5b:80:ea:ca:72:95:7b:76:4e:e3:e8:
a3:e2:f0:86:34:ef:39:30:ef:79:e0:f1:89:95:97:57:ab:32:
3e:40:1f:4d:f2:af:c3:fd:78:08:7e:ca:c8:d4:57:2c:e1:ea:
36:8d:3e:c2:fc:14:9b:27:2c:05:0f:fc:0b:37:90:9a:2b:0d:
ac:c7:fa:7c:fc:a3:4a:6b:86:23:12:c2:b2:ed:8e:59:fe:bc:
c5:78:f1:5f:e0:96:08:3b:7b:f1:75:d8:82:15:3f:dc:e3:a8:
c6:ad:e8:fd:6b:b1:a7:0d:bf:0c:bb:1c:91:50:45:94:89:d0:
41:5d:4e:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGyY68JQNRW12ciazeycJROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTAyMTA1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE1MWMxOTEyNGY1YzliYjlmNjlmODNkOWIxMTU2YTU0ZTY2YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIb0PaFSwbi4Konqj340Ft1WtBAM
IfCscIfGvaCQ5bOaCQ34RJ8HnvBgmQJbAR6BkfCqhhXlFQcJYzLGmTL3RN0AXfhe
YLVRfkt4JTgSqTZt3Ri4ChSz4DR60jJfW/jlOT4n+aD06atI3P3LGV+QyaG5Yfhn
Qz5wAa0HeNAqj3ZWaw5SmPxeV50Li6kcoA6yL+1t+iTxxu0eiCykbbnzu5/RZZZF
9OMPVFM5BQ6rNb5YFtv11E3UnZEz5zuzXVayLcwBgLMq79Cu9oSkB15Fhbs7aM+p
65OTw9e0zUStCcN/Af1PxwtzXvZb/hc8jcMNxRQjXXO+vXj26uzXZhh8eQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+lHBkST1ybufafg9mxFWpU5mviMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcjZVY0dSSlBYSnU1OXAtRDJiRVZhbFRtYS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgSlwAMF
AyoOw4ADBQMqEzyAMA0GCSqGSIb3DQEBCwUAA4IBAQDRO08Uv7AwrGEO2WllLFgS
zP5NdvjjeJQfCikxwVaETUKaJdF99BH3tJNwtqJ5vQznQzu7CZ3tb34YDrdjcsHQ
yyK2iODboAkvRbGjN6v/41i+N4270I9OHZCGJbP+op2dvb7WmRgxyCOBS72SWCWu
aPxODdLXjs3SQGqJrUDEpBqxEthpW4DqynKVe3ZO4+ij4vCGNO85MO954PGJlZdX
qzI+QB9N8q/D/XgIfsrI1Fcs4eo2jT7C/BSbJywFD/wLN5CaKw2sx/p8/KNKa4Yj
EsKy7Y5Z/rzFePFf4JYIO3vxddiCFT/c46jGrej9a7GnDb8MuxyRUEWUidBBXU7r
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:34 2025 by rpki-client