Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rMd-K2XpWPU50I6Tup-Chr0P57E.roa
File: rMd-K2XpWPU50I6Tup-Chr0P57E.roa (raw, json)
Hash identifier: PkWtBfyhh+P0ddWB6h4H3/OR6jI14cHD1BOyE2842d4=
Subject key identifier: AC:C7:7E:2B:65:E9:58:F5:39:D0:8E:93:BA:9F:82:86:BD:0F:E7:B1
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0190ED5145AAB9DAA8610A8EA287B8C533CD
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rMd-K2XpWPU50I6Tup-Chr0P57E.roa
Signing time: Fri 26 Jul 2024 04:34:04 +0000
ROA not before: Fri 26 Jul 2024 04:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 2a12:a340::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 31 Oct 2024 13:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ed:51:45:aa:b9:da:a8:61:0a:8e:a2:87:b8:c5:33:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 26 04:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc77e2b65e958f539d08e93ba9f8286bd0fe7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:b5:93:9a:24:d5:b4:d3:e7:eb:6e:98:d1:
22:1b:fd:37:27:dd:93:ac:4d:fc:93:93:dc:3d:c3:
ef:25:ce:83:20:84:3f:21:f0:72:76:2f:04:11:94:
ba:73:88:74:f1:6c:95:3a:4e:1c:fb:9c:04:aa:b6:
9b:23:fa:9c:2e:92:0f:62:29:a9:9d:07:1d:07:26:
87:f1:e8:8a:11:b3:63:de:b9:ec:24:e2:2f:3f:29:
fb:fb:cd:e8:a6:04:e5:52:3a:04:ab:fc:78:bd:58:
1d:a7:7a:59:2a:46:89:89:e1:eb:cf:68:d0:cd:c6:
d3:49:e5:0e:b6:35:b4:8a:46:c9:aa:0b:e0:9e:53:
06:e7:00:72:7a:d0:41:ad:90:bd:26:28:8b:ec:11:
d3:95:b8:c1:08:dd:98:f1:03:24:3b:3b:3f:1f:27:
e3:55:6c:83:0b:da:74:4d:b4:4f:1a:4d:7b:ab:b0:
8e:4d:fc:84:4a:19:94:1c:da:84:3a:89:b2:83:ce:
6c:da:9a:33:75:39:67:3e:dc:48:83:5a:37:f7:8a:
c8:52:df:5a:f7:5b:6c:7a:e3:98:12:ae:c3:1e:d4:
41:c0:47:57:d2:98:7c:2f:68:24:db:e2:53:78:2e:
bc:cf:1f:e1:34:aa:f4:27:0d:5d:c5:1e:b4:8e:9b:
f8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C7:7E:2B:65:E9:58:F5:39:D0:8E:93:BA:9F:82:86:BD:0F:E7:B1
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rMd-K2XpWPU50I6Tup-Chr0P57E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a340::/32
2a12:c304::/30
Signature Algorithm: sha256WithRSAEncryption
50:3c:1c:31:e0:54:e5:a6:60:34:1c:ea:3d:b1:ca:3a:20:87:
e3:4d:84:ed:58:33:f5:ab:4c:05:be:d2:68:81:b0:6a:98:ab:
ee:9b:74:97:fb:28:cb:45:b7:ad:12:48:51:19:85:e7:8d:19:
8c:33:5e:c6:af:46:d7:46:f3:7c:13:d9:a2:bc:7e:b6:3c:6d:
ab:fc:cc:25:61:2d:0f:1b:b7:81:92:ee:77:3f:30:fb:1a:7e:
e1:c3:64:41:80:81:07:4d:27:62:59:1b:bd:08:94:7a:1c:be:
99:3a:a5:dd:f4:78:a4:ca:7e:de:0e:7c:bf:ea:7b:5a:3d:f3:
78:98:b6:65:59:63:68:2d:6c:07:cf:86:11:5a:71:8d:51:db:
5b:39:d1:d1:bd:9a:91:a1:eb:7d:30:db:df:d3:24:a5:a2:97:
ca:6c:a6:94:75:d2:c6:c3:57:98:11:a3:b8:2b:44:e0:de:8a:
dc:ec:4f:f5:d5:fa:36:28:b9:5e:47:35:2e:bb:35:2f:2a:e5:
44:e2:85:b4:f6:d5:b6:41:68:f3:86:a6:34:3f:b0:26:f3:0a:
27:a0:07:97:ae:d6:65:39:76:dd:13:e5:64:9b:21:ae:cc:b2:
e7:91:59:32:2e:bb:1a:da:5f:e0:dd:12:fc:9e:c7:3a:50:ba:
05:b5:b8:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDtUUWqudqoYQqOooe4xTPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNzI2MDQzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M3N2UyYjY1ZTk1OGY1MzlkMDhlOTNiYTlmODI4NmJkMGZlN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp061k5ok1bTT5+tumNEiG/03J92T
rE38k5PcPcPvJc6DIIQ/IfBydi8EEZS6c4h08WyVOk4c+5wEqrabI/qcLpIPYimp
nQcdByaH8eiKEbNj3rnsJOIvPyn7+83opgTlUjoEq/x4vVgdp3pZKkaJieHrz2jQ
zcbTSeUOtjW0ikbJqgvgnlMG5wByetBBrZC9JiiL7BHTlbjBCN2Y8QMkOzs/Hyfj
VWyDC9p0TbRPGk17q7COTfyEShmUHNqEOomyg85s2pozdTlnPtxIg1o394rIUt9a
91tseuOYEq7DHtRBwEdX0ph8L2gk2+JTeC68zx/hNKr0Jw1dxR60jpv4DQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKzHfitl6Vj1OdCOk7qfgoa9D+exMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvck1kLUsyWHBXUFU1MEk2VHVwLUNocjBQNTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhKjQAMF
AioSwwQwDQYJKoZIhvcNAQELBQADggEBAFA8HDHgVOWmYDQc6j2xyjogh+NNhO1Y
M/WrTAW+0miBsGqYq+6bdJf7KMtFt60SSFEZheeNGYwzXsavRtdG83wT2aK8frY8
bav8zCVhLQ8bt4GS7nc/MPsafuHDZEGAgQdNJ2JZG70IlHocvpk6pd30eKTKft4O
fL/qe1o983iYtmVZY2gtbAfPhhFacY1R21s50dG9mpGh630w29/TJKWil8psppR1
0sbDV5gRo7grRODeitzsT/XV+jYouV5HNS67NS8q5UTihbT21bZBaPOGpjQ/sCbz
CiegB5eu1mU5dt0T5WSbIa7MsueRWTIuuxraX+DdEvyexzpQugW1uOM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:10 2025 by rpki-client