Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/73f749-4560-4abe-8d0b-e2c1abafaa6c/1/pfVoJlmi0ubYzPqhgs1hyfSe-5A.roa
File: pfVoJlmi0ubYzPqhgs1hyfSe-5A.roa (raw, json)
Hash identifier: pBuEQg7YyVL8xJqWDFgEeAAdeE87pBCd43lc9KhyYRI=
Subject key identifier: A5:F5:68:26:59:A2:D2:E6:D8:CC:FA:A1:82:CD:61:C9:F4:9E:FB:90
Certificate issuer: /CN=e0110606f524dbaa538e67e123cafbc6df3386c0
Certificate serial: 0191BB7FAF145E3C3C7EE45C3B1DF750FE91
Authority key identifier: E0:11:06:06:F5:24:DB:AA:53:8E:67:E1:23:CA:FB:C6:DF:33:86:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BEGBvUk26pTjmfhI8r7xt8zhsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/73f749-4560-4abe-8d0b-e2c1abafaa6c/1/pfVoJlmi0ubYzPqhgs1hyfSe-5A.roa
Signing time: Wed 04 Sep 2024 05:26:32 +0000
ROA not before: Wed 04 Sep 2024 05:26:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8881
IP address blocks: 2001:67c:ed8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:7f:af:14:5e:3c:3c:7e:e4:5c:3b:1d:f7:50:fe:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0110606f524dbaa538e67e123cafbc6df3386c0
Validity
Not Before: Sep 4 05:26:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5f5682659a2d2e6d8ccfaa182cd61c9f49efb90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:e2:07:70:c0:47:c1:7c:fb:97:54:0e:00:
ae:98:7c:3f:0a:38:22:67:c7:67:61:2d:4e:09:79:
b9:08:2f:e8:43:88:73:c9:2e:ba:da:d4:3b:44:74:
dc:03:ea:bb:41:37:2f:1e:00:c9:ad:90:80:9b:11:
9c:78:12:2c:75:7d:7c:2b:aa:bb:6d:2a:54:8e:7c:
d8:4a:40:2b:d8:04:cc:87:0d:6a:e8:7e:87:f1:05:
f2:3f:ba:6f:d5:0e:ed:bb:5b:ed:37:83:63:b0:13:
47:02:d0:31:39:f1:51:8e:3d:8d:28:c1:55:08:81:
32:f3:34:f7:68:85:84:9e:02:77:57:39:41:5a:1a:
b8:f7:e8:b2:de:73:cf:b8:13:92:99:c9:13:9b:7b:
c4:51:2d:d5:0e:1d:29:35:55:ec:56:95:76:ba:f8:
89:a3:10:73:ba:94:ce:c5:f7:b1:5f:b0:07:4a:20:
fa:bf:5e:85:ea:1a:fe:84:a1:9a:68:64:86:9b:7e:
d6:e1:ce:8e:f5:e4:8b:a5:11:e9:29:b3:ec:c2:d4:
68:50:21:cc:11:10:2e:5b:d8:f5:43:6d:e9:36:f1:
13:fd:7a:23:d1:03:3a:d6:3e:b9:c4:d1:a8:11:a7:
45:0e:35:fc:d7:75:e8:45:48:46:af:2b:13:5a:f7:
81:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F5:68:26:59:A2:D2:E6:D8:CC:FA:A1:82:CD:61:C9:F4:9E:FB:90
X509v3 Authority Key Identifier:
keyid:E0:11:06:06:F5:24:DB:AA:53:8E:67:E1:23:CA:FB:C6:DF:33:86:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BEGBvUk26pTjmfhI8r7xt8zhsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/73f749-4560-4abe-8d0b-e2c1abafaa6c/1/pfVoJlmi0ubYzPqhgs1hyfSe-5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/73f749-4560-4abe-8d0b-e2c1abafaa6c/1/4BEGBvUk26pTjmfhI8r7xt8zhsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:ed8::/48
Signature Algorithm: sha256WithRSAEncryption
47:c3:1f:17:6b:5b:f9:98:4a:9d:82:8b:1f:26:d6:05:24:d9:
45:ae:2a:ee:c7:7d:25:d8:a9:6f:f2:03:f6:d1:71:33:ae:72:
b9:19:db:d1:14:77:32:0c:f3:69:9d:fb:c6:e6:fc:8d:2c:d3:
79:70:a0:0b:c0:0a:d6:c7:ee:46:0e:38:3b:0e:18:2a:f0:ed:
de:05:b3:66:bc:cf:29:17:c0:af:e3:d8:2c:23:7c:ce:f2:ba:
63:8e:72:b0:ae:b2:b2:9e:80:f5:cb:75:6a:6a:74:2a:b5:16:
c1:d0:fb:29:65:ed:69:0c:ed:c1:8d:00:c5:e0:0b:bf:d0:00:
96:7b:46:89:31:45:0f:5d:4c:82:58:7e:e8:ff:75:2e:90:96:
7a:2d:9b:95:3a:52:0e:c1:57:f7:6f:01:0c:83:83:ed:8c:f5:
4d:04:a7:2f:d1:f3:d7:cc:a9:60:49:53:c0:09:2d:28:95:da:
8d:51:de:a4:59:1f:ad:5f:92:da:28:ad:3d:7f:df:d2:2b:eb:
78:a7:0f:57:38:00:ae:64:51:50:73:c8:c9:1c:d4:a7:8f:53:
75:f6:39:3d:91:9c:da:67:a7:02:05:f9:ed:81:1f:7f:c7:fd:
83:29:c5:1c:27:fa:22:00:9b:90:5a:06:e7:55:61:de:8e:bf:
41:c9:e8:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZG7f68UXjw8fuRcOx33UP6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMTEwNjA2ZjUyNGRiYWE1MzhlNjdlMTIzY2FmYmM2ZGYz
Mzg2YzAwHhcNMjQwOTA0MDUyNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWY1NjgyNjU5YTJkMmU2ZDhjY2ZhYTE4MmNkNjFjOWY0OWVmYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFXiB3DAR8F8+5dUDgCumHw/Cjgi
Z8dnYS1OCXm5CC/oQ4hzyS662tQ7RHTcA+q7QTcvHgDJrZCAmxGceBIsdX18K6q7
bSpUjnzYSkAr2ATMhw1q6H6H8QXyP7pv1Q7tu1vtN4NjsBNHAtAxOfFRjj2NKMFV
CIEy8zT3aIWEngJ3VzlBWhq49+iy3nPPuBOSmckTm3vEUS3VDh0pNVXsVpV2uviJ
oxBzupTOxfexX7AHSiD6v16F6hr+hKGaaGSGm37W4c6O9eSLpRHpKbPswtRoUCHM
ERAuW9j1Q23pNvET/Xoj0QM61j65xNGoEadFDjX813XoRUhGrysTWveBZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKX1aCZZotLm2Mz6oYLNYcn0nvuQMB8GA1UdIwQY
MBaAFOARBgb1JNuqU45n4SPK+8bfM4bAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJFR0J2VWsyNnBUam1maEk4cjd4dDh6aHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS83M2Y3NDktNDU2MC00YWJlLThkMGIt
ZTJjMWFiYWZhYTZjLzEvcGZWb0psbWkwdWJZelBxaGdzMWh5ZlNlLTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS83M2Y3NDktNDU2MC00YWJlLThkMGItZTJjMWFiYWZhYTZj
LzEvNEJFR0J2VWsyNnBUam1maEk4cjd4dDh6aHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA7Y
MA0GCSqGSIb3DQEBCwUAA4IBAQBHwx8Xa1v5mEqdgosfJtYFJNlFrirux30l2Klv
8gP20XEzrnK5GdvRFHcyDPNpnfvG5vyNLNN5cKALwArWx+5GDjg7Dhgq8O3eBbNm
vM8pF8Cv49gsI3zO8rpjjnKwrrKynoD1y3VqanQqtRbB0PspZe1pDO3BjQDF4Au/
0ACWe0aJMUUPXUyCWH7o/3UukJZ6LZuVOlIOwVf3bwEMg4PtjPVNBKcv0fPXzKlg
SVPACS0oldqNUd6kWR+tX5LaKK09f9/SK+t4pw9XOACuZFFQc8jJHNSnj1N19jk9
kZzaZ6cCBfntgR9/x/2DKcUcJ/oiAJuQWgbnVWHejr9Byeiz
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:20:51 2025 by rpki-client