Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/Sfyigg9MPrZssHh5eNXKlGAtNXQ.roa
File: Sfyigg9MPrZssHh5eNXKlGAtNXQ.roa (raw, json)
Hash identifier: uLxSMNV/hdBX1BZqY5ZKINDOn7WzQUfLOV57xy4DtR0=
Subject key identifier: 49:FC:A2:82:0F:4C:3E:B6:6C:B0:78:79:78:D5:CA:94:60:2D:35:74
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AEBD5F5AFFA8D7CF7E7F78A6642D7
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/Sfyigg9MPrZssHh5eNXKlGAtNXQ.roa
Signing time: Mon 06 May 2024 05:22:58 +0000
ROA not before: Mon 06 May 2024 05:22:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 2a02:5745::/32 maxlen: 32
2a02:5747::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 May 2024 05:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:eb:d5:f5:af:fa:8d:7c:f7:e7:f7:8a:66:42:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fca2820f4c3eb66cb0787978d5ca94602d3574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f0:97:7e:7d:b1:5a:9d:fb:b0:20:ab:87:3f:
72:48:6c:fc:1b:fb:d0:b5:18:6a:b1:62:80:95:04:
4e:61:63:15:b2:88:d8:2b:61:ba:b2:bb:1b:c7:ef:
08:dc:41:c6:79:9c:33:8a:32:c9:57:26:90:bd:70:
bd:58:1a:8c:e5:e8:8f:b9:f7:4e:84:6a:15:68:89:
b6:5d:2e:d3:82:da:60:1b:96:ee:aa:a2:fa:ec:88:
28:b9:61:bb:cb:e3:fc:9b:ec:da:d3:d9:f9:40:87:
20:07:eb:e3:ef:6e:38:ee:a5:8a:4e:c4:18:28:aa:
c4:79:ea:b9:b5:4d:98:96:77:75:a7:ee:37:56:db:
77:f3:89:5c:5c:ce:79:37:74:cd:53:fb:3e:af:be:
f1:31:9e:06:d0:8e:35:54:63:48:ad:2e:7e:c7:d3:
4d:01:e5:37:7a:2a:07:df:48:47:34:b2:63:e6:44:
8e:f3:a0:3d:bc:fc:e9:d5:6e:ad:3d:14:ad:78:20:
35:84:ef:68:8c:d6:72:57:04:e8:f6:c5:f2:ad:8e:
f3:99:45:a6:77:dd:59:1f:bf:f6:ad:53:72:3b:22:
85:b6:82:03:9a:2f:ee:df:0f:77:9b:84:ec:21:3a:
c4:87:c6:dc:57:02:31:7c:c0:6d:f5:8b:05:30:0e:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FC:A2:82:0F:4C:3E:B6:6C:B0:78:79:78:D5:CA:94:60:2D:35:74
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/Sfyigg9MPrZssHh5eNXKlGAtNXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:5745::/32
2a02:5747::/32
Signature Algorithm: sha256WithRSAEncryption
8e:8b:24:1f:a9:6e:f3:3c:85:94:fe:79:c0:43:d9:60:b1:9d:
a5:b9:b1:e6:9a:64:d3:44:5c:e8:9a:be:92:92:c2:20:bc:05:
22:0b:b6:6d:9e:51:7c:c9:11:93:f6:bb:b0:f9:5f:46:c6:bf:
4e:0f:49:e0:bc:2f:c7:ba:18:19:74:2f:08:b8:40:69:e0:52:
2f:74:3d:d3:6a:e4:47:29:b8:9e:a2:fd:55:0f:cb:a3:9b:df:
aa:43:7c:d3:57:d2:61:4a:ec:ef:ae:0f:92:cc:a7:3f:eb:95:
3f:13:04:8b:f3:a4:ad:e3:2d:ed:a5:5c:cc:8d:ee:32:d0:4d:
43:38:2f:e5:d3:59:41:d9:b8:d0:d3:58:fa:34:0b:62:ed:f2:
7f:7d:8b:31:94:b9:51:60:6e:5c:18:d5:80:7a:4f:bc:78:1c:
08:c7:23:74:7c:18:ae:20:e7:66:ce:cc:91:5f:ee:0e:89:f1:
e4:03:81:8d:2f:b1:a6:15:ef:3c:6e:6a:fb:d7:8b:e0:42:ec:
db:23:d6:0e:f2:2d:af:d6:58:b2:b8:8d:84:6c:db:7c:5c:12:
9e:4d:e1:4d:73:ae:2d:b8:e4:aa:9e:5b:e8:fe:e7:9a:07:2a:
ee:02:4d:b5:3f:53:87:5f:03:6f:78:9d:03:8b:a0:b6:88:b2:
35:94:bf:61
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY9MWuvV9a/6jXz35/eKZkLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZjYTI4MjBmNGMzZWI2NmNiMDc4Nzk3OGQ1Y2E5NDYwMmQzNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vCXfn2xWp37sCCrhz9ySGz8G/vQ
tRhqsWKAlQROYWMVsojYK2G6srsbx+8I3EHGeZwzijLJVyaQvXC9WBqM5eiPufdO
hGoVaIm2XS7TgtpgG5buqqL67IgouWG7y+P8m+za09n5QIcgB+vj72447qWKTsQY
KKrEeeq5tU2Ylnd1p+43Vtt384lcXM55N3TNU/s+r77xMZ4G0I41VGNIrS5+x9NN
AeU3eioH30hHNLJj5kSO86A9vPzp1W6tPRSteCA1hO9ojNZyVwTo9sXyrY7zmUWm
d91ZH7/2rVNyOyKFtoIDmi/u3w93m4TsITrEh8bcVwIxfMBt9YsFMA7zhwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEn8ooIPTD62bLB4eXjVypRgLTV0MB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvU2Z5aWdnOU1Qclpzc0hoNWVOWEtsR0F0TlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgJXRQMF
ACoCV0cwDQYJKoZIhvcNAQELBQADggEBAI6LJB+pbvM8hZT+ecBD2WCxnaW5seaa
ZNNEXOiavpKSwiC8BSILtm2eUXzJEZP2u7D5X0bGv04PSeC8L8e6GBl0Lwi4QGng
Ui90PdNq5EcpuJ6i/VUPy6Ob36pDfNNX0mFK7O+uD5LMpz/rlT8TBIvzpK3jLe2l
XMyN7jLQTUM4L+XTWUHZuNDTWPo0C2Lt8n99izGUuVFgblwY1YB6T7x4HAjHI3R8
GK4g52bOzJFf7g6J8eQDgY0vsaYV7zxuavvXi+BC7Nsj1g7yLa/WWLK4jYRs23xc
Ep5N4U1zri245KqeW+j+55oHKu4CTbU/U4dfA294nQOLoLaIsjWUv2E=
-----END CERTIFICATE-----
Generated at Thu May 8 22:27:08 2025 by rpki-client