Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/k7nEBM6nyMS8PSOB5zbcEiBecok.roa
File: k7nEBM6nyMS8PSOB5zbcEiBecok.roa (raw, json)
Hash identifier: fgkmLaAW3QGEK32Trj80muBPe9VEo4QbzsNRPj4I+cs=
Subject key identifier: 93:B9:C4:04:CE:A7:C8:C4:BC:3D:23:81:E7:36:DC:12:20:5E:72:89
Certificate issuer: /CN=b5026c9974092e220542401281f9bdfd356c2842
Certificate serial: 019427482D46C18FF5C91A55936738B4D7E2
Authority key identifier: B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/k7nEBM6nyMS8PSOB5zbcEiBecok.roa
Signing time: Thu 02 Jan 2025 13:50:29 +0000
ROA not before: Thu 02 Jan 2025 13:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212109
IP address blocks: 2a10:8701::/32 maxlen: 32
2a10:8702::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:05:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:2d:46:c1:8f:f5:c9:1a:55:93:67:38:b4:d7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5026c9974092e220542401281f9bdfd356c2842
Validity
Not Before: Jan 2 13:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93b9c404cea7c8c4bc3d2381e736dc12205e7289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:cc:9b:a8:78:04:39:d4:86:5c:97:63:64:50:
12:45:6b:90:b0:d2:4f:58:e0:d3:61:13:c8:69:c6:
f8:e9:85:6b:75:de:9f:05:e3:dc:1f:1b:4b:c3:8b:
72:e8:15:4e:81:60:01:2a:9b:46:40:1c:bb:a5:bc:
28:71:57:91:0f:a9:e6:a0:c7:83:c6:b8:65:ba:70:
be:78:aa:11:9a:fb:4b:d1:aa:4d:4d:5c:97:dd:f5:
d8:cf:38:b1:d4:8f:8a:a0:e4:24:55:ea:27:3f:09:
0e:48:5b:ed:16:5b:29:a7:3a:4f:05:73:b8:60:fb:
4f:d4:db:b4:c8:bd:42:77:19:dd:5b:b2:17:a6:50:
bd:96:0a:21:a8:f5:eb:d6:62:c2:53:c1:01:87:bc:
bb:73:1c:33:7f:af:63:77:fd:ec:e1:2d:78:8a:9b:
65:f6:97:bb:0e:4a:53:4b:a4:20:34:d1:0c:b9:bb:
64:6d:07:b3:a1:56:39:05:99:e5:b8:07:ba:a5:1e:
b5:34:95:da:fd:df:74:1e:11:73:ff:77:8d:8c:d6:
ac:26:a8:e0:10:b5:05:04:00:0f:26:79:b8:3f:d0:
d5:3f:d4:69:c1:89:b3:6d:20:4c:c0:0a:47:4f:c4:
08:ad:71:9c:0e:9f:de:bc:9e:86:88:d8:d9:3e:d8:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B9:C4:04:CE:A7:C8:C4:BC:3D:23:81:E7:36:DC:12:20:5E:72:89
X509v3 Authority Key Identifier:
keyid:B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/k7nEBM6nyMS8PSOB5zbcEiBecok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8701::-2a10:8702:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:00:84:46:d1:93:cf:2a:fe:92:82:2c:4b:a1:9e:d6:4c:4e:
5b:3e:af:4d:f8:79:8e:89:23:1d:2b:37:87:a8:15:de:96:2b:
4e:a0:1c:1c:65:18:3b:84:d7:2c:2f:c9:31:6b:72:20:04:66:
07:9f:5e:8c:8f:c3:ce:3a:9d:70:3c:bb:c3:c2:8f:a0:f4:1b:
20:1f:e3:90:d0:aa:97:9f:66:72:32:8b:d4:97:61:16:73:f5:
93:60:07:43:31:10:54:4c:ee:90:f0:f4:98:77:d5:a4:cb:76:
ca:11:85:1f:9f:7b:da:af:13:29:ff:3c:c8:64:e6:91:83:51:
3c:0a:92:fc:88:5a:7e:37:59:3c:b3:5f:55:9a:f0:07:b1:b1:
09:33:6b:19:85:2d:64:f5:af:64:2b:ab:33:ba:67:95:83:00:
51:8e:30:bb:71:43:e8:b8:4c:fb:73:dc:3a:77:ef:e7:a7:c5:
7d:aa:3a:f6:b1:9e:74:d1:fb:b5:9d:3c:15:30:73:31:1a:37:
4c:1f:38:da:2c:a0:dd:f2:56:bb:30:db:19:0e:db:00:67:7c:
b4:f2:74:6d:98:b2:19:26:2e:5e:b4:c2:ca:c1:35:02:a9:30:
86:33:5e:40:d9:cb:26:f9:02:e4:13:25:cd:3f:1d:c9:55:a0:
db:6a:6b:a0
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQnSC1GwY/1yRpVk2c4tNfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDI2Yzk5NzQwOTJlMjIwNTQyNDAxMjgxZjliZGZkMzU2
YzI4NDIwHhcNMjUwMTAyMTM1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I5YzQwNGNlYTdjOGM0YmMzZDIzODFlNzM2ZGMxMjIwNWU3Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cybqHgEOdSGXJdjZFASRWuQsNJP
WODTYRPIacb46YVrdd6fBePcHxtLw4ty6BVOgWABKptGQBy7pbwocVeRD6nmoMeD
xrhlunC+eKoRmvtL0apNTVyX3fXYzzix1I+KoOQkVeonPwkOSFvtFlsppzpPBXO4
YPtP1Nu0yL1CdxndW7IXplC9lgohqPXr1mLCU8EBh7y7cxwzf69jd/3s4S14iptl
9pe7DkpTS6QgNNEMubtkbQezoVY5BZnluAe6pR61NJXa/d90HhFz/3eNjNasJqjg
ELUFBAAPJnm4P9DVP9RpwYmzbSBMwApHT8QIrXGcDp/evJ6GiNjZPtjsJwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJO5xATOp8jEvD0jgec23BIgXnKJMB8GA1UdIwQY
MBaAFLUCbJl0CS4iBUJAEoH5vf01bChCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYt
ZWVhMjY3YTU4NDk0LzEvazduRUJNNm55TVM4UFNPQjV6YmNFaUJlY29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYtZWVhMjY3YTU4NDk0
LzEvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEIcB
AwUAKhCHAjANBgkqhkiG9w0BAQsFAAOCAQEAQACERtGTzyr+koIsS6Ge1kxOWz6v
Tfh5jokjHSs3h6gV3pYrTqAcHGUYO4TXLC/JMWtyIARmB59ejI/DzjqdcDy7w8KP
oPQbIB/jkNCql59mcjKL1JdhFnP1k2AHQzEQVEzukPD0mHfVpMt2yhGFH5972q8T
Kf88yGTmkYNRPAqS/IhafjdZPLNfVZrwB7GxCTNrGYUtZPWvZCurM7pnlYMAUY4w
u3FD6LhM+3PcOnfv56fFfao69rGedNH7tZ08FTBzMRo3TB842iyg3fJWuzDbGQ7b
AGd8tPJ0bZiyGSYuXrTCysE1AqkwhjNeQNnLJvkC5BMlzT8dyVWg22proA==
-----END CERTIFICATE-----
Generated at Tue May 13 02:38:18 2025 by rpki-client