Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/r5I-P7Rjg1iVIyh0gyH-xGhkTiY.roa
File: r5I-P7Rjg1iVIyh0gyH-xGhkTiY.roa (raw, json)
Hash identifier: U+lzub+fR9vyi75GhvDuY2WDTQPWCw9o3uE1r4eyomY=
Subject key identifier: AF:92:3E:3F:B4:63:83:58:95:23:28:74:83:21:FE:C4:68:64:4E:26
Certificate issuer: /CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2
Certificate serial: 019425FD7ED1542B8C604C472A999C7A9B80
Authority key identifier: CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/r5I-P7Rjg1iVIyh0gyH-xGhkTiY.roa
Signing time: Thu 02 Jan 2025 07:49:17 +0000
ROA not before: Thu 02 Jan 2025 07:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7224
IP address blocks: 2a02:d21:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 09 Jan 2025 13:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7e:d1:54:2b:8c:60:4c:47:2a:99:9c:7a:9b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5bf5201f18b402b8e628bc77f2252f769e70f2
Validity
Not Before: Jan 2 07:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af923e3fb4638358952328748321fec468644e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3b:09:30:5b:1c:38:ec:cb:2b:1a:f2:9c:59:
0d:5c:26:d0:fd:19:69:0f:b4:24:cd:4d:6f:5a:7d:
d5:2a:55:e5:37:96:a1:c4:6f:1d:94:d6:01:d6:99:
73:29:5f:f8:ff:7f:3f:b8:21:7e:9b:42:0f:6b:d6:
7e:b9:0f:f7:53:e7:9e:44:9d:8d:73:e3:fb:c1:61:
43:76:25:61:ce:ac:5f:90:de:80:50:97:47:50:66:
36:d7:86:4e:73:82:2c:c7:ee:d0:84:4b:88:9f:e6:
88:97:54:a7:dc:ca:42:1b:bd:15:67:2b:de:04:ac:
09:48:03:7c:c3:6c:9d:6e:c1:d5:50:a5:86:1d:c2:
03:23:71:de:3e:0f:15:4c:69:7c:f6:c4:52:07:3b:
de:86:d1:1e:25:d2:4b:b7:c7:6e:c4:54:86:fe:3d:
b4:27:cd:dd:53:47:8e:13:27:30:41:42:a1:b4:ea:
06:8e:be:c5:58:d0:3b:03:5b:22:74:82:f5:29:45:
b5:7a:e8:68:c3:3e:ef:b9:6a:a8:45:50:e0:1e:df:
48:13:fc:6b:f3:ae:1e:73:5b:dc:3c:f8:ae:ec:b7:
62:60:ed:de:36:5e:98:c0:35:79:58:64:77:7c:4b:
2d:e3:e1:5e:fa:bd:2c:be:0c:9e:8c:24:d6:e1:3a:
f8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:92:3E:3F:B4:63:83:58:95:23:28:74:83:21:FE:C4:68:64:4E:26
X509v3 Authority Key Identifier:
keyid:CE:5B:F5:20:1F:18:B4:02:B8:E6:28:BC:77:F2:25:2F:76:9E:70:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlv1IB8YtAK45ii8d_IlL3aecPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/r5I-P7Rjg1iVIyh0gyH-xGhkTiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/1c7917-8aa6-4c43-92dd-7476f42f2d9c/1/zlv1IB8YtAK45ii8d_IlL3aecPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d21:1000::/36
Signature Algorithm: sha256WithRSAEncryption
83:4b:19:e5:08:98:ce:d5:b3:b9:d6:7a:3a:97:f3:30:2e:58:
44:b5:0d:ec:af:82:6c:aa:f4:14:25:c9:f7:9d:86:a1:31:0b:
28:61:37:e6:e2:70:be:68:33:f7:2c:8a:1c:51:78:be:30:6e:
ee:ee:b4:1d:3b:c5:91:44:61:58:00:9e:dc:c2:cb:48:04:93:
7c:e2:58:d1:6e:47:66:8f:a7:56:84:44:b7:87:67:26:b9:09:
29:3d:ea:bb:f0:2e:80:97:7c:53:6f:db:0d:dc:9c:93:72:ad:
5d:19:49:e3:ad:d8:05:ab:ff:7f:27:51:ab:34:3f:75:8b:b4:
e4:32:f4:9b:6c:83:bf:cb:74:53:a0:03:74:dd:f5:56:74:5a:
25:5a:67:aa:53:fb:69:5a:e8:eb:7a:95:84:60:41:ac:42:f3:
b0:a6:e3:5c:76:37:e5:be:c0:3c:5a:43:34:eb:36:c6:ce:dd:
2f:a6:80:f2:d8:37:4d:9a:e5:04:8d:d8:41:1c:9b:d9:9e:5d:
29:8d:1c:eb:9c:e9:c2:e5:f6:88:0b:2c:07:81:69:48:49:01:
de:77:53:64:54:c0:57:e9:ab:78:cf:d9:f6:5c:5a:05:df:96:
45:a8:d7:ad:90:20:dd:32:70:c6:6e:36:a3:e4:87:0d:75:74:
02:74:cc:5b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/X7RVCuMYExHKpmcepuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWJmNTIwMWYxOGI0MDJiOGU2MjhiYzc3ZjIyNTJmNzY5
ZTcwZjIwHhcNMjUwMTAyMDc0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjkyM2UzZmI0NjM4MzU4OTUyMzI4NzQ4MzIxZmVjNDY4NjQ0ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DsJMFscOOzLKxrynFkNXCbQ/Rlp
D7QkzU1vWn3VKlXlN5ahxG8dlNYB1plzKV/4/38/uCF+m0IPa9Z+uQ/3U+eeRJ2N
c+P7wWFDdiVhzqxfkN6AUJdHUGY214ZOc4Isx+7QhEuIn+aIl1Sn3MpCG70VZyve
BKwJSAN8w2ydbsHVUKWGHcIDI3HePg8VTGl89sRSBzvehtEeJdJLt8duxFSG/j20
J83dU0eOEycwQUKhtOoGjr7FWNA7A1sidIL1KUW1euhowz7vuWqoRVDgHt9IE/xr
864ec1vcPPiu7LdiYO3eNl6YwDV5WGR3fEst4+Fe+r0svgyejCTW4Tr4fwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK+SPj+0Y4NYlSModIMh/sRoZE4mMB8GA1UdIwQY
MBaAFM5b9SAfGLQCuOYovHfyJS92nnDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQt
NzQ3NmY0MmYyZDljLzEvcjVJLVA3UmpnMWlWSXloMGd5SC14R2hrVGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xYzc5MTctOGFhNi00YzQzLTkyZGQtNzQ3NmY0MmYyZDlj
LzEvemx2MUlCOFl0QUs0NWlpOGRfSWxMM2FlY1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgINIRAw
DQYJKoZIhvcNAQELBQADggEBAINLGeUImM7Vs7nWejqX8zAuWES1Deyvgmyq9BQl
yfedhqExCyhhN+bicL5oM/csihxReL4wbu7utB07xZFEYVgAntzCy0gEk3ziWNFu
R2aPp1aERLeHZya5CSk96rvwLoCXfFNv2w3cnJNyrV0ZSeOt2AWr/38nUas0P3WL
tOQy9Jtsg7/LdFOgA3Td9VZ0WiVaZ6pT+2la6Ot6lYRgQaxC87Cm41x2N+W+wDxa
QzTrNsbO3S+mgPLYN02a5QSN2EEcm9meXSmNHOuc6cLl9ogLLAeBaUhJAd53U2RU
wFfpq3jP2fZcWgXflkWo162QIN0ycMZuNqPkhw11dAJ0zFs=
-----END CERTIFICATE-----
Generated at Tue May 13 13:31:24 2025 by rpki-client