Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/ppyXWx3b2vR8Ibd9RD1KtiBKJfE.roa
File: ppyXWx3b2vR8Ibd9RD1KtiBKJfE.roa (raw, json)
Hash identifier: YWcZtyHiquzmRotP2NeWY/bTF0oH6w6f4rMWkkO9jlM=
Subject key identifier: A6:9C:97:5B:1D:DB:DA:F4:7C:21:B7:7D:44:3D:4A:B6:20:4A:25:F1
Certificate issuer: /CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Certificate serial: 019423D71DC71267AE546719EAE7167B79CC
Authority key identifier: 1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/ppyXWx3b2vR8Ibd9RD1KtiBKJfE.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59474
IP address blocks: 2001:678:24c::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 Jan 2025 22:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1d:c7:12:67:ae:54:67:19:ea:e7:16:7b:79:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a69c975b1ddbdaf47c21b77d443d4ab6204a25f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:d9:6f:cd:1e:d5:c2:1b:e7:d3:43:dd:22:
e7:3b:49:9f:99:e3:94:ba:fd:9a:da:33:9f:7d:06:
b5:23:77:66:e0:24:34:14:9b:c1:a2:40:ea:09:7e:
29:29:c0:f3:75:a9:a5:a3:f1:98:34:a4:7d:43:c2:
69:e3:7b:bf:d5:55:55:30:a0:a9:aa:4f:f0:e9:b3:
a8:5b:23:53:93:56:09:3d:db:01:c0:be:60:d2:22:
b2:6a:55:52:ca:78:bd:dc:cc:66:9d:37:49:e8:c2:
e8:4d:a6:d4:2f:d4:6e:9d:64:75:d6:7a:87:d1:fa:
d6:86:da:1b:ba:dd:80:3f:92:8a:51:d6:02:60:c6:
74:05:07:eb:4f:06:a5:69:c0:b5:98:c2:e7:97:19:
4d:bb:ec:a2:c7:a8:1e:31:42:6d:6d:46:35:af:41:
09:11:86:1e:68:57:8d:0f:50:94:59:af:29:de:c3:
49:77:5d:44:86:f1:6f:f9:4a:0c:c9:69:df:0c:2c:
b1:ae:1a:ac:d1:95:b5:ae:15:b8:01:bc:00:97:5e:
93:85:13:8a:83:8c:e9:be:d4:e9:d3:ff:26:db:f7:
c3:c2:c3:8d:f8:29:f3:cb:9f:fb:aa:60:21:05:67:
48:de:0f:8d:e8:f2:99:95:a6:88:bb:89:6e:d4:72:
54:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9C:97:5B:1D:DB:DA:F4:7C:21:B7:7D:44:3D:4A:B6:20:4A:25:F1
X509v3 Authority Key Identifier:
keyid:1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/ppyXWx3b2vR8Ibd9RD1KtiBKJfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/Hox3M21m97AjjmwYTGT6TyTQnwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:24c::/48
Signature Algorithm: sha256WithRSAEncryption
16:44:55:b3:c0:b0:84:ea:b6:71:9d:0e:ab:ae:1d:4f:fd:64:
1b:9f:5e:48:b2:ad:9f:91:e5:09:9b:33:b2:0d:fa:0a:9f:29:
fc:ad:a7:43:03:7c:0c:19:74:f2:a9:b8:06:d9:de:24:e7:07:
a4:99:d0:43:8a:c4:1f:d9:13:3a:8d:30:82:3c:ef:65:be:57:
a3:41:16:21:a2:18:67:f0:09:67:33:91:f5:97:81:6a:7d:26:
ae:c0:f2:e2:b6:46:b6:bb:29:2d:e0:de:cc:00:b4:e2:71:2e:
cc:d6:d5:62:d3:93:07:1d:a8:52:17:d6:41:8f:66:85:3a:d6:
3d:27:ee:47:04:02:0c:ab:5c:c6:a9:b9:31:ec:69:06:e1:13:
59:25:f2:d0:a4:04:00:56:89:72:b3:b1:e2:ee:92:b7:a6:0e:
bd:38:44:88:c0:1a:ad:c1:3c:b0:dd:7b:47:0b:0f:b9:7c:56:
84:20:96:ee:7c:00:53:ed:a8:f6:a6:79:a7:28:1d:6e:ef:ca:
c6:3c:51:78:c1:2c:58:12:72:e7:f6:74:5c:ad:df:fa:7a:b4:
d0:a2:5a:e7:90:0b:c9:c4:56:4f:46:35:56:80:3e:17:c5:24:
9a:31:c7:8c:cd:ab:8e:81:d4:4a:dc:96:9f:bb:45:8d:d9:9e:
cf:91:1d:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1x3HEmeuVGcZ6ucWe3nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGM3NzMzNmQ2NmY3YjAyMzhlNmMxODRjNjRmYTRmMjRk
MDlmMDEwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjljOTc1YjFkZGJkYWY0N2MyMWI3N2Q0NDNkNGFiNjIwNGEyNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4rZb80e1cIb59ND3SLnO0mfmeOU
uv2a2jOffQa1I3dm4CQ0FJvBokDqCX4pKcDzdamlo/GYNKR9Q8Jp43u/1VVVMKCp
qk/w6bOoWyNTk1YJPdsBwL5g0iKyalVSyni93MxmnTdJ6MLoTabUL9RunWR11nqH
0frWhtobut2AP5KKUdYCYMZ0BQfrTwalacC1mMLnlxlNu+yix6geMUJtbUY1r0EJ
EYYeaFeND1CUWa8p3sNJd11EhvFv+UoMyWnfDCyxrhqs0ZW1rhW4AbwAl16ThROK
g4zpvtTp0/8m2/fDwsON+Cnzy5/7qmAhBWdI3g+N6PKZlaaIu4lu1HJULQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKacl1sd29r0fCG3fUQ9SrYgSiXxMB8GA1UdIwQY
MBaAFB6MdzNtZvewI45sGExk+k8k0J8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2Et
OTk5NTdkZjQ5OTdlLzEvcHB5WFd4M2IydlI4SWJkOVJEMUt0aUJLSmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2EtOTk5NTdkZjQ5OTdl
LzEvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJM
MA0GCSqGSIb3DQEBCwUAA4IBAQAWRFWzwLCE6rZxnQ6rrh1P/WQbn15Isq2fkeUJ
mzOyDfoKnyn8radDA3wMGXTyqbgG2d4k5wekmdBDisQf2RM6jTCCPO9lvlejQRYh
ohhn8AlnM5H1l4FqfSauwPLitka2uykt4N7MALTicS7M1tVi05MHHahSF9ZBj2aF
OtY9J+5HBAIMq1zGqbkx7GkG4RNZJfLQpAQAVolys7Hi7pK3pg69OESIwBqtwTyw
3XtHCw+5fFaEIJbufABT7aj2pnmnKB1u78rGPFF4wSxYEnLn9nRcrd/6erTQolrn
kAvJxFZPRjVWgD4XxSSaMceMzauOgdRK3Jafu0WN2Z7PkR3f
-----END CERTIFICATE-----
Generated at Wed May 14 16:01:38 2025 by rpki-client