Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/otSzGdtDCnJdz3zPs7c9L1wBlQU.roa
File: otSzGdtDCnJdz3zPs7c9L1wBlQU.roa (raw, json)
Hash identifier: 0HXqZHOOGYrX7B4RihuMPE8iDjMckb0EoYjWLQOiTiI=
Subject key identifier: A2:D4:B3:19:DB:43:0A:72:5D:CF:7C:CF:B3:B7:3D:2F:5C:01:95:05
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 01941F8C22C5D4263DDBB4A09A6596ECAEE9
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/otSzGdtDCnJdz3zPs7c9L1wBlQU.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62392
IP address blocks: 2001:67c:1810::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 Jan 2025 13:05:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:22:c5:d4:26:3d:db:b4:a0:9a:65:96:ec:ae:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d4b319db430a725dcf7ccfb3b73d2f5c019505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:16:c7:b4:70:00:e8:65:c3:62:ef:69:bc:53:
a0:c6:e1:67:4f:11:f7:f9:a3:44:98:d1:2d:cb:d8:
87:77:86:38:eb:c2:39:30:f9:34:49:e1:77:b2:d9:
0c:06:41:e8:84:27:ee:db:48:28:38:52:6c:65:57:
e8:b2:5e:89:9c:e4:41:ad:4f:bd:70:fc:41:38:9d:
d7:7a:7a:df:55:c4:4e:46:a0:e7:c4:94:c8:64:a7:
5b:31:a3:bc:22:e2:00:18:e7:a0:26:1b:76:58:fc:
c8:e8:fc:aa:ee:83:de:2b:f7:ec:f3:bf:c2:8d:88:
7e:e7:18:a8:21:e6:9e:6a:cd:14:f5:2e:5e:4d:f9:
34:f8:d2:30:e3:f5:cd:d7:29:7d:9d:42:83:dc:79:
39:8c:0a:07:b6:46:6e:f9:b8:ed:48:a2:1a:60:bd:
7f:8e:38:b0:09:8d:e8:92:a4:ff:22:b6:cf:9b:cb:
a5:63:3c:2a:3f:2a:cc:bb:8a:87:6c:ab:ce:f7:bf:
58:5c:c3:ce:00:3b:b5:dc:e2:10:46:a1:48:ae:02:
3f:55:74:22:26:c4:47:c6:82:1a:8a:02:91:aa:78:
10:2a:a7:b5:9a:0f:1d:9d:d0:e1:7a:7c:3e:07:b3:
23:07:63:18:3e:a2:58:53:50:21:61:6e:15:23:cc:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D4:B3:19:DB:43:0A:72:5D:CF:7C:CF:B3:B7:3D:2F:5C:01:95:05
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/otSzGdtDCnJdz3zPs7c9L1wBlQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1810::/48
Signature Algorithm: sha256WithRSAEncryption
80:93:4c:c5:b9:7c:7d:4e:b3:0f:ce:d2:b5:97:72:8d:c1:7a:
29:24:3c:b4:7a:eb:43:fc:71:c7:da:48:85:d4:8d:d7:c8:4a:
13:d5:c9:80:a5:ed:ef:ff:28:d1:e9:c2:f5:64:60:5f:ef:c2:
3a:d5:2f:bf:bb:0e:c1:cf:7f:50:c2:df:68:f2:d2:83:91:81:
a4:a6:ba:37:32:ee:d9:b1:96:c4:a8:13:fe:42:5a:51:74:05:
f5:a1:cb:4d:c4:47:a3:80:fb:dc:b7:38:77:f0:bd:ef:5d:48:
10:42:f3:fc:96:c4:4d:3f:11:c8:3b:74:f9:ec:bb:da:5a:db:
cc:c5:f3:77:49:86:90:5f:b0:dd:8c:85:3c:4d:07:04:fe:3a:
d5:5e:97:2a:5d:e7:22:6b:df:47:4a:0d:f5:e3:14:47:93:b7:
c2:69:ea:4d:c4:d0:fb:83:84:35:20:89:16:41:26:57:58:11:
dd:86:3a:5f:79:d4:89:4b:45:c7:01:48:eb:c4:21:8e:25:08:
8c:c8:7e:64:3c:88:da:0a:ee:89:b9:d4:03:0d:88:e5:28:18:
c0:71:02:2b:8e:0b:37:0c:1c:a0:a9:44:ad:f5:8f:45:bc:bd:
32:41:68:1e:d0:d8:b5:8d:4c:70:45:1f:ec:9c:91:42:21:20:
30:69:6a:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjCLF1CY927SgmmWW7K7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ0YjMxOWRiNDMwYTcyNWRjZjdjY2ZiM2I3M2QyZjVjMDE5NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhbHtHAA6GXDYu9pvFOgxuFnTxH3
+aNEmNEty9iHd4Y468I5MPk0SeF3stkMBkHohCfu20goOFJsZVfosl6JnORBrU+9
cPxBOJ3XenrfVcRORqDnxJTIZKdbMaO8IuIAGOegJht2WPzI6Pyq7oPeK/fs87/C
jYh+5xioIeaeas0U9S5eTfk0+NIw4/XN1yl9nUKD3Hk5jAoHtkZu+bjtSKIaYL1/
jjiwCY3okqT/IrbPm8ulYzwqPyrMu4qHbKvO979YXMPOADu13OIQRqFIrgI/VXQi
JsRHxoIaigKRqngQKqe1mg8dndDhenw+B7MjB2MYPqJYU1AhYW4VI8w5lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKLUsxnbQwpyXc98z7O3PS9cAZUFMB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvb3RTekdkdERDbkpkejN6UHM3YzlMMXdCbFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCAk0zFuXx9TrMPztK1l3KNwXopJDy0eutD/HHH
2kiF1I3XyEoT1cmApe3v/yjR6cL1ZGBf78I61S+/uw7Bz39Qwt9o8tKDkYGkpro3
Mu7ZsZbEqBP+QlpRdAX1octNxEejgPvctzh38L3vXUgQQvP8lsRNPxHIO3T57Lva
WtvMxfN3SYaQX7DdjIU8TQcE/jrVXpcqXecia99HSg314xRHk7fCaepNxND7g4Q1
IIkWQSZXWBHdhjpfedSJS0XHAUjrxCGOJQiMyH5kPIjaCu6JudQDDYjlKBjAcQIr
jgs3DBygqUSt9Y9FvL0yQWge0Ni1jUxwRR/snJFCISAwaWpA
-----END CERTIFICATE-----
Generated at Thu May 1 18:19:13 2025 by rpki-client