Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kY12ITsjZPaOTP2y1UkHKk45DE.roa
File: 2kY12ITsjZPaOTP2y1UkHKk45DE.roa (raw, json)
Hash identifier: B10QFzz9nKtBw6WzUFGboMTSAzcWpkXtGFVujVYUgOc=
Subject key identifier: DA:46:35:D8:84:EC:8D:93:DA:39:33:F6:CB:55:24:1C:A9:38:E4:31
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D980EA8E11782F6C9CDFF163433154
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kY12ITsjZPaOTP2y1UkHKk45DE.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 2a03:5840:fd::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 16:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:80:ea:8e:11:78:2f:6c:9c:df:f1:63:43:31:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da4635d884ec8d93da3933f6cb55241ca938e431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bd:60:05:b3:4d:0a:5b:a6:b1:f2:3f:b6:88:
e0:30:cf:cc:38:2a:3c:2b:82:ef:00:b4:d7:09:6d:
58:94:d1:60:a7:07:d8:95:85:76:cd:aa:ed:77:f3:
38:5e:31:8c:7a:6a:3b:7c:49:e8:c9:f4:6e:f3:d9:
c4:b1:db:5b:66:06:6d:55:1b:c0:62:6d:9e:bd:3b:
5b:70:52:d9:d6:75:73:12:8b:ab:6e:02:bf:3f:51:
91:ab:21:88:f7:7c:29:94:1b:f6:cf:ae:48:38:6d:
90:fc:cc:5f:2b:f8:af:ee:e8:4b:7e:6a:86:09:ac:
78:9b:78:f9:30:d3:6b:59:68:7e:71:63:d3:e7:51:
fa:22:8a:0b:a8:a8:be:72:48:02:62:7c:40:b4:e7:
aa:e9:52:d5:d0:51:9f:23:c6:57:b1:1d:35:fa:93:
7b:e5:70:7f:a3:12:07:79:c8:8d:09:ed:6a:4d:b9:
e1:9f:bd:03:a2:c7:ca:62:87:a4:16:0a:0a:7f:92:
81:73:ef:5d:c3:59:cd:56:71:00:c2:00:3a:75:f5:
08:f1:e0:4e:6e:b3:d6:ea:ca:b9:df:f0:9b:36:e4:
2e:70:8c:6f:b3:0e:8a:0e:46:a5:9c:54:38:1d:85:
f1:8a:58:30:54:99:f1:49:59:a0:ec:d6:37:5b:cf:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:46:35:D8:84:EC:8D:93:DA:39:33:F6:CB:55:24:1C:A9:38:E4:31
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/2kY12ITsjZPaOTP2y1UkHKk45DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:fd::/48
Signature Algorithm: sha256WithRSAEncryption
90:c9:1e:a3:95:7c:e8:83:1e:32:da:4d:06:18:3a:d3:8a:2f:
94:6a:72:5a:ec:50:b2:62:45:62:48:2b:d1:83:6f:43:df:df:
04:ba:33:e9:67:db:c0:dd:b8:00:84:fa:cd:86:6b:99:63:6c:
fa:e4:0a:6d:dc:12:0e:36:1b:48:80:ea:ba:04:57:85:dd:84:
f5:8a:54:e4:0e:c0:f4:3f:3a:2f:d6:e4:0c:8c:2a:a4:e3:6d:
fa:dc:45:16:e2:ec:39:36:e4:94:5e:e9:0b:da:d7:0c:8e:09:
20:4d:a6:57:50:70:43:55:b4:d5:02:77:05:17:07:66:63:aa:
02:fd:f4:93:1e:d6:13:8a:9f:b3:af:94:92:41:d3:33:48:af:
9a:79:a6:b0:9f:f5:1f:c1:a1:3d:90:29:bc:38:0c:69:e1:b9:
3a:86:b8:fb:3e:24:41:b7:79:d1:4a:52:21:7d:06:eb:45:f7:
f6:88:9e:42:ab:e9:23:1c:00:01:97:dd:7a:56:a4:71:4a:d8:
09:c4:cc:ab:ba:b2:a6:ec:6b:98:f8:1f:ea:9b:0d:0b:3e:c2:
3b:ca:be:06:04:62:93:f3:dd:a1:f3:69:46:7e:ca:d6:19:ce:
ac:dc:54:37:52:58:37:9a:f8:35:e2:4c:07:1b:da:6f:f4:c5:
ca:86:6d:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2YDqjhF4L2yc3/FjQzFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ2MzVkODg0ZWM4ZDkzZGEzOTMzZjZjYjU1MjQxY2E5MzhlNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy71gBbNNClumsfI/tojgMM/MOCo8
K4LvALTXCW1YlNFgpwfYlYV2zartd/M4XjGMemo7fEnoyfRu89nEsdtbZgZtVRvA
Ym2evTtbcFLZ1nVzEourbgK/P1GRqyGI93wplBv2z65IOG2Q/MxfK/iv7uhLfmqG
Cax4m3j5MNNrWWh+cWPT51H6IooLqKi+ckgCYnxAtOeq6VLV0FGfI8ZXsR01+pN7
5XB/oxIHeciNCe1qTbnhn70DosfKYoekFgoKf5KBc+9dw1nNVnEAwgA6dfUI8eBO
brPW6sq53/CbNuQucIxvsw6KDkalnFQ4HYXxilgwVJnxSVmg7NY3W8+SQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNpGNdiE7I2T2jkz9stVJBypOOQxMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMmtZMTJJVHNqWlBhT1RQMnkxVWtIS2s0NURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAD9
MA0GCSqGSIb3DQEBCwUAA4IBAQCQyR6jlXzogx4y2k0GGDrTii+UanJa7FCyYkVi
SCvRg29D398EujPpZ9vA3bgAhPrNhmuZY2z65Apt3BIONhtIgOq6BFeF3YT1ilTk
DsD0Pzov1uQMjCqk42363EUW4uw5NuSUXukL2tcMjgkgTaZXUHBDVbTVAncFFwdm
Y6oC/fSTHtYTip+zr5SSQdMzSK+aeaawn/UfwaE9kCm8OAxp4bk6hrj7PiRBt3nR
SlIhfQbrRff2iJ5Cq+kjHAABl916VqRxStgJxMyrurKm7GuY+B/qmw0LPsI7yr4G
BGKT892h82lGfsrWGc6s3FQ3Ulg3mvg14kwHG9pv9MXKhm0j
-----END CERTIFICATE-----
Generated at Fri May 2 13:16:11 2025 by rpki-client