Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/hYc05xIk3RbYIW3TlRPshSQsWYc.roa
File: hYc05xIk3RbYIW3TlRPshSQsWYc.roa (raw, json)
Hash identifier: IXEDMzU/C745MhZHJlAg1RNRMVMjytFGTpzB8FVWbDc=
Subject key identifier: 85:87:34:E7:12:24:DD:16:D8:21:6D:D3:95:13:EC:85:24:2C:59:87
Certificate issuer: /CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Certificate serial: 018EDD52AE7699D7CE3B3479050594C90455
Authority key identifier: 99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/hYc05xIk3RbYIW3TlRPshSQsWYc.roa
Signing time: Sun 14 Apr 2024 15:56:07 +0000
ROA not before: Sun 14 Apr 2024 15:56:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215137
IP address blocks: 2a07:5900::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 06:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dd:52:ae:76:99:d7:ce:3b:34:79:05:05:94:c9:04:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Validity
Not Before: Apr 14 15:56:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=858734e71224dd16d8216dd39513ec85242c5987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:42:68:4f:f6:9e:ed:10:60:20:c3:30:20:
35:c8:df:08:1a:1a:39:ed:aa:71:75:67:e1:95:2f:
1e:30:b7:a3:52:5b:f5:48:9f:d1:51:ed:17:1d:ba:
c5:d6:66:7f:e0:20:b1:a7:0e:30:54:94:c7:60:26:
70:ef:50:f0:9e:03:63:4f:4e:c4:ed:79:a7:48:1e:
c5:62:0f:40:12:8e:b0:9b:1c:f0:e7:8a:87:37:35:
cd:36:64:04:f6:0d:be:5b:d6:4a:31:b3:ec:58:9b:
55:ca:87:8e:e5:cb:db:09:a2:4e:99:7a:0b:4c:f8:
b1:40:09:05:3f:85:94:64:b9:06:5a:88:ea:38:82:
26:bb:92:5d:bd:34:1b:f9:b7:d0:66:f8:9e:1c:13:
be:f8:bc:d9:0c:2a:2b:6e:cb:1b:42:3a:6c:7d:0b:
c1:6a:f2:74:e5:0e:9e:87:5d:30:cf:8d:f2:45:36:
ed:c1:1b:d0:05:11:21:39:13:c5:5b:d5:be:91:d8:
f5:b7:a3:28:c0:2f:5a:a3:c2:9b:ac:79:df:70:c2:
d7:72:1a:96:94:48:e8:0b:f7:26:35:fb:ae:ee:74:
84:ad:ae:fc:50:f4:11:30:ab:58:af:ff:57:b8:fd:
49:6b:2b:5b:19:15:a2:65:81:73:79:8e:c7:33:0a:
77:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:87:34:E7:12:24:DD:16:D8:21:6D:D3:95:13:EC:85:24:2C:59:87
X509v3 Authority Key Identifier:
keyid:99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/hYc05xIk3RbYIW3TlRPshSQsWYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5900::/32
Signature Algorithm: sha256WithRSAEncryption
c0:2f:88:5a:40:7e:da:ee:52:0e:a1:2e:89:3d:4a:5d:4f:29:
2d:92:26:9a:94:08:07:d2:89:1d:11:94:1d:7c:ba:89:3f:f3:
44:b8:08:50:90:62:d6:52:d7:29:f3:f4:94:ea:c1:df:88:a1:
e2:a3:e1:fb:d7:00:b1:63:58:39:79:e1:19:f2:9c:c2:96:b4:
f8:9c:ca:e6:fd:7a:b4:46:aa:be:b7:dc:81:70:95:30:fe:3c:
ee:05:3f:cc:90:f1:a8:9f:24:14:a2:c0:c9:f9:39:60:69:78:
29:02:8f:a5:6d:9c:7e:6f:b8:bd:64:3c:69:15:5f:e6:67:d5:
2a:7f:81:ef:1b:70:44:a6:99:6e:ed:d3:30:8c:35:b0:25:7d:
59:0b:98:f1:94:ce:89:da:57:33:f7:38:d8:c5:41:dd:a3:99:
aa:63:6a:88:f4:b7:50:92:eb:8f:99:69:50:3c:f1:a2:17:b0:
4f:9a:58:78:c1:1a:27:68:c9:b1:37:f6:30:8a:08:b2:53:32:
0e:09:76:da:39:a2:98:79:eb:fd:c3:7f:81:5f:c7:04:82:30:
a7:31:f3:82:d9:b4:ce:85:fe:7c:b6:db:bb:b0:01:b4:ce:a7:
6d:dc:77:48:8a:60:04:1b:a2:42:11:c6:2d:76:53:c1:dc:ce:
dd:cc:86:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7dUq52mdfOOzR5BQWUyQRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjhmZDI5MmM4YTFiODk2Yjg3NTIzNDRhM2RhOTIzNzhm
MmFlNWEwHhcNMjQwNDE0MTU1NjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg3MzRlNzEyMjRkZDE2ZDgyMTZkZDM5NTEzZWM4NTI0MmM1OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHBCaE/2nu0QYCDDMCA1yN8IGho5
7apxdWfhlS8eMLejUlv1SJ/RUe0XHbrF1mZ/4CCxpw4wVJTHYCZw71DwngNjT07E
7XmnSB7FYg9AEo6wmxzw54qHNzXNNmQE9g2+W9ZKMbPsWJtVyoeO5cvbCaJOmXoL
TPixQAkFP4WUZLkGWojqOIImu5JdvTQb+bfQZvieHBO++LzZDCorbssbQjpsfQvB
avJ05Q6eh10wz43yRTbtwRvQBREhORPFW9W+kdj1t6MowC9ao8KbrHnfcMLXchqW
lEjoC/cmNfuu7nSEra78UPQRMKtYr/9XuP1JaytbGRWiZYFzeY7HMwp3WwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIWHNOcSJN0W2CFt05UT7IUkLFmHMB8GA1UdIwQY
MBaAFJm4/SksihuJa4dSNEo9qSN48q5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDkt
N2VlYWQxNDYxYTU0LzEvaFljMDV4SWszUmJZSVczVGxSUHNoU1FzV1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDktN2VlYWQxNDYxYTU0
LzEvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgdZADAN
BgkqhkiG9w0BAQsFAAOCAQEAwC+IWkB+2u5SDqEuiT1KXU8pLZImmpQIB9KJHRGU
HXy6iT/zRLgIUJBi1lLXKfP0lOrB34ih4qPh+9cAsWNYOXnhGfKcwpa0+JzK5v16
tEaqvrfcgXCVMP487gU/zJDxqJ8kFKLAyfk5YGl4KQKPpW2cfm+4vWQ8aRVf5mfV
Kn+B7xtwRKaZbu3TMIw1sCV9WQuY8ZTOidpXM/c42MVB3aOZqmNqiPS3UJLrj5lp
UDzxohewT5pYeMEaJ2jJsTf2MIoIslMyDgl22jmimHnr/cN/gV/HBIIwpzHzgtm0
zoX+fLbbu7ABtM6nbdx3SIpgBBuiQhHGLXZTwdzO3cyGvA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:22:22 2025 by rpki-client