Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/3nAN7eAmK4SaTBmhrI0mTau6UMc.roa
File: 3nAN7eAmK4SaTBmhrI0mTau6UMc.roa (raw, json)
Hash identifier: ZPC1N2No+JFRmaY+aZz0LEz3gRm1SwHcNpHSkf4IRkw=
Subject key identifier: DE:70:0D:ED:E0:26:2B:84:9A:4C:19:A1:AC:8D:26:4D:AB:BA:50:C7
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A164DD4D7B1F23F5CA22A48340853943
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/3nAN7eAmK4SaTBmhrI0mTau6UMc.roa
Signing time: Sat 07 Dec 2024 13:52:42 +0000
ROA not before: Sat 07 Dec 2024 13:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 2001:67c:1874::/48 maxlen: 48
2a09:f040::/29 maxlen: 29
2a0b:2fc0::/29 maxlen: 29
2a0d:c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 08 Dec 2024 18:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:64:dd:4d:7b:1f:23:f5:ca:22:a4:83:40:85:39:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 7 13:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de700dede0262b849a4c19a1ac8d264dabba50c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:a5:24:5d:0f:77:33:9d:b5:66:81:11:fe:
66:fa:39:3c:62:69:ba:f3:85:23:91:84:03:5c:73:
e6:0c:8a:07:b2:d7:57:17:00:6e:44:52:fe:e4:dc:
09:57:d9:31:3e:d8:d2:e0:34:8e:bb:0a:00:2c:98:
f9:30:6b:49:1e:0e:ff:55:f0:b0:cb:ae:28:14:cc:
c4:3e:97:2a:08:80:47:05:35:e1:08:0c:c1:b7:a0:
64:fa:dc:1a:54:8c:98:62:e4:7c:65:5c:6e:e8:1f:
28:0d:eb:c8:be:17:93:d1:6e:f5:40:45:ef:72:63:
65:2b:60:16:db:f5:9c:2e:0d:2c:0b:b5:97:84:63:
87:83:c7:bd:31:94:29:e1:1b:92:0d:a3:cd:91:60:
92:bc:1a:e9:56:49:d4:f3:54:23:c9:01:9e:79:74:
4f:eb:58:b8:39:1f:47:04:63:28:5a:a3:95:9f:e8:
54:d6:aa:ee:14:b5:c7:e2:bc:4b:aa:9a:28:7b:b0:
a0:2e:71:c5:48:05:5b:17:c1:bd:84:aa:58:14:af:
be:91:e7:85:d1:5d:7e:17:ff:cf:f4:e8:60:3a:38:
a7:d5:cd:b3:46:54:39:78:6d:75:ed:7d:8e:8d:d0:
ac:4f:19:c2:1c:56:31:34:74:4a:37:65:c3:d8:10:
1d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:70:0D:ED:E0:26:2B:84:9A:4C:19:A1:AC:8D:26:4D:AB:BA:50:C7
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/3nAN7eAmK4SaTBmhrI0mTau6UMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1874::/48
2a09:f040::/29
2a0b:2fc0::/29
2a0d:c00::/29
Signature Algorithm: sha256WithRSAEncryption
d7:db:30:92:64:65:0e:47:1c:e3:b8:22:79:02:9e:ae:7e:c3:
6c:28:16:fc:d3:ca:db:ea:c9:c2:35:3f:bb:11:60:79:3c:b5:
19:be:5c:07:02:91:65:5c:51:17:16:a9:0b:e8:ae:a9:dc:c0:
d5:34:8f:4a:91:2f:3b:55:1b:4e:05:6a:2a:8e:b7:f0:77:be:
94:d8:f3:f5:e2:7f:2d:46:ca:30:64:15:19:5f:bf:31:7e:eb:
ba:14:97:3a:f8:fe:77:ea:ac:92:42:e7:4d:44:90:2c:2a:17:
ba:45:dd:be:98:c2:48:ba:31:66:31:59:fb:8f:e8:4a:4f:d4:
4b:d3:88:4a:e2:ad:65:6b:9f:c1:b0:1d:3a:7b:a7:c3:94:e5:
06:7e:d0:91:55:a4:ce:cd:be:3d:6b:76:0d:67:5f:a5:ac:fa:
4a:3c:53:3e:79:f2:42:43:cd:96:07:40:fa:b8:47:14:6d:dd:
42:d8:8a:e2:4a:d9:31:52:24:4e:32:4b:66:d6:1b:50:6c:d8:
33:de:fa:34:b4:42:9f:85:35:7c:9b:13:13:62:69:c1:1f:f7:
cc:bf:1f:cc:b4:ea:4d:08:95:b9:4c:f9:b0:c2:2e:3a:9e:f3:
13:e9:30:d1:49:ce:85:1e:7f:22:43:94:14:ba:96:b5:14:27:
f1:f7:8e:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOhZN1Nex8j9coipINAhTlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA3MTM1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTcwMGRlZGUwMjYyYjg0OWE0YzE5YTFhYzhkMjY0ZGFiYmE1MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcmlJF0PdzOdtWaBEf5m+jk8Ymm6
84UjkYQDXHPmDIoHstdXFwBuRFL+5NwJV9kxPtjS4DSOuwoALJj5MGtJHg7/VfCw
y64oFMzEPpcqCIBHBTXhCAzBt6Bk+twaVIyYYuR8ZVxu6B8oDevIvheT0W71QEXv
cmNlK2AW2/WcLg0sC7WXhGOHg8e9MZQp4RuSDaPNkWCSvBrpVknU81QjyQGeeXRP
61i4OR9HBGMoWqOVn+hU1qruFLXH4rxLqpooe7CgLnHFSAVbF8G9hKpYFK++keeF
0V1+F//P9OhgOjin1c2zRlQ5eG117X2OjdCsTxnCHFYxNHRKN2XD2BAdeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN5wDe3gJiuEmkwZoayNJk2rulDHMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvM25BTjdlQW1LNFNhVEJtaHJJMG1UYXU2VU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAIAEGfBh0
AwUDKgnwQAMFAyoLL8ADBQMqDQwAMA0GCSqGSIb3DQEBCwUAA4IBAQDX2zCSZGUO
RxzjuCJ5Ap6ufsNsKBb808rb6snCNT+7EWB5PLUZvlwHApFlXFEXFqkL6K6p3MDV
NI9KkS87VRtOBWoqjrfwd76U2PP14n8tRsowZBUZX78xfuu6FJc6+P536qySQudN
RJAsKhe6Rd2+mMJIujFmMVn7j+hKT9RL04hK4q1la5/BsB06e6fDlOUGftCRVaTO
zb49a3YNZ1+lrPpKPFM+efJCQ82WB0D6uEcUbd1C2IriStkxUiROMktm1htQbNgz
3vo0tEKfhTV8mxMTYmnBH/fMvx/MtOpNCJW5TPmwwi46nvMT6TDRSc6FHn8iQ5QU
upa1FCfx9445
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:21:09 2025 by rpki-client