Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/mHc72PyBRo9CjIE4YTKenRynf7w.roa
File: mHc72PyBRo9CjIE4YTKenRynf7w.roa (raw, json)
Hash identifier: wYACaYbfH88bQNp/xJUnDY+vWirB4Dc3MhiCFqniiFE=
Subject key identifier: 98:77:3B:D8:FC:81:46:8F:42:8C:81:38:61:32:9E:9D:1C:A7:7F:BC
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A164DDE5663E10A6B0CC30496B755A85
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/mHc72PyBRo9CjIE4YTKenRynf7w.roa
Signing time: Sat 07 Dec 2024 13:52:42 +0000
ROA not before: Sat 07 Dec 2024 13:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29632
IP address blocks: 2001:67c:1874::/48 maxlen: 48
2a09:f040::/29 maxlen: 29
2a0b:2fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 08 Dec 2024 18:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:64:dd:e5:66:3e:10:a6:b0:cc:30:49:6b:75:5a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 7 13:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98773bd8fc81468f428c813861329e9d1ca77fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:96:94:7a:50:bc:b2:59:17:ec:36:7f:ed:aa:
ca:f7:78:ac:42:30:06:d7:a7:dd:28:13:41:8a:3f:
cf:27:39:de:6a:e0:ba:e6:9b:9a:a3:e8:1b:04:83:
0f:07:bb:fa:0e:96:87:32:a2:70:32:31:17:28:8b:
4d:3b:77:03:94:a1:1f:e6:79:e2:06:04:14:2d:09:
46:a1:6e:19:df:2c:8b:53:d2:b2:c2:56:c3:11:c7:
d0:68:32:43:c5:b4:04:d7:d1:f5:66:79:d2:76:99:
21:39:94:15:1e:70:21:71:29:ce:ee:f9:7a:0c:57:
fb:d9:4c:38:dc:48:c5:c3:40:47:4b:6a:69:86:8f:
c0:09:0b:08:78:08:ee:a6:90:14:f2:95:b3:e0:5e:
ae:8d:9e:33:3a:c3:d1:73:5b:1a:fd:c9:29:d7:fa:
1b:7d:a6:7b:07:3b:6f:ea:70:a0:71:a7:a9:82:e7:
d8:9c:e1:e6:59:58:61:f8:83:38:7a:17:1b:58:34:
52:41:e3:50:c3:bd:6f:4e:89:5d:91:ab:38:d5:17:
ac:e3:20:40:be:75:ef:d3:2a:a2:39:2b:75:36:b9:
bf:99:ea:5a:7a:2b:c5:f5:63:43:78:c7:73:ba:ad:
19:18:09:5b:d4:79:be:8f:83:64:d9:af:88:dd:a5:
8d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:77:3B:D8:FC:81:46:8F:42:8C:81:38:61:32:9E:9D:1C:A7:7F:BC
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/mHc72PyBRo9CjIE4YTKenRynf7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1874::/48
2a09:f040::/29
2a0b:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
27:5b:fc:eb:84:a2:01:47:80:67:f2:9b:07:77:26:b9:f1:fd:
51:6b:c9:fa:d2:4c:7b:8f:f5:18:c2:9a:cb:bf:07:49:05:2c:
4e:77:1a:55:ec:f6:b6:bf:80:9e:75:f6:40:f1:5f:de:31:d1:
e4:1c:6f:97:c7:2a:b8:dd:2f:8c:ce:9b:7e:81:71:4b:41:72:
6b:f2:04:c3:cf:5c:96:5d:e5:47:eb:77:fe:c0:24:00:d2:e0:
c3:98:07:14:b9:b0:1e:dc:2c:4f:e8:9e:fe:ba:2f:af:b8:31:
3a:97:25:69:4e:b9:1e:35:c8:42:9e:17:17:fe:84:34:cb:10:
5f:57:ee:5d:1d:56:24:45:18:e1:84:e8:d2:e0:81:ec:e9:cc:
f9:16:06:af:25:ee:07:e2:87:31:cd:87:95:d4:e3:f3:0a:2a:
2b:95:4d:b9:89:5d:30:5a:cb:26:39:e4:33:e3:a7:64:e6:6c:
63:2f:21:e9:28:ea:bb:9a:58:4f:42:ac:d6:f7:c9:4b:91:29:
14:a5:e6:40:f2:cc:6a:c8:19:65:44:a6:c3:37:33:20:6b:22:
eb:02:eb:74:94:d9:c1:63:73:8a:a8:a9:6e:d9:29:45:24:28:
cd:fb:9c:7d:22:40:54:39:a6:22:7e:74:f4:16:bb:4a:d1:ef:
bc:fe:fd:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZOhZN3lZj4QprDMMElrdVqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA3MTM1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc3M2JkOGZjODE0NjhmNDI4YzgxMzg2MTMyOWU5ZDFjYTc3ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65aUelC8slkX7DZ/7arK93isQjAG
16fdKBNBij/PJzneauC65puao+gbBIMPB7v6DpaHMqJwMjEXKItNO3cDlKEf5nni
BgQULQlGoW4Z3yyLU9KywlbDEcfQaDJDxbQE19H1ZnnSdpkhOZQVHnAhcSnO7vl6
DFf72Uw43EjFw0BHS2ppho/ACQsIeAjuppAU8pWz4F6ujZ4zOsPRc1sa/ckp1/ob
faZ7Bztv6nCgcaepgufYnOHmWVhh+IM4ehcbWDRSQeNQw71vToldkas41Res4yBA
vnXv0yqiOSt1Nrm/mepaeivF9WNDeMdzuq0ZGAlb1Hm+j4Nk2a+I3aWNuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJh3O9j8gUaPQoyBOGEynp0cp3+8MB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvbUhjNzJQeUJSbzlDaklFNFlUS2VuUnluZjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAIAEGfBh0
AwUDKgnwQAMFAyoLL8AwDQYJKoZIhvcNAQELBQADggEBACdb/OuEogFHgGfymwd3
Jrnx/VFryfrSTHuP9RjCmsu/B0kFLE53GlXs9ra/gJ519kDxX94x0eQcb5fHKrjd
L4zOm36BcUtBcmvyBMPPXJZd5Ufrd/7AJADS4MOYBxS5sB7cLE/onv66L6+4MTqX
JWlOuR41yEKeFxf+hDTLEF9X7l0dViRFGOGE6NLggezpzPkWBq8l7gfihzHNh5XU
4/MKKiuVTbmJXTBayyY55DPjp2TmbGMvIeko6ruaWE9CrNb3yUuRKRSl5kDyzGrI
GWVEpsM3MyBrIusC63SU2cFjc4qoqW7ZKUUkKM37nH0iQFQ5piJ+dPQWu0rR77z+
/e8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:13 2025 by rpki-client