Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/tspFCELJiD3icnys2kwyablliOU.roa
File: tspFCELJiD3icnys2kwyablliOU.roa (raw, json)
Hash identifier: QdIR4cIUvxPaMVFimbVA8+u/beEqjf6xHysRFoXhujA=
Subject key identifier: B6:CA:45:08:42:C9:88:3D:E2:72:7C:AC:DA:4C:32:69:B9:65:88:E5
Certificate issuer: /CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Certificate serial: 019393190338137224714F8C96A3345903B2
Authority key identifier: 6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/tspFCELJiD3icnys2kwyablliOU.roa
Signing time: Wed 04 Dec 2024 19:15:10 +0000
ROA not before: Wed 04 Dec 2024 19:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214466
IP address blocks: 2a14:9400::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Dec 2024 14:22:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:19:03:38:13:72:24:71:4f:8c:96:a3:34:59:03:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Validity
Not Before: Dec 4 19:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6ca450842c9883de2727cacda4c3269b96588e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:53:2d:54:65:d7:7f:6c:41:51:82:09:1c:
6b:cd:5a:92:88:da:4d:78:6b:17:a0:a3:0e:f7:e7:
72:b2:d5:62:2e:fc:56:8d:e8:c0:ca:b9:05:0b:2f:
82:fb:c7:bd:71:e1:f7:1f:5f:40:c8:9d:bd:f2:e6:
47:fc:89:d5:d7:20:55:86:12:93:8d:fb:68:d7:9b:
e6:78:9c:76:e6:8a:a6:ab:85:4b:13:e0:33:d4:bc:
f3:9f:90:9a:e6:38:63:6f:bd:1a:44:a0:0a:42:25:
7f:79:fe:9e:74:81:1a:8a:ce:5d:86:b4:15:08:45:
b5:b8:8b:0d:e3:c7:07:48:db:63:fb:7c:28:76:c8:
6d:a7:14:2f:da:2e:d2:4a:06:ed:91:ea:81:b0:cf:
92:89:cb:93:48:20:ca:eb:2f:61:17:b9:72:6b:a5:
29:b8:b9:b4:83:41:97:b0:53:0e:66:5f:26:2e:0c:
b8:da:81:9b:71:28:0e:ac:ae:44:56:34:ab:7f:7f:
40:94:11:06:9a:d8:72:da:45:b3:de:0e:8c:71:1c:
db:87:2e:41:24:45:00:50:bc:41:14:9d:e9:68:4f:
a1:67:a0:a7:21:b2:e1:43:65:84:fa:47:d7:aa:48:
bc:0d:0d:1e:65:c3:2e:69:79:a4:cc:ce:9a:b9:94:
45:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CA:45:08:42:C9:88:3D:E2:72:7C:AC:DA:4C:32:69:B9:65:88:E5
X509v3 Authority Key Identifier:
keyid:6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/tspFCELJiD3icnys2kwyablliOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9400::/29
Signature Algorithm: sha256WithRSAEncryption
32:6e:78:6e:32:e3:00:70:83:e1:fa:f2:bd:3a:7f:f5:ad:11:
fe:80:fe:84:9f:ec:2b:6c:93:43:62:a3:bc:f1:d7:28:bd:a2:
a2:da:35:53:e3:60:46:fe:b3:a8:14:dc:46:c8:32:96:b8:18:
5e:6c:d5:b7:f9:25:9c:68:94:d3:79:bf:79:fb:ba:fa:5c:59:
e5:8f:69:ff:02:18:c0:b5:b2:52:43:5c:f0:54:54:e2:ea:57:
e6:be:87:d3:43:f0:53:ee:3a:24:10:ee:bf:4c:c0:30:75:34:
e5:9d:e8:15:8a:e0:d0:dc:57:7f:05:a2:61:85:db:08:66:94:
74:fb:2b:56:49:e8:d6:04:6e:55:f2:26:c5:aa:af:3b:3b:30:
c7:3c:22:70:55:cc:c0:fd:da:d3:30:75:14:e2:f5:da:e2:49:
b6:62:00:88:99:91:cd:4c:07:de:cd:03:8c:81:19:06:84:ab:
66:b5:d2:30:62:e3:fc:52:c5:3f:30:c0:a7:c3:2e:ed:51:db:
89:fb:63:64:65:99:a1:58:5b:49:71:42:06:68:4c:ab:a9:cc:
75:74:e0:27:9b:7e:df:18:b4:09:f9:82:15:65:28:3c:03:4b:
63:b6:f5:98:c2:b0:93:85:d8:48:c1:ec:db:2a:54:25:65:4d:
ec:d9:25:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOTGQM4E3IkcU+MlqM0WQOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTY0YTY0N2JkMmE1NTU3ZjcwZjY3NmFkY2M3NjkwNGZi
ODcyYWIwHhcNMjQxMjA0MTkxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmNhNDUwODQyYzk4ODNkZTI3MjdjYWNkYTRjMzI2OWI5NjU4OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdpTLVRl139sQVGCCRxrzVqSiNpN
eGsXoKMO9+dystViLvxWjejAyrkFCy+C+8e9ceH3H19AyJ298uZH/InV1yBVhhKT
jfto15vmeJx25oqmq4VLE+Az1Lzzn5Ca5jhjb70aRKAKQiV/ef6edIEais5dhrQV
CEW1uIsN48cHSNtj+3wodshtpxQv2i7SSgbtkeqBsM+SicuTSCDK6y9hF7lya6Up
uLm0g0GXsFMOZl8mLgy42oGbcSgOrK5EVjSrf39AlBEGmthy2kWz3g6McRzbhy5B
JEUAULxBFJ3paE+hZ6CnIbLhQ2WE+kfXqki8DQ0eZcMuaXmkzM6auZRFFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLbKRQhCyYg94nJ8rNpMMmm5ZYjlMB8GA1UdIwQY
MBaAFG+mSmR70qVVf3D2dq3MdpBPuHKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQt
ZTkxYjNhYmQxZmU4LzEvdHNwRkNFTEppRDNpY255czJrd3lhYmxsaU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQtZTkxYjNhYmQxZmU4
LzEvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSUADAN
BgkqhkiG9w0BAQsFAAOCAQEAMm54bjLjAHCD4fryvTp/9a0R/oD+hJ/sK2yTQ2Kj
vPHXKL2ioto1U+NgRv6zqBTcRsgylrgYXmzVt/klnGiU03m/efu6+lxZ5Y9p/wIY
wLWyUkNc8FRU4upX5r6H00PwU+46JBDuv0zAMHU05Z3oFYrg0NxXfwWiYYXbCGaU
dPsrVkno1gRuVfImxaqvOzswxzwicFXMwP3a0zB1FOL12uJJtmIAiJmRzUwH3s0D
jIEZBoSrZrXSMGLj/FLFPzDAp8Mu7VHbiftjZGWZoVhbSXFCBmhMq6nMdXTgJ5t+
3xi0CfmCFWUoPANLY7b1mMKwk4XYSMHs2ypUJWVN7Nkl3Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:34:31 2025 by rpki-client