Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/O9HtF46Oz_lpwjguGz7DrvKv6oA.roa
File: O9HtF46Oz_lpwjguGz7DrvKv6oA.roa (raw, json)
Hash identifier: W+bV8+DxKSZjTi+vL03Ta5/s4NH798TBfjlyh2KH0ig=
Subject key identifier: 3B:D1:ED:17:8E:8E:CF:F9:69:C2:38:2E:1B:3E:C3:AE:F2:AF:EA:80
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0190776D1F5B8B0A816D1A4F7BB207B4A650
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/O9HtF46Oz_lpwjguGz7DrvKv6oA.roa
Signing time: Wed 03 Jul 2024 07:09:18 +0000
ROA not before: Wed 03 Jul 2024 07:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214601
IP address blocks: 2a14:67c0:400::/44 maxlen: 44
2a14:67c0:400::/48 maxlen: 48
2a14:67c0:401::/48 maxlen: 48
2a14:67c0:402::/48 maxlen: 48
2a14:67c0:403::/48 maxlen: 48
2a14:67c0:404::/48 maxlen: 48
2a14:67c0:405::/48 maxlen: 48
2a14:67c0:406::/48 maxlen: 48
2a14:67c0:407::/48 maxlen: 48
2a14:67c0:408::/48 maxlen: 48
2a14:67c0:409::/48 maxlen: 48
2a14:67c0:40a::/48 maxlen: 48
2a14:67c0:40b::/48 maxlen: 48
2a14:67c0:40c::/48 maxlen: 48
2a14:67c0:40d::/48 maxlen: 48
2a14:67c0:40e::/48 maxlen: 48
2a14:67c0:40f::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Jul 2024 06:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:6d:1f:5b:8b:0a:81:6d:1a:4f:7b:b2:07:b4:a6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jul 3 07:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd1ed178e8ecff969c2382e1b3ec3aef2afea80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e5:9a:4d:71:7a:e6:2e:56:31:cb:4b:3e:f4:
87:19:4d:1c:62:18:70:2d:49:57:15:0f:c4:07:91:
2f:70:63:99:bb:53:ee:11:4a:df:04:79:9a:15:2c:
b3:e4:fe:5c:2e:7f:51:bc:f1:4d:c2:40:3f:c3:ef:
3f:f8:ca:c0:ee:f8:8c:c3:9e:5a:c1:a5:b2:38:3b:
74:c5:c5:eb:50:ea:f1:b8:58:be:a0:7d:60:c4:a7:
61:4f:a1:d0:27:cc:cc:30:e9:00:62:36:d1:36:74:
8d:65:bf:e2:e8:c3:b4:20:1e:a3:bd:28:e8:b4:77:
cb:1a:90:49:05:2e:fb:dd:2a:73:36:8e:cf:d1:d6:
18:e6:2c:e1:da:71:98:09:ac:75:b3:16:d8:31:c1:
f0:8c:6e:81:e9:43:a9:10:23:6a:f9:c3:4e:58:ed:
e7:5a:35:f7:da:b2:9f:0f:f6:a3:23:1b:4b:da:3f:
bf:3b:9c:82:b4:57:1d:2c:c6:ff:46:74:fd:7a:36:
a7:41:2b:4d:7b:ef:34:4f:12:64:5f:b6:aa:b6:e9:
2b:95:61:5d:8b:3d:a3:03:5c:3e:1a:7c:18:c6:20:
60:03:81:80:47:06:ff:61:05:e6:e7:df:1d:d8:31:
d3:9d:19:cc:9a:97:72:f9:9d:36:19:44:44:5e:8c:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D1:ED:17:8E:8E:CF:F9:69:C2:38:2E:1B:3E:C3:AE:F2:AF:EA:80
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/O9HtF46Oz_lpwjguGz7DrvKv6oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c0:400::/44
Signature Algorithm: sha256WithRSAEncryption
0c:40:64:3f:d7:3f:cf:ac:1a:3f:07:ee:3c:b9:70:49:eb:ee:
2a:ac:94:1a:69:75:77:89:f4:80:0e:54:e8:70:ef:36:6a:93:
3d:32:e1:e8:2b:97:85:51:6e:11:77:51:3a:28:f5:79:f0:d4:
be:fc:82:76:02:34:7d:a4:c0:fb:30:66:4e:25:ed:5c:7c:f8:
d4:5b:0c:f3:8d:8e:cb:b7:60:4a:f8:16:16:c0:3c:a1:66:f5:
e9:56:f5:19:83:97:3a:cb:b1:0c:7f:24:32:12:98:20:f5:64:
48:f6:e6:1b:b2:51:51:84:52:b5:08:70:80:0e:23:bb:04:ce:
1d:3c:b5:96:6e:43:5a:db:86:e5:d1:73:be:52:63:44:34:72:
0f:b2:a6:ba:39:97:a8:35:aa:5d:d6:aa:51:e0:11:23:8b:62:
24:bc:57:31:b8:7f:ba:04:63:31:19:f5:05:93:35:36:56:4e:
0b:01:0a:70:d2:51:35:ea:a0:30:75:ea:79:43:00:53:84:21:
2f:92:d5:79:f4:62:f9:8a:fd:6d:7e:bc:ef:53:bc:d1:16:1b:
47:b6:8f:03:33:04:38:5a:1b:95:fb:e4:28:10:9c:ed:f1:0c:
ff:96:a0:b8:08:dd:41:c1:f2:ba:ef:b2:ab:9f:72:04:4a:9a:
c8:5b:76:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZB3bR9biwqBbRpPe7IHtKZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNzAzMDcwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQxZWQxNzhlOGVjZmY5NjljMjM4MmUxYjNlYzNhZWYyYWZlYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eWaTXF65i5WMctLPvSHGU0cYhhw
LUlXFQ/EB5EvcGOZu1PuEUrfBHmaFSyz5P5cLn9RvPFNwkA/w+8/+MrA7viMw55a
waWyODt0xcXrUOrxuFi+oH1gxKdhT6HQJ8zMMOkAYjbRNnSNZb/i6MO0IB6jvSjo
tHfLGpBJBS773SpzNo7P0dYY5izh2nGYCax1sxbYMcHwjG6B6UOpECNq+cNOWO3n
WjX32rKfD/ajIxtL2j+/O5yCtFcdLMb/RnT9ejanQStNe+80TxJkX7aqtukrlWFd
iz2jA1w+GnwYxiBgA4GARwb/YQXm598d2DHTnRnMmpdy+Z02GUREXozCpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDvR7ReOjs/5acI4Lhs+w67yr+qAMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvTzlIdEY0Nk96X2xwd2pndUd6N0Rydkt2Nm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRnwAQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAMQGQ/1z/PrBo/B+48uXBJ6+4qrJQaaXV3ifSA
DlTocO82apM9MuHoK5eFUW4Rd1E6KPV58NS+/IJ2AjR9pMD7MGZOJe1cfPjUWwzz
jY7Lt2BK+BYWwDyhZvXpVvUZg5c6y7EMfyQyEpgg9WRI9uYbslFRhFK1CHCADiO7
BM4dPLWWbkNa24bl0XO+UmNENHIPsqa6OZeoNapd1qpR4BEji2IkvFcxuH+6BGMx
GfUFkzU2Vk4LAQpw0lE16qAwdep5QwBThCEvktV59GL5iv1tfrzvU7zRFhtHto8D
MwQ4WhuV++QoEJzt8Qz/lqC4CN1BwfK677Krn3IESprIW3bv
-----END CERTIFICATE-----
Generated at Thu Jul 4 08:53:55 2024 by rpki-client on console-ams.rpki-client.org