Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OXfJOJ2SUwUUgGLb_eQp8j0PxTw.roa
File: OXfJOJ2SUwUUgGLb_eQp8j0PxTw.roa (raw, json)
Hash identifier: 91zq9VZl55BSrYZPp63PFiwul/OtrGDTAuAwx1Qd1Sg=
Subject key identifier: 39:77:C9:38:9D:92:53:05:14:80:62:DB:FD:E4:29:F2:3D:0F:C5:3C
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0190A2A92C2D56A4FF488AF7A0DD4E50BDA2
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OXfJOJ2SUwUUgGLb_eQp8j0PxTw.roa
Signing time: Thu 11 Jul 2024 16:38:34 +0000
ROA not before: Thu 11 Jul 2024 16:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215355
IP address blocks: 2a14:67c0:100::/40 maxlen: 40
2a14:67c0:100::/48 maxlen: 48
2a14:67c0:101::/48 maxlen: 48
2a14:67c0:102::/48 maxlen: 48
2a14:67c0:103::/48 maxlen: 48
2a14:67c0:104::/48 maxlen: 48
2a14:67c0:105::/48 maxlen: 48
2a14:67c0:110::/44 maxlen: 44
2a14:67c0:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 18 Jul 2024 18:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:a9:2c:2d:56:a4:ff:48:8a:f7:a0:dd:4e:50:bd:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jul 11 16:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3977c9389d925305148062dbfde429f23d0fc53c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:de:2e:8a:00:8e:54:a5:a5:57:26:19:87:14:
8e:bf:4c:c4:10:50:22:7a:db:52:d6:10:f4:f6:55:
90:fe:b5:8d:09:fa:13:31:ef:36:1d:56:9e:50:67:
23:b7:66:56:de:4b:9c:09:7e:56:98:80:dc:fa:ea:
42:2a:f8:2c:e6:0e:ae:3f:67:af:65:36:cd:2a:f0:
d8:61:31:56:ee:e5:48:ee:05:a3:f2:94:31:b0:f5:
96:7a:43:a8:b6:a2:55:e6:a6:98:6c:aa:b5:46:a0:
9c:57:e7:36:7f:05:62:31:99:08:b8:33:15:f0:1b:
c1:c3:8c:28:9c:47:8b:71:8b:9a:77:8f:70:b6:a1:
43:60:f2:ad:09:ec:20:77:9d:45:2a:02:c9:e9:e1:
38:b5:93:3f:e0:e6:c1:14:73:f6:0e:24:df:09:47:
b9:1a:cc:a0:46:51:1b:2d:20:d7:d5:c5:49:81:e3:
77:48:0f:c2:c7:0b:64:f8:ae:45:1c:b7:f2:b2:95:
f2:f2:98:1a:06:ba:f6:4b:88:98:71:7a:46:bc:82:
06:f9:50:0b:e0:84:bd:25:3c:19:b9:ce:27:ae:5c:
12:0a:b2:13:02:e7:10:b5:99:4f:b7:1e:01:62:55:
24:e5:5f:7c:25:fc:19:69:55:1e:85:8d:2d:ce:dd:
43:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:77:C9:38:9D:92:53:05:14:80:62:DB:FD:E4:29:F2:3D:0F:C5:3C
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/OXfJOJ2SUwUUgGLb_eQp8j0PxTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c0:100::-2a14:67c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:f9:4e:51:ec:e0:61:77:23:61:4a:5a:56:b1:b6:61:ba:51:
a8:d0:91:cd:be:7c:ce:d0:02:14:4d:34:eb:84:86:26:49:d0:
c7:d0:c0:ce:0b:78:16:ce:58:b8:2c:1a:8d:58:51:de:c5:6d:
02:e8:03:dd:dd:51:1b:aa:e0:31:4e:53:fc:48:28:e6:71:d0:
ff:b1:a3:62:31:f7:d7:0b:ee:91:77:4e:d2:63:b7:99:52:60:
44:db:07:df:6c:af:34:f3:a7:4f:77:ae:42:0e:1b:d9:e5:b7:
c3:71:d9:77:76:36:b2:4f:44:c8:4f:11:ce:0f:95:59:11:59:
90:b0:0f:60:59:f5:38:e3:82:16:1d:f5:71:88:3b:ce:55:93:
55:3c:9d:af:2b:d1:c4:7b:2c:09:bd:c3:cb:69:c4:48:62:4c:
79:c7:20:ec:39:c4:78:6f:b5:c5:ee:4c:28:ea:0f:5f:1d:32:
82:f2:42:25:f0:1c:a6:2b:a0:eb:63:29:6c:03:bd:2f:3c:da:
af:49:c4:10:6d:33:8d:22:5b:e4:cf:76:a5:f0:8e:ee:6f:71:
09:21:f9:44:0e:ac:69:52:d2:d6:c5:88:e4:c8:3a:b5:02:aa:
22:e6:ca:76:55:44:d9:cd:d1:a9:eb:21:c3:a2:e9:12:53:62:
56:40:d1:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCiqSwtVqT/SIr3oN1OUL2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNzExMTYzODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc3YzkzODlkOTI1MzA1MTQ4MDYyZGJmZGU0MjlmMjNkMGZjNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld4uigCOVKWlVyYZhxSOv0zEEFAi
ettS1hD09lWQ/rWNCfoTMe82HVaeUGcjt2ZW3kucCX5WmIDc+upCKvgs5g6uP2ev
ZTbNKvDYYTFW7uVI7gWj8pQxsPWWekOotqJV5qaYbKq1RqCcV+c2fwViMZkIuDMV
8BvBw4wonEeLcYuad49wtqFDYPKtCewgd51FKgLJ6eE4tZM/4ObBFHP2DiTfCUe5
GsygRlEbLSDX1cVJgeN3SA/Cxwtk+K5FHLfyspXy8pgaBrr2S4iYcXpGvIIG+VAL
4IS9JTwZuc4nrlwSCrITAucQtZlPtx4BYlUk5V98JfwZaVUehY0tzt1DXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDl3yTidklMFFIBi2/3kKfI9D8U8MB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvT1hmSk9KMlNVd1VVZ0dMYl9lUXA4ajBQeFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqFGfA
AQMGACoUZ8ACMA0GCSqGSIb3DQEBCwUAA4IBAQAO+U5R7OBhdyNhSlpWsbZhulGo
0JHNvnzO0AIUTTTrhIYmSdDH0MDOC3gWzli4LBqNWFHexW0C6APd3VEbquAxTlP8
SCjmcdD/saNiMffXC+6Rd07SY7eZUmBE2wffbK8086dPd65CDhvZ5bfDcdl3djay
T0TITxHOD5VZEVmQsA9gWfU444IWHfVxiDvOVZNVPJ2vK9HEeywJvcPLacRIYkx5
xyDsOcR4b7XF7kwo6g9fHTKC8kIl8BymK6DrYylsA70vPNqvScQQbTONIlvkz3al
8I7ub3EJIflEDqxpUtLWxYjkyDq1Aqoi5sp2VUTZzdGp6yHDoukSU2JWQNE3
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:10:51 2024 by rpki-client on console-fra.rpki-client.org