Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O-TMPGLmXuWOuvIRvwpMHzYIWqM.roa
File: O-TMPGLmXuWOuvIRvwpMHzYIWqM.roa (raw, json)
Hash identifier: HP3MkBUWSCu8nlgP3nAQiRrLtEan02aBxoJqGmkOHDs=
Subject key identifier: 3B:E4:CC:3C:62:E6:5E:E5:8E:BA:F2:11:BF:0A:4C:1F:36:08:5A:A3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D4070BADE4692B5ECCD8F28CA5FE
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O-TMPGLmXuWOuvIRvwpMHzYIWqM.roa
Signing time: Mon 01 Jan 2024 20:30:50 +0000
ROA not before: Mon 01 Jan 2024 20:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 2a0c:9a40:9c10::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jan 2024 16:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d4:07:0b:ad:e4:69:2b:5e:cc:d8:f2:8c:a5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be4cc3c62e65ee58ebaf211bf0a4c1f36085aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:06:55:6c:1b:b8:ae:0c:07:52:5f:4c:a6:
bc:86:c3:aa:9a:6c:45:df:65:74:3f:f8:4e:4d:84:
71:5f:b8:b4:70:72:47:35:fa:3f:6d:15:a2:47:1b:
b2:e1:5e:78:07:55:f1:74:42:0d:11:15:b9:e4:3f:
43:b2:2d:e3:1d:69:4b:2f:10:f6:ae:44:98:d6:50:
75:3d:1f:d0:4f:88:d9:33:94:35:81:66:9b:56:ef:
0f:51:2f:ae:52:05:06:37:10:20:57:ab:9d:1c:81:
22:ba:1f:37:f0:60:db:81:1b:6f:44:f1:a5:49:69:
ff:b0:0d:37:2d:25:11:b2:39:81:59:24:fe:5c:04:
19:63:07:0a:8f:da:43:df:4b:6c:a3:52:8a:e9:0c:
8b:fc:2f:a6:d3:b3:c5:c7:07:cb:a3:62:20:f8:dd:
61:d6:2f:cc:66:17:2f:83:73:74:50:81:af:ac:f7:
dc:64:5d:43:92:7b:8f:09:11:15:f0:66:c3:11:8a:
dc:d1:b1:81:2e:37:02:69:a2:04:68:8e:b0:52:f6:
50:78:47:05:09:14:1e:bf:91:ae:1b:54:70:35:09:
51:b9:f5:07:81:8f:d6:c6:67:89:68:a6:2c:15:d4:
df:bc:f5:8d:c1:45:ca:2b:13:db:3f:cd:d9:10:f6:
34:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E4:CC:3C:62:E6:5E:E5:8E:BA:F2:11:BF:0A:4C:1F:36:08:5A:A3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/O-TMPGLmXuWOuvIRvwpMHzYIWqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9c10::/44
Signature Algorithm: sha256WithRSAEncryption
d0:e0:04:b9:ac:4c:62:c9:9f:15:1d:ce:0f:6d:5b:50:32:c1:
68:b0:9e:96:8a:e8:8b:30:6a:59:f9:a3:48:0c:03:8b:bb:b4:
c7:d4:b4:60:91:17:47:ff:73:00:66:7a:76:48:6f:ac:2e:1e:
90:0c:c5:10:39:74:8d:5d:68:72:f5:11:4d:ad:dc:96:b2:bd:
3a:fc:3a:1f:f3:ac:c2:51:9f:52:76:d6:e9:ac:0e:86:f9:4d:
41:42:b6:d2:9d:48:fa:0d:75:7e:69:5c:53:b9:ca:e7:3f:aa:
11:a5:c3:39:0c:e8:b5:5d:60:3f:d3:a1:e7:e2:d6:11:3b:5b:
86:65:50:40:e1:e9:33:2d:6b:06:77:77:3a:80:0b:c4:00:91:
d7:b4:b6:18:fe:bd:75:8d:5e:e0:2e:cb:2b:f7:a6:db:35:2b:
cf:ac:69:4f:06:d0:9e:6e:e4:87:0e:d3:fb:e1:f2:f7:27:ff:
76:b6:8a:59:62:65:27:87:51:51:b5:c8:6e:b0:bf:ea:16:28:
26:90:46:3d:58:fd:f5:64:f6:66:77:fe:e8:99:09:6f:d0:3a:
02:ea:99:3b:1e:02:65:ca:e4:2e:40:68:41:5a:9f:a2:86:aa:
e7:30:ef:22:ad:ff:6c:eb:ef:5b:02:67:f3:a2:a6:77:e1:4b:
dd:12:36:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuNQHC63kaStezNjyjKX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU0Y2MzYzYyZTY1ZWU1OGViYWYyMTFiZjBhNGMxZjM2MDg1YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHgGVWwbuK4MB1JfTKa8hsOqmmxF
32V0P/hOTYRxX7i0cHJHNfo/bRWiRxuy4V54B1XxdEINERW55D9Dsi3jHWlLLxD2
rkSY1lB1PR/QT4jZM5Q1gWabVu8PUS+uUgUGNxAgV6udHIEiuh838GDbgRtvRPGl
SWn/sA03LSURsjmBWST+XAQZYwcKj9pD30tso1KK6QyL/C+m07PFxwfLo2Ig+N1h
1i/MZhcvg3N0UIGvrPfcZF1DknuPCREV8GbDEYrc0bGBLjcCaaIEaI6wUvZQeEcF
CRQev5GuG1RwNQlRufUHgY/WxmeJaKYsFdTfvPWNwUXKKxPbP83ZEPY0WQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDvkzDxi5l7ljrryEb8KTB82CFqjMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTy1UTVBHTG1YdVdPdXZJUnZ3cE1IellJV3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQJwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDQ4AS5rExiyZ8VHc4PbVtQMsFosJ6WiuiLMGpZ
+aNIDAOLu7TH1LRgkRdH/3MAZnp2SG+sLh6QDMUQOXSNXWhy9RFNrdyWsr06/Dof
86zCUZ9SdtbprA6G+U1BQrbSnUj6DXV+aVxTucrnP6oRpcM5DOi1XWA/06Hn4tYR
O1uGZVBA4ekzLWsGd3c6gAvEAJHXtLYY/r11jV7gLssr96bbNSvPrGlPBtCebuSH
DtP74fL3J/92topZYmUnh1FRtchusL/qFigmkEY9WP31ZPZmd/7omQlv0DoC6pk7
HgJlyuQuQGhBWp+ihqrnMO8irf9s6+9bAmfzoqZ34UvdEja1
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:17 2025 by rpki-client