Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TmO79-z9jSEPi1AaeZKOY0t0CyQ.roa
File: TmO79-z9jSEPi1AaeZKOY0t0CyQ.roa (raw, json)
Hash identifier: eizNICk866XGhnm4cqBMducoEXR59d/yfQpNcVLCrAQ=
Subject key identifier: 4E:63:BB:F7:EC:FD:8D:21:0F:8B:50:1A:79:92:8E:63:4B:74:0B:24
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01919B371100679D3F541AF02785359A2661
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TmO79-z9jSEPi1AaeZKOY0t0CyQ.roa
Signing time: Wed 28 Aug 2024 22:59:22 +0000
ROA not before: Wed 28 Aug 2024 22:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0c:9a40:83c0::/48 maxlen: 48
2a0c:9a40:8a90::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 05 Sep 2024 22:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9b:37:11:00:67:9d:3f:54:1a:f0:27:85:35:9a:26:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Aug 28 22:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e63bbf7ecfd8d210f8b501a79928e634b740b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:a2:59:d9:82:8f:48:cd:88:dc:eb:55:2f:
d8:96:bb:66:11:fd:d5:7f:0a:5f:8f:19:c5:b2:ed:
ca:16:27:54:8a:79:1a:40:48:fd:32:38:c9:a5:4b:
9e:61:30:9c:32:e4:f9:67:23:b6:03:8d:d9:ec:e7:
0e:32:90:7f:a9:4c:3a:db:51:dc:05:c1:db:89:2b:
df:b7:6b:60:cf:ba:40:70:5e:62:c3:e7:aa:07:7f:
8e:fa:3f:65:27:0d:11:a0:e1:55:f0:64:59:61:6e:
41:06:51:dc:a0:dc:a3:0c:4c:ad:1a:45:74:66:c3:
a2:f7:48:64:b7:84:9c:a2:24:eb:7c:de:3b:08:4b:
bb:35:35:90:ad:86:5d:ce:1b:74:97:20:7e:cd:fc:
9a:ca:ca:be:ad:84:2e:12:f3:d4:4a:ea:a2:7a:16:
e5:06:25:b0:ed:ee:54:e6:8a:d0:97:1d:57:60:68:
aa:7a:e2:d2:88:80:ac:99:4f:e6:aa:ba:a2:60:52:
d1:0f:d4:39:90:99:b6:30:94:04:e3:b0:cb:c6:8a:
20:2a:1c:32:f7:5f:d8:37:85:3e:02:80:94:e1:8b:
67:af:47:5a:44:2f:1a:13:17:18:14:66:fc:40:f6:
60:74:85:87:62:14:30:21:7f:2a:19:4a:0d:8e:83:
a7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:63:BB:F7:EC:FD:8D:21:0F:8B:50:1A:79:92:8E:63:4B:74:0B:24
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TmO79-z9jSEPi1AaeZKOY0t0CyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:83c0::/48
2a0c:9a40:8a90::/48
Signature Algorithm: sha256WithRSAEncryption
a5:63:15:f2:6d:ba:44:7c:ca:4e:ae:63:3c:52:10:67:22:8b:
9c:32:64:8d:18:5a:d5:38:a6:58:41:13:7e:38:56:3a:30:8a:
63:2e:76:c4:d0:63:e9:88:e5:8d:f5:11:79:36:62:ab:7e:7e:
48:ae:06:9d:77:e8:52:93:ac:85:13:8e:13:d0:3a:2e:fd:33:
2b:c1:f0:02:9c:58:d5:6e:b2:22:c7:b9:4d:b1:0b:61:72:a0:
82:08:ca:30:0b:ea:f6:52:c7:7d:f7:a7:70:7c:f5:8c:aa:ac:
ca:58:43:10:04:fc:c1:b8:0f:61:9b:eb:7a:58:e5:45:39:bd:
8a:24:f2:34:25:9c:68:f2:fd:e7:28:24:4b:53:2d:79:bd:43:
88:f9:78:5c:d4:5d:5d:a1:02:3b:43:07:c1:f9:c9:0f:9e:a0:
c9:c9:c4:d7:73:a8:0f:b5:ea:ee:4b:89:77:b0:7b:a5:44:8a:
8c:26:48:7a:d5:46:e7:53:d3:ec:23:a1:85:b1:6d:52:b9:12:
1d:8f:c6:1e:89:a3:0f:e8:cf:35:ca:42:b6:7e:e9:6d:9c:6b:
42:10:53:dc:38:f7:60:88:1a:dc:a6:33:d0:6f:b9:f3:f4:f2:
33:e5:5a:ab:a5:b1:43:4d:50:63:03:22:73:12:9f:9b:95:97:
43:61:37:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGbNxEAZ50/VBrwJ4U1miZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwODI4MjI1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYzYmJmN2VjZmQ4ZDIxMGY4YjUwMWE3OTkyOGU2MzRiNzQwYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplSiWdmCj0jNiNzrVS/YlrtmEf3V
fwpfjxnFsu3KFidUinkaQEj9MjjJpUueYTCcMuT5ZyO2A43Z7OcOMpB/qUw621Hc
BcHbiSvft2tgz7pAcF5iw+eqB3+O+j9lJw0RoOFV8GRZYW5BBlHcoNyjDEytGkV0
ZsOi90hkt4ScoiTrfN47CEu7NTWQrYZdzht0lyB+zfyaysq+rYQuEvPUSuqiehbl
BiWw7e5U5orQlx1XYGiqeuLSiICsmU/mqrqiYFLRD9Q5kJm2MJQE47DLxoogKhwy
91/YN4U+AoCU4Ytnr0daRC8aExcYFGb8QPZgdIWHYhQwIX8qGUoNjoOnKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE5ju/fs/Y0hD4tQGnmSjmNLdAskMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvVG1PNzktejlqU0VQaTFBYWVaS09ZMHQwQ3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQIPA
AwcAKgyaQIqQMA0GCSqGSIb3DQEBCwUAA4IBAQClYxXybbpEfMpOrmM8UhBnIouc
MmSNGFrVOKZYQRN+OFY6MIpjLnbE0GPpiOWN9RF5NmKrfn5Irgadd+hSk6yFE44T
0Dou/TMrwfACnFjVbrIix7lNsQthcqCCCMowC+r2Usd996dwfPWMqqzKWEMQBPzB
uA9hm+t6WOVFOb2KJPI0JZxo8v3nKCRLUy15vUOI+Xhc1F1doQI7QwfB+ckPnqDJ
ycTXc6gPteruS4l3sHulRIqMJkh61UbnU9PsI6GFsW1SuRIdj8YeiaMP6M81ykK2
fultnGtCEFPcOPdgiBrcpjPQb7nz9PIz5VqrpbFDTVBjAyJzEp+blZdDYTeI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:11 2025 by rpki-client