Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/C4tKYS2UNTd3PCJLmXS5bGq_04I.roa
File: C4tKYS2UNTd3PCJLmXS5bGq_04I.roa (raw, json)
Hash identifier: 0Fqewyb/+i2KHPqONe/4rwGP9IOmJqHd8Wjr7paxL2s=
Subject key identifier: 0B:8B:4A:61:2D:94:35:37:77:3C:22:4B:99:74:B9:6C:6A:BF:D3:82
Certificate issuer: /CN=fa4e405359a2131708fc02438d472568e2c03470
Certificate serial: 0193BB2058A7A988307E08BF59F5E1969EBA
Authority key identifier: FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/C4tKYS2UNTd3PCJLmXS5bGq_04I.roa
Signing time: Thu 12 Dec 2024 13:47:59 +0000
ROA not before: Thu 12 Dec 2024 13:47:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 2a10:8802::/36 maxlen: 36
2a10:8804::/36 maxlen: 36
2a10:8804:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:20:58:a7:a9:88:30:7e:08:bf:59:f5:e1:96:9e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa4e405359a2131708fc02438d472568e2c03470
Validity
Not Before: Dec 12 13:47:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b8b4a612d943537773c224b9974b96c6abfd382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6f:8a:c4:8e:fb:74:d1:c4:d4:6c:23:b1:20:
3b:71:02:3c:22:2d:84:f4:54:f3:37:95:09:07:c9:
31:de:e1:d8:7f:ff:63:18:e3:c3:77:e1:0d:30:a2:
4b:c2:b6:ff:df:98:2f:9a:06:40:80:14:5e:3b:0f:
bd:bd:a9:87:0c:9c:32:57:5f:12:a1:c0:12:42:9b:
52:4a:a5:da:9a:2b:ea:16:22:6c:76:4b:c2:db:43:
d9:9b:08:40:28:b7:b0:ad:e0:b3:ac:87:e1:1f:01:
b6:17:46:6a:79:40:a1:f9:39:2d:c6:d2:19:37:eb:
e4:a1:3c:97:bd:be:5a:18:90:39:e0:bc:92:42:13:
05:e3:60:6f:13:90:28:a0:88:2a:ad:d7:50:a1:f2:
b3:8c:06:00:fa:38:17:d3:ef:97:12:c6:49:34:83:
0d:60:7a:1c:7f:fb:f5:04:03:d1:68:dc:9d:4a:ba:
4d:59:9b:02:35:e4:bd:2b:d2:c5:89:a5:df:fd:35:
17:af:35:25:c1:d3:bd:80:30:bf:f5:68:65:d8:e5:
5e:e3:bf:b2:9f:5f:19:7e:55:f1:89:7e:07:da:20:
2a:5d:19:63:73:8c:45:e6:97:58:11:f4:50:05:47:
d6:7c:33:ba:38:06:54:a7:4b:99:09:6c:69:d1:7a:
e2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8B:4A:61:2D:94:35:37:77:3C:22:4B:99:74:B9:6C:6A:BF:D3:82
X509v3 Authority Key Identifier:
keyid:FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/C4tKYS2UNTd3PCJLmXS5bGq_04I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/1-k5AU1miExcI_AJDjUclaOLANHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8802::/36
2a10:8804::/36
2a10:8804:2000::/36
Signature Algorithm: sha256WithRSAEncryption
94:1a:73:9d:9f:24:86:97:ff:92:93:65:be:7d:b5:1d:e9:f6:
7b:dc:8c:78:83:9f:d8:2c:76:6b:72:44:b7:61:82:29:91:65:
a2:34:32:72:e0:19:71:1b:16:00:d2:76:d5:e2:1e:8b:93:0d:
49:6e:55:b2:78:1d:ba:06:0d:65:8a:bc:77:24:24:43:8a:4b:
4d:ab:ef:fe:c0:e4:be:b4:fa:1c:86:b4:50:6d:22:fc:55:e5:
58:b0:4e:56:17:77:f1:b7:4a:73:d0:4c:2b:58:8e:b7:a8:88:
4a:1c:4a:ac:2d:5d:f7:51:47:21:e1:ca:05:b9:06:08:c0:5e:
6f:78:97:63:23:70:06:82:e4:05:6e:ae:a8:63:a5:7f:10:bf:
c1:df:05:82:ac:5a:47:a7:a6:21:1e:e0:da:24:db:a4:e1:9c:
ea:5a:a0:40:b9:d6:00:0e:ea:c9:8b:8c:79:41:db:71:83:1f:
57:82:d1:3c:3e:ec:19:18:fc:38:bc:c4:da:b3:ba:cd:b1:e8:
eb:06:ef:bc:3a:7f:00:9c:4a:c6:68:b1:72:fe:b7:98:c1:c3:
cf:0c:f2:6e:46:25:80:1d:f5:ac:58:6d:9e:1a:ef:c1:3c:12:
8a:71:cc:45:9b:46:50:4b:9a:55:78:20:df:b7:30:c0:6e:2c:
a4:70:d9:3d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZO7IFinqYgwfgi/WfXhlp66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNGU0MDUzNTlhMjEzMTcwOGZjMDI0MzhkNDcyNTY4ZTJj
MDM0NzAwHhcNMjQxMjEyMTM0NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjhiNGE2MTJkOTQzNTM3NzczYzIyNGI5OTc0Yjk2YzZhYmZkMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW+KxI77dNHE1GwjsSA7cQI8Ii2E
9FTzN5UJB8kx3uHYf/9jGOPDd+ENMKJLwrb/35gvmgZAgBReOw+9vamHDJwyV18S
ocASQptSSqXamivqFiJsdkvC20PZmwhAKLewreCzrIfhHwG2F0ZqeUCh+TktxtIZ
N+vkoTyXvb5aGJA54LySQhMF42BvE5AooIgqrddQofKzjAYA+jgX0++XEsZJNIMN
YHocf/v1BAPRaNydSrpNWZsCNeS9K9LFiaXf/TUXrzUlwdO9gDC/9Whl2OVe47+y
n18ZflXxiX4H2iAqXRljc4xF5pdYEfRQBUfWfDO6OAZUp0uZCWxp0XriuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAuLSmEtlDU3dzwiS5l0uWxqv9OCMB8GA1UdIwQY
MBaAFPpOQFNZohMXCPwCQ41HJWjiwDRwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rNUFVMW1pRXhjSV9BSkRqVWNsYU9MQU5IQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0
LWI4MThmYWVjYjcxNy8xL0M0dEtZUzJVTlRkM1BDSkxtWFM1YkdxXzA0SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0LWI4MThmYWVjYjcx
Ny8xLzEtazVBVTFtaUV4Y0lfQUpEalVjbGFPTEFOSEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgACMBgDBgQqEIgC
AAMGBCoQiAQAAwYEKhCIBCAwDQYJKoZIhvcNAQELBQADggEBAJQac52fJIaX/5KT
Zb59tR3p9nvcjHiDn9gsdmtyRLdhgimRZaI0MnLgGXEbFgDSdtXiHouTDUluVbJ4
HboGDWWKvHckJEOKS02r7/7A5L60+hyGtFBtIvxV5ViwTlYXd/G3SnPQTCtYjreo
iEocSqwtXfdRRyHhygW5BgjAXm94l2MjcAaC5AVurqhjpX8Qv8HfBYKsWkenpiEe
4Nok26ThnOpaoEC51gAO6smLjHlB23GDH1eC0Tw+7BkY/Di8xNqzus2x6OsG77w6
fwCcSsZosXL+t5jBw88M8m5GJYAd9axYbZ4a78E8EopxzEWbRlBLmlV4IN+3MMBu
LKRw2T0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:50 2025 by rpki-client