Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/4MqdBIc-pPXfXtLL3f89KHv_KOY.roa
File: 4MqdBIc-pPXfXtLL3f89KHv_KOY.roa (raw, json)
Hash identifier: LGg7iBsRI9Qt6D12QEc65kBRQWvekgJfFJ89rfcRzlM=
Subject key identifier: E0:CA:9D:04:87:3E:A4:F5:DF:5E:D2:CB:DD:FF:3D:28:7B:FF:28:E6
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0193E485E433B86FC72CC9808C027090157D
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/4MqdBIc-pPXfXtLL3f89KHv_KOY.roa
Signing time: Fri 20 Dec 2024 14:43:20 +0000
ROA not before: Fri 20 Dec 2024 14:43:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216127
IP address blocks: 2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:85:e4:33:b8:6f:c7:2c:c9:80:8c:02:70:90:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Dec 20 14:43:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0ca9d04873ea4f5df5ed2cbddff3d287bff28e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f9:d3:63:67:a1:66:11:b8:a0:5e:d1:85:f4:
e6:b5:a4:1a:a6:79:d3:24:6d:2f:aa:72:30:29:df:
48:51:7f:82:ca:70:24:23:e0:4d:69:d5:da:f7:d7:
df:bc:14:76:47:b8:f5:f0:e0:a2:12:df:01:a2:c8:
3f:e3:f8:f6:56:3a:e9:1e:96:7d:61:9e:84:60:8e:
9c:33:46:a2:ad:01:36:83:66:0f:ae:3d:42:3c:fc:
b5:4f:5d:f5:c4:92:95:18:22:e4:cf:18:80:79:11:
ba:b1:56:0f:c0:f3:62:f8:ad:58:b0:7f:39:00:8f:
06:ed:15:c3:89:81:5f:71:6d:cf:81:e3:ac:f4:bc:
38:64:30:5e:04:ef:8b:cc:dd:2e:75:f4:b0:5d:79:
6c:89:d4:b6:f8:fe:1d:c3:36:3a:98:b8:2b:bd:8d:
92:68:54:1d:25:d3:dd:d7:ef:4b:02:ef:cc:28:ec:
75:c5:61:fb:ec:c9:fb:e5:2d:cc:0f:7a:d9:76:3c:
ea:6f:73:ca:54:04:61:87:a9:63:0a:74:6c:49:79:
a0:2e:1d:b6:5e:eb:70:da:8b:5d:db:43:cf:1d:0e:
7d:1e:4f:20:cc:f8:de:00:38:0b:63:0f:37:4d:35:
a5:6f:13:db:05:d3:e5:a4:45:69:a7:07:8d:f6:ba:
34:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CA:9D:04:87:3E:A4:F5:DF:5E:D2:CB:DD:FF:3D:28:7B:FF:28:E6
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/4MqdBIc-pPXfXtLL3f89KHv_KOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:13::-2a0d:d940:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:2e:20:74:99:ae:c7:38:90:1d:68:b6:fb:19:21:09:df:ab:
7e:c2:fc:ee:eb:24:1f:5d:cf:a8:23:8d:5d:f7:48:ca:12:61:
db:d2:15:84:ea:d7:9f:60:00:64:bc:f9:f9:75:fd:ee:13:02:
59:96:23:9d:07:f1:52:c1:d5:bf:d2:02:5a:21:9d:d6:04:0b:
5f:c9:bd:51:30:c0:2d:96:42:6d:e2:9e:24:6a:32:0c:52:c4:
22:10:be:8e:3a:d9:01:21:69:e0:70:16:3f:79:1f:7c:7b:80:
d9:ce:20:9f:70:22:57:55:24:a7:58:94:ae:4f:f7:3f:bf:3b:
69:f3:71:ea:d1:d1:db:fe:43:5a:f1:54:4c:72:46:21:e2:60:
c0:9b:92:10:52:e5:74:5c:26:ea:4e:30:3b:95:e4:d4:8b:13:
c9:56:a5:ea:c4:d0:be:38:f8:ba:4f:e3:e3:07:e8:76:2a:40:
b8:3b:80:3c:af:63:6c:53:17:c0:e8:15:8d:24:3d:b3:73:57:
bd:80:6d:c7:05:0c:a8:1e:b8:7d:69:7e:d7:1c:09:21:ae:35:
c1:10:29:57:e7:63:0f:e3:f4:c8:24:41:e4:c9:06:40:5a:68:
2e:69:85:b0:a3:58:c9:ed:c1:79:6a:b3:35:d0:89:01:9f:54:
9f:d8:97:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPkheQzuG/HLMmAjAJwkBV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjQxMjIwMTQ0MzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNhOWQwNDg3M2VhNGY1ZGY1ZWQyY2JkZGZmM2QyODdiZmYyOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/nTY2ehZhG4oF7RhfTmtaQapnnT
JG0vqnIwKd9IUX+CynAkI+BNadXa99ffvBR2R7j18OCiEt8Bosg/4/j2VjrpHpZ9
YZ6EYI6cM0airQE2g2YPrj1CPPy1T131xJKVGCLkzxiAeRG6sVYPwPNi+K1YsH85
AI8G7RXDiYFfcW3PgeOs9Lw4ZDBeBO+LzN0udfSwXXlsidS2+P4dwzY6mLgrvY2S
aFQdJdPd1+9LAu/MKOx1xWH77Mn75S3MD3rZdjzqb3PKVARhh6ljCnRsSXmgLh22
Xutw2otd20PPHQ59Hk8gzPjeADgLYw83TTWlbxPbBdPlpEVppweN9ro0SwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFODKnQSHPqT1317Sy93/PSh7/yjmMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvNE1xZEJJYy1wUFhmWHRMTDNmODlLSHZfS09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDdlA
ABMDBwAqDdlAABQwDQYJKoZIhvcNAQELBQADggEBAEkuIHSZrsc4kB1otvsZIQnf
q37C/O7rJB9dz6gjjV33SMoSYdvSFYTq159gAGS8+fl1/e4TAlmWI50H8VLB1b/S
AlohndYEC1/JvVEwwC2WQm3iniRqMgxSxCIQvo462QEhaeBwFj95H3x7gNnOIJ9w
IldVJKdYlK5P9z+/O2nzcerR0dv+Q1rxVExyRiHiYMCbkhBS5XRcJupOMDuV5NSL
E8lWperE0L44+LpP4+MH6HYqQLg7gDyvY2xTF8DoFY0kPbNzV72AbccFDKgeuH1p
ftccCSGuNcEQKVfnYw/j9MgkQeTJBkBaaC5phbCjWMntwXlqszXQiQGfVJ/Yl5c=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:15:12 2025 by rpki-client