Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/tlKwYqsGNFFDOQUe0mrFotYXt7c.roa
File: tlKwYqsGNFFDOQUe0mrFotYXt7c.roa (raw, json)
Hash identifier: wg1kRRDZuK6BA4VWbJ1T1AEiaNcrSpqfIqslPNHETNQ=
Subject key identifier: B6:52:B0:62:AB:06:34:51:43:39:05:1E:D2:6A:C5:A2:D6:17:B7:B7
Certificate issuer: /CN=ab9b9d6e6ac282e8c10000cc3dbc4adf3fe01fe2
Certificate serial: 018CC49379F18138568EEF772B4E5F8CD56C
Authority key identifier: AB:9B:9D:6E:6A:C2:82:E8:C1:00:00:CC:3D:BC:4A:DF:3F:E0:1F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5udbmrCgujBAADMPbxK3z_gH-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/tlKwYqsGNFFDOQUe0mrFotYXt7c.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207278
IP address blocks: 2001:678:cd0::/48 maxlen: 49
2001:678:cd8::/48 maxlen: 49
2001:678:cd4::/48 maxlen: 49
2001:67c:15c0::/48 maxlen: 49
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:79:f1:81:38:56:8e:ef:77:2b:4e:5f:8c:d5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9b9d6e6ac282e8c10000cc3dbc4adf3fe01fe2
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b652b062ab0634514339051ed26ac5a2d617b7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:0a:72:10:9b:b1:fa:3a:57:6e:22:a1:0f:
fa:d9:20:41:f3:bf:82:3d:2b:d3:74:f8:6f:fb:99:
a3:4a:8c:52:21:42:0b:4b:b1:9f:4b:56:50:54:0d:
f6:f9:d8:57:c7:50:ed:d7:4e:57:49:45:7c:10:64:
74:92:c3:71:66:36:f8:9a:55:db:59:2d:fc:c7:c1:
64:7a:6a:8d:3c:ed:30:ec:a0:95:de:e3:8b:ce:5f:
65:51:67:c8:9b:1e:53:21:c1:da:ff:b1:6f:46:d0:
0e:83:ed:41:f7:69:14:98:e7:ff:d4:22:49:30:33:
9e:c3:a6:42:28:a5:29:fa:04:18:02:ae:4f:58:5e:
97:1d:bf:cf:96:38:85:a8:85:67:35:d6:92:ce:0a:
d9:b6:ef:97:03:e8:5d:b8:34:8e:5a:1a:48:7e:20:
6a:2d:0d:72:9e:bc:f9:e9:03:8a:1b:bc:49:6c:e1:
83:fa:df:a6:9f:f7:ba:20:d5:aa:3c:97:c5:37:8b:
f6:fe:e9:3a:65:37:be:35:02:8c:ae:75:b8:d7:67:
68:bd:21:73:13:80:b5:f1:d2:ee:31:59:c9:75:aa:
6d:f2:4c:40:aa:d6:ed:04:6d:51:4d:f9:62:46:04:
61:ae:20:22:94:d6:55:1a:74:61:d2:7c:f4:f5:d7:
82:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:52:B0:62:AB:06:34:51:43:39:05:1E:D2:6A:C5:A2:D6:17:B7:B7
X509v3 Authority Key Identifier:
keyid:AB:9B:9D:6E:6A:C2:82:E8:C1:00:00:CC:3D:BC:4A:DF:3F:E0:1F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5udbmrCgujBAADMPbxK3z_gH-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/tlKwYqsGNFFDOQUe0mrFotYXt7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/q5udbmrCgujBAADMPbxK3z_gH-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cd0::/48
2001:678:cd4::/48
2001:678:cd8::/48
2001:67c:15c0::/48
Signature Algorithm: sha256WithRSAEncryption
5b:44:4c:6b:19:ce:4e:84:26:94:76:96:0e:9e:4c:96:24:76:
51:f6:c7:8a:2e:82:0c:b7:5e:3e:63:b8:6a:1c:06:84:52:16:
73:d7:79:d8:9f:7f:39:e2:23:12:ab:b5:7a:55:bb:f0:b3:55:
44:48:ae:28:b1:9b:35:a7:b1:e5:6b:0a:9e:7b:fb:d0:65:54:
af:51:d5:51:6a:da:98:ac:1f:8c:26:45:21:cd:bd:c1:05:2e:
a4:68:1d:28:7b:d9:85:8c:5f:8d:cd:da:b6:8a:a8:46:34:fb:
a0:6b:a2:26:71:38:a6:df:15:ef:31:7b:fa:ea:d1:f3:8b:2d:
c3:f3:95:cc:e1:aa:71:4e:75:b8:4a:a7:85:f2:d5:5e:77:18:
12:ec:8d:bc:f2:dc:6c:a6:41:8b:33:0f:25:23:fc:7d:6c:af:
17:12:e1:ab:af:83:26:57:c1:67:db:2c:72:9a:27:b9:9f:b0:
d4:37:da:41:62:89:47:06:b0:2e:db:25:c1:98:56:de:98:24:
e3:d5:4d:4c:fb:ff:61:2a:8c:ed:0c:88:3d:d6:30:88:f4:11:
00:d0:48:ce:d4:ce:fa:46:9e:dc:60:0c:8b:3f:eb:3b:a5:31:
0c:92:2a:88:08:b1:f1:ae:c6:9c:81:ac:1b:57:21:ac:73:68:
55:0f:96:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEk3nxgThWju93K05fjNVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWI5ZDZlNmFjMjgyZThjMTAwMDBjYzNkYmM0YWRmM2Zl
MDFmZTIwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjUyYjA2MmFiMDYzNDUxNDMzOTA1MWVkMjZhYzVhMmQ2MTdiN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzakKchCbsfo6V24ioQ/62SBB87+C
PSvTdPhv+5mjSoxSIUILS7GfS1ZQVA32+dhXx1Dt105XSUV8EGR0ksNxZjb4mlXb
WS38x8FkemqNPO0w7KCV3uOLzl9lUWfImx5TIcHa/7FvRtAOg+1B92kUmOf/1CJJ
MDOew6ZCKKUp+gQYAq5PWF6XHb/PljiFqIVnNdaSzgrZtu+XA+hduDSOWhpIfiBq
LQ1ynrz56QOKG7xJbOGD+t+mn/e6INWqPJfFN4v2/uk6ZTe+NQKMrnW412dovSFz
E4C18dLuMVnJdapt8kxAqtbtBG1RTfliRgRhriAilNZVGnRh0nz09deCMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLZSsGKrBjRRQzkFHtJqxaLWF7e3MB8GA1UdIwQY
MBaAFKubnW5qwoLowQAAzD28St8/4B/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTV1ZGJtckNndWpCQUFETVBieEszel9nSC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84N2Y0OTEtOTVjOS00ZjQxLWI0OGUt
MWNlYzFhMGVlOThiLzEvdGxLd1lxc0dORkZET1FVZTBtckZvdFlYdDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84N2Y0OTEtOTVjOS00ZjQxLWI0OGUtMWNlYzFhMGVlOThi
LzEvcTV1ZGJtckNndWpCQUFETVBieEszel9nSC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAzQ
AwcAIAEGeAzUAwcAIAEGeAzYAwcAIAEGfBXAMA0GCSqGSIb3DQEBCwUAA4IBAQBb
RExrGc5OhCaUdpYOnkyWJHZR9seKLoIMt14+Y7hqHAaEUhZz13nYn3854iMSq7V6
Vbvws1VESK4osZs1p7Hlawqee/vQZVSvUdVRatqYrB+MJkUhzb3BBS6kaB0oe9mF
jF+Nzdq2iqhGNPuga6ImcTim3xXvMXv66tHziy3D85XM4apxTnW4SqeF8tVedxgS
7I288txspkGLMw8lI/x9bK8XEuGrr4MmV8Fn2yxymie5n7DUN9pBYolHBrAu2yXB
mFbemCTj1U1M+/9hKoztDIg91jCI9BEA0EjO1M76Rp7cYAyLP+s7pTEMkiqICLHx
rsacgawbVyGsc2hVD5aU
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:45 2025 by rpki-client