Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/40x67T2_9t2QWcJ5twgWtjH_7NU.roa
File: 40x67T2_9t2QWcJ5twgWtjH_7NU.roa (raw, json)
Hash identifier: tujsQjZATAw5NEkcihJ7ihAQl3MDoY5UwDKI8A6A98k=
Subject key identifier: E3:4C:7A:ED:3D:BF:F6:DD:90:59:C2:79:B7:08:16:B6:31:FF:EC:D5
Certificate issuer: /CN=cd9de08b3053bac61713c46b43d4093818c2046f
Certificate serial: 0191797565DBFB4C763239C1C885EDA03D1C
Authority key identifier: CD:9D:E0:8B:30:53:BA:C6:17:13:C4:6B:43:D4:09:38:18:C2:04:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZ3gizBTusYXE8RrQ9QJOBjCBG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/40x67T2_9t2QWcJ5twgWtjH_7NU.roa
Signing time: Thu 22 Aug 2024 09:40:22 +0000
ROA not before: Thu 22 Aug 2024 09:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 2001:67c:468::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:75:65:db:fb:4c:76:32:39:c1:c8:85:ed:a0:3d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd9de08b3053bac61713c46b43d4093818c2046f
Validity
Not Before: Aug 22 09:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e34c7aed3dbff6dd9059c279b70816b631ffecd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:47:5a:7f:bc:2e:9f:8a:d5:25:d5:98:84:
5d:e4:98:db:a0:28:e0:64:32:0b:bc:b1:68:3e:f0:
ab:b7:12:f9:2b:5c:1f:7a:7a:12:a5:7f:16:9a:8e:
96:a2:60:c0:3e:4a:58:24:0d:df:a4:9d:cb:cf:f7:
96:a4:5d:66:db:77:28:81:49:13:36:27:e8:bf:e0:
4f:a9:5c:1b:ad:b0:4e:33:69:9e:a2:ef:0a:8b:bb:
4b:32:c1:fd:d2:a9:2c:2b:5f:87:45:c4:09:94:3e:
f4:3a:e1:a8:7e:df:11:41:15:85:44:b7:3a:e6:5a:
2e:0d:e7:9b:8b:9c:2f:af:76:82:d2:8e:8f:65:d8:
26:6e:5c:bf:5f:0d:2f:cc:ea:dd:9e:a2:a2:9b:de:
54:d2:80:d2:8b:b4:42:63:c0:3c:96:0e:1b:3d:78:
c1:e2:51:9b:3b:6d:21:6e:46:14:6e:70:82:93:6c:
5e:7e:f7:70:5f:c8:ff:93:3a:a3:27:84:53:1c:56:
47:a2:2d:44:82:19:93:34:10:fa:c4:2d:64:15:9e:
51:9c:ca:d9:97:b3:7d:c9:2f:8a:b6:ce:89:1b:1c:
63:1a:64:1b:d1:f0:74:56:89:eb:80:91:65:55:aa:
dd:a9:15:33:a3:5d:50:d4:14:80:d1:a2:2e:fd:3a:
f3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4C:7A:ED:3D:BF:F6:DD:90:59:C2:79:B7:08:16:B6:31:FF:EC:D5
X509v3 Authority Key Identifier:
keyid:CD:9D:E0:8B:30:53:BA:C6:17:13:C4:6B:43:D4:09:38:18:C2:04:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZ3gizBTusYXE8RrQ9QJOBjCBG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/40x67T2_9t2QWcJ5twgWtjH_7NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/34bff3-39da-4877-b75c-5016ce92f122/1/zZ3gizBTusYXE8RrQ9QJOBjCBG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:468::/48
Signature Algorithm: sha256WithRSAEncryption
73:f4:9d:b8:6c:f5:71:d7:e3:5f:f6:2a:9a:e8:c9:a8:78:4f:
63:93:00:86:7c:20:37:26:0d:c3:d0:de:8f:22:28:c6:c7:52:
52:68:cb:81:9d:d8:f3:70:b9:65:cc:8a:85:dc:22:d1:76:4e:
e0:66:b1:8e:a4:89:2e:2a:31:dd:7f:c4:1b:d8:1e:99:f4:3e:
35:19:59:37:4f:b2:49:3c:7b:70:b6:07:a8:24:ee:4c:5b:36:
a5:3b:cb:a0:21:0f:c0:f0:34:90:03:dc:d5:2b:77:53:4e:e8:
3c:40:d5:f4:a7:fb:bf:d3:cb:f9:12:0f:b3:0b:92:3d:5e:e4:
35:21:51:37:ba:cb:96:21:9f:c4:65:d1:c0:1f:f4:14:06:b4:
53:a2:81:fd:b1:87:01:49:66:27:3f:8c:f1:b2:b9:0a:0d:3b:
02:6f:05:e8:50:d2:b7:fd:08:94:20:dd:13:73:9b:76:46:3c:
3d:2e:11:ed:67:fb:8f:03:df:19:06:46:a2:46:c9:55:3c:47:
a8:b2:0b:fb:c1:8e:50:4a:fd:b3:ea:ac:64:ba:0d:f3:42:d4:
b0:6a:48:c8:86:12:05:3f:d0:67:91:ea:07:87:46:0d:0f:75:
92:4b:56:1e:32:b1:92:6b:67:c4:9e:1f:e1:0f:a2:fc:46:df:
09:6a:c9:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZF5dWXb+0x2MjnByIXtoD0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOWRlMDhiMzA1M2JhYzYxNzEzYzQ2YjQzZDQwOTM4MThj
MjA0NmYwHhcNMjQwODIyMDk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRjN2FlZDNkYmZmNmRkOTA1OWMyNzliNzA4MTZiNjMxZmZlY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4pHWn+8Lp+K1SXVmIRd5JjboCjg
ZDILvLFoPvCrtxL5K1wfenoSpX8Wmo6WomDAPkpYJA3fpJ3Lz/eWpF1m23cogUkT
Nifov+BPqVwbrbBOM2meou8Ki7tLMsH90qksK1+HRcQJlD70OuGoft8RQRWFRLc6
5louDeebi5wvr3aC0o6PZdgmbly/Xw0vzOrdnqKim95U0oDSi7RCY8A8lg4bPXjB
4lGbO20hbkYUbnCCk2xefvdwX8j/kzqjJ4RTHFZHoi1EghmTNBD6xC1kFZ5RnMrZ
l7N9yS+Kts6JGxxjGmQb0fB0VonrgJFlVardqRUzo11Q1BSA0aIu/TrznwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFONMeu09v/bdkFnCebcIFrYx/+zVMB8GA1UdIwQY
MBaAFM2d4IswU7rGFxPEa0PUCTgYwgRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelozZ2l6QlR1c1lYRThSclE5UUpPQmpDQkc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zNGJmZjMtMzlkYS00ODc3LWI3NWMt
NTAxNmNlOTJmMTIyLzEvNDB4NjdUMl85dDJRV2NKNXR3Z1d0akhfN05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zNGJmZjMtMzlkYS00ODc3LWI3NWMtNTAxNmNlOTJmMTIy
LzEvelozZ2l6QlR1c1lYRThSclE5UUpPQmpDQkc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfARo
MA0GCSqGSIb3DQEBCwUAA4IBAQBz9J24bPVx1+Nf9iqa6MmoeE9jkwCGfCA3Jg3D
0N6PIijGx1JSaMuBndjzcLllzIqF3CLRdk7gZrGOpIkuKjHdf8Qb2B6Z9D41GVk3
T7JJPHtwtgeoJO5MWzalO8ugIQ/A8DSQA9zVK3dTTug8QNX0p/u/08v5Eg+zC5I9
XuQ1IVE3usuWIZ/EZdHAH/QUBrRTooH9sYcBSWYnP4zxsrkKDTsCbwXoUNK3/QiU
IN0Tc5t2Rjw9LhHtZ/uPA98ZBkaiRslVPEeosgv7wY5QSv2z6qxkug3zQtSwakjI
hhIFP9BnkeoHh0YND3WSS1YeMrGSa2fEnh/hD6L8Rt8JasnO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:51 2025 by rpki-client