Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/OT8U_4aADhtndkIZj_tJd7-RH1g.roa
File: OT8U_4aADhtndkIZj_tJd7-RH1g.roa (raw, json)
Hash identifier: CCv3Kooj231IyGIX622PRskXV660A5dftSz82yqGeXo=
Subject key identifier: 39:3F:14:FF:86:80:0E:1B:67:76:42:19:8F:FB:49:77:BF:91:1F:58
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01926D4E77B4624B5A4D14212966C291A4B6
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/OT8U_4aADhtndkIZj_tJd7-RH1g.roa
Signing time: Tue 08 Oct 2024 18:05:11 +0000
ROA not before: Tue 08 Oct 2024 18:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216164
IP address blocks: 2a05:4142::/32 maxlen: 32
2a05:4143::/32 maxlen: 32
2a05:4144::/32 maxlen: 32
2a11:e100::/29 maxlen: 48
2a11:e106::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6d:4e:77:b4:62:4b:5a:4d:14:21:29:66:c2:91:a4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Oct 8 18:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=393f14ff86800e1b677642198ffb4977bf911f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:a3:14:ad:fa:a1:4e:f7:11:01:50:04:e7:
b6:70:9c:b6:2b:78:3b:25:9c:5d:84:f2:ef:4c:e0:
e1:d7:b5:65:2f:69:bc:f7:46:2e:95:36:20:00:d1:
69:1e:2c:6c:01:6b:ee:9d:95:9b:d3:2b:00:c2:46:
32:b2:d9:b1:cb:5b:e9:e2:52:5d:e5:80:c5:ef:67:
9c:8e:92:c4:8b:25:e1:7c:06:fa:17:c7:ca:1a:5c:
95:32:43:51:8a:ea:4d:a3:fd:19:1b:b0:58:80:93:
45:85:8d:2a:d3:a4:06:f2:e3:a6:2d:ee:26:c0:79:
3a:4a:30:89:d3:65:27:d6:51:50:fa:47:d1:2b:6d:
a1:b1:d6:14:a3:ce:2a:89:64:ef:45:e3:d4:57:8b:
14:9a:8e:c6:99:3c:85:f2:68:5b:7b:89:cb:7d:b0:
55:95:7f:c2:96:f8:18:db:1d:d6:7e:75:48:e2:ad:
0e:fd:02:26:98:63:96:c1:13:e2:74:44:a0:4a:3d:
c1:c2:03:eb:a0:11:09:db:ac:f6:cb:55:a3:fd:bc:
39:c7:1c:00:7c:db:7d:b6:59:57:37:ad:cb:a5:0f:
fc:0f:23:ce:86:42:62:86:fd:a6:bc:4c:58:dc:46:
03:f8:06:4d:c1:be:6f:e8:6a:e7:8d:79:53:5b:f9:
07:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3F:14:FF:86:80:0E:1B:67:76:42:19:8F:FB:49:77:BF:91:1F:58
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/OT8U_4aADhtndkIZj_tJd7-RH1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4142::-2a05:4144:ffff:ffff:ffff:ffff:ffff:ffff
2a11:e100::/29
Signature Algorithm: sha256WithRSAEncryption
10:75:50:5e:79:1b:0b:a3:b7:af:82:29:ed:9e:5d:69:70:ca:
72:e3:e4:2f:ab:63:10:61:b3:44:b7:96:92:aa:3f:fd:cb:c6:
9b:3a:59:36:f3:bb:63:15:1a:e7:91:9d:69:21:7a:11:2c:50:
e7:e2:9d:47:f0:72:04:b9:ca:11:d8:da:d1:e1:6b:29:2c:f4:
14:2d:e5:7c:6a:12:ac:ef:c4:5f:b2:a1:f9:0a:45:40:83:21:
6e:da:9d:6e:f6:97:1b:ff:18:9c:43:c9:41:dd:5a:4d:eb:bc:
e6:a8:7d:4e:9a:0f:46:0a:94:3d:25:93:9c:6e:a0:ba:2a:e6:
a3:97:9e:cb:47:ee:c4:d9:ff:c6:28:16:75:21:c0:ad:95:a8:
a3:09:d1:3f:c7:45:88:a9:9c:11:a7:fa:a4:8c:84:a9:e2:f9:
a7:01:9c:7c:eb:07:c8:f7:06:c9:8a:7c:6e:00:64:46:43:d2:
28:97:44:48:5b:9b:e2:51:71:d9:a7:27:31:20:e9:e4:8d:d2:
13:1d:18:6f:98:b8:41:76:4f:2b:21:28:48:44:6c:b3:1b:f2:
5c:d9:d0:a5:f8:b2:a1:c4:17:67:e4:f9:d5:ef:b7:8d:6c:21:
30:84:ff:40:7d:57:9c:7b:29:34:cf:4e:c0:07:49:96:cb:18:
50:01:90:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJtTne0YktaTRQhKWbCkaS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQxMDA4MTgwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNmMTRmZjg2ODAwZTFiNjc3NjQyMTk4ZmZiNDk3N2JmOTExZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2WjFK36oU73EQFQBOe2cJy2K3g7
JZxdhPLvTODh17VlL2m890YulTYgANFpHixsAWvunZWb0ysAwkYystmxy1vp4lJd
5YDF72ecjpLEiyXhfAb6F8fKGlyVMkNRiupNo/0ZG7BYgJNFhY0q06QG8uOmLe4m
wHk6SjCJ02Un1lFQ+kfRK22hsdYUo84qiWTvRePUV4sUmo7GmTyF8mhbe4nLfbBV
lX/ClvgY2x3WfnVI4q0O/QImmGOWwRPidESgSj3BwgProBEJ26z2y1Wj/bw5xxwA
fNt9tllXN63LpQ/8DyPOhkJihv2mvExY3EYD+AZNwb5v6GrnjXlTW/kHZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDk/FP+GgA4bZ3ZCGY/7SXe/kR9YMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvT1Q4VV80YUFEaHRuZGtJWmpfdEpkNy1SSDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqBUFC
AwUAKgVBRAMFAyoR4QAwDQYJKoZIhvcNAQELBQADggEBABB1UF55Gwujt6+CKe2e
XWlwynLj5C+rYxBhs0S3lpKqP/3Lxps6WTbzu2MVGueRnWkhehEsUOfinUfwcgS5
yhHY2tHhayks9BQt5XxqEqzvxF+yofkKRUCDIW7anW72lxv/GJxDyUHdWk3rvOao
fU6aD0YKlD0lk5xuoLoq5qOXnstH7sTZ/8YoFnUhwK2VqKMJ0T/HRYipnBGn+qSM
hKni+acBnHzrB8j3BsmKfG4AZEZD0iiXREhbm+JRcdmnJzEg6eSN0hMdGG+YuEF2
TyshKEhEbLMb8lzZ0KX4sqHEF2fk+dXvt41sITCE/0B9V5x7KTTPTsAHSZbLGFAB
kAE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:43:44 2025 by rpki-client