Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/bW1dJMjx_2bjCRJkG4CylERQRSk.roa
File: bW1dJMjx_2bjCRJkG4CylERQRSk.roa (raw, json)
Hash identifier: OXzsThZM2sfylr5xwVaHAHJEGbPRGN+I2MrHuRxUcTk=
Subject key identifier: 6D:6D:5D:24:C8:F1:FF:66:E3:09:12:64:1B:80:B2:94:44:50:45:29
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 018EEE4CFA08A28192DD79CC784045386314
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/bW1dJMjx_2bjCRJkG4CylERQRSk.roa
Signing time: Wed 17 Apr 2024 23:03:25 +0000
ROA not before: Wed 17 Apr 2024 23:03:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209718
IP address blocks: 2001:678:c44::/48 maxlen: 48
2001:678:c6c::/48 maxlen: 48
2001:67c:e70::/48 maxlen: 48
2001:67c:e74::/48 maxlen: 48
2001:67c:e78::/48 maxlen: 48
2001:67c:e7c::/48 maxlen: 48
2001:67c:2908::/48 maxlen: 48
2001:67c:2ea8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 May 2024 15:53:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ee:4c:fa:08:a2:81:92:dd:79:cc:78:40:45:38:63:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Apr 17 23:03:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d6d5d24c8f1ff66e30912641b80b29444504529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:98:18:3f:e7:79:7a:76:b2:69:d2:ab:25:3f:
e2:81:1d:8c:c8:8d:67:06:70:56:5a:61:ff:59:9a:
fe:4f:15:d7:58:3a:3f:57:15:02:cb:c4:a2:fc:5a:
43:d8:37:a8:c9:0c:9f:31:59:bf:d5:36:6f:dc:84:
fc:2e:7a:3d:f4:e8:9f:9a:2e:cd:26:e8:be:23:6d:
4d:92:3c:fa:b6:a3:e1:af:38:c0:a6:0f:2f:11:be:
0c:64:c9:e0:92:a0:c5:2e:a0:a9:4a:43:d2:07:81:
56:91:0c:c0:48:96:4d:78:ad:c5:a1:b8:bb:5d:43:
87:a3:ef:81:a0:d4:cd:7d:78:3b:17:79:c7:6b:3f:
55:e5:b7:13:18:4c:50:ea:a6:10:7d:bc:6b:54:6c:
e1:d7:cd:11:c3:0f:27:7f:d6:2c:90:cc:11:dd:16:
11:70:f1:2b:f2:14:b5:1e:b7:11:3f:70:22:7b:c2:
71:45:65:3b:ee:d8:80:1c:a9:e4:ea:f0:dc:bf:45:
48:20:5c:57:ee:fd:64:6b:40:08:84:3d:57:c8:8c:
ad:c3:1e:18:09:a0:b5:66:27:0d:f7:ee:38:1e:42:
1b:ea:14:f7:16:f0:9c:1e:d0:3d:bf:97:05:6e:82:
55:e3:aa:df:1e:6b:7d:2f:52:23:82:70:0b:23:15:
90:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6D:5D:24:C8:F1:FF:66:E3:09:12:64:1B:80:B2:94:44:50:45:29
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/bW1dJMjx_2bjCRJkG4CylERQRSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c44::/48
2001:678:c6c::/48
2001:67c:e70::/48
2001:67c:e74::/48
2001:67c:e78::/48
2001:67c:e7c::/48
2001:67c:2908::/48
2001:67c:2ea8::/48
Signature Algorithm: sha256WithRSAEncryption
1c:46:9d:70:ae:4e:75:e3:19:5c:22:25:eb:a7:d1:9b:09:1d:
10:aa:67:b0:89:27:04:f9:26:ed:50:cd:d8:cf:f2:f9:45:08:
9d:91:75:91:27:e6:ad:cc:de:4f:bc:c0:e7:c8:50:a1:ba:8c:
51:cd:0d:14:35:ea:ac:ea:ae:80:29:8a:93:3b:8c:05:de:93:
fb:3c:f8:e9:52:dc:62:d5:b9:1e:c6:10:fa:44:2d:42:80:6c:
46:7b:a7:d3:c9:77:27:af:c8:af:9f:1c:d1:9b:68:bf:d2:9a:
6c:32:03:ce:89:97:14:01:b9:67:8e:b1:99:79:fb:cd:ee:b5:
7c:53:f6:88:c6:5f:f8:cf:39:3a:35:fe:04:c1:c9:a7:fd:e2:
43:fb:2c:b6:81:57:ff:9a:98:a0:4a:38:dc:a2:68:22:61:54:
a6:32:b7:ba:e8:dd:17:9f:d0:49:4d:8f:5f:71:c9:45:5d:86:
fe:e4:b8:6a:61:5d:b5:4f:09:b5:2b:d9:66:1d:1b:6a:13:ce:
61:16:6e:d9:18:f4:28:d7:11:73:d8:e3:15:66:aa:84:71:10:
ee:b5:f4:c5:7a:5d:a8:6a:41:51:eb:2c:cd:e7:13:dc:60:43:
cf:14:3f:b9:93:39:f5:4a:44:61:6f:22:34:60:88:6d:27:89:
c1:7d:0c:19
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY7uTPoIooGS3XnMeEBFOGMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjQwNDE3MjMwMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZkNWQyNGM4ZjFmZjY2ZTMwOTEyNjQxYjgwYjI5NDQ0NTA0NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJgYP+d5enayadKrJT/igR2MyI1n
BnBWWmH/WZr+TxXXWDo/VxUCy8Si/FpD2DeoyQyfMVm/1TZv3IT8Lno99Oifmi7N
Jui+I21Nkjz6tqPhrzjApg8vEb4MZMngkqDFLqCpSkPSB4FWkQzASJZNeK3Fobi7
XUOHo++BoNTNfXg7F3nHaz9V5bcTGExQ6qYQfbxrVGzh180Rww8nf9YskMwR3RYR
cPEr8hS1HrcRP3Aie8JxRWU77tiAHKnk6vDcv0VIIFxX7v1ka0AIhD1XyIytwx4Y
CaC1ZicN9+44HkIb6hT3FvCcHtA9v5cFboJV46rfHmt9L1IjgnALIxWQVwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFG1tXSTI8f9m4wkSZBuAspREUEUpMB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvYlcxZEpNanhfMmJqQ1JKa0c0Q3lsRVJRUlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAIAEGeAxE
AwcAIAEGeAxsAwcAIAEGfA5wAwcAIAEGfA50AwcAIAEGfA54AwcAIAEGfA58AwcA
IAEGfCkIAwcAIAEGfC6oMA0GCSqGSIb3DQEBCwUAA4IBAQAcRp1wrk514xlcIiXr
p9GbCR0QqmewiScE+SbtUM3Yz/L5RQidkXWRJ+atzN5PvMDnyFChuoxRzQ0UNeqs
6q6AKYqTO4wF3pP7PPjpUtxi1bkexhD6RC1CgGxGe6fTyXcnr8ivnxzRm2i/0pps
MgPOiZcUAblnjrGZefvN7rV8U/aIxl/4zzk6Nf4Ewcmn/eJD+yy2gVf/mpigSjjc
omgiYVSmMre66N0Xn9BJTY9fcclFXYb+5LhqYV21Twm1K9lmHRtqE85hFm7ZGPQo
1xFz2OMVZqqEcRDutfTFel2oakFR6yzN5xPcYEPPFD+5kzn1SkRhbyI0YIhtJ4nB
fQwZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:42 2024 by rpki-client on console-ams.rpki-client.org