Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/u6MxtJLSpnJa91HZPtZmSi6nnuw.roa
File: u6MxtJLSpnJa91HZPtZmSi6nnuw.roa (raw, json)
Hash identifier: wLw0nusC/QZp4SLR6C/kd8TvdVx4sVtZ8eIf2Fi01Ro=
Subject key identifier: BB:A3:31:B4:92:D2:A6:72:5A:F7:51:D9:3E:D6:66:4A:2E:A7:9E:EC
Certificate issuer: /CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Certificate serial: 018CC3494C76232B5F26972B3C194B810261
Authority key identifier: C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/u6MxtJLSpnJa91HZPtZmSi6nnuw.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134981
IP address blocks: 2a0c:4a01:c20::/44 maxlen: 44
2a0c:4a01:c10::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4c:76:23:2b:5f:26:97:2b:3c:19:4b:81:02:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bba331b492d2a6725af751d93ed6664a2ea79eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8c:b2:58:f6:ef:4c:d0:29:b9:4e:a0:1f:13:
1e:8c:96:a9:bf:82:26:fa:a5:65:23:ac:68:ff:8c:
90:67:94:e1:7a:c2:71:20:4c:00:b6:6a:15:66:ea:
ed:6b:9f:42:de:9c:c8:82:ac:c6:7f:6d:7d:3f:c4:
65:65:6a:94:29:3f:66:6e:eb:74:3b:bc:8c:43:bb:
e3:dc:4f:f2:5e:ef:76:97:ac:a9:55:7a:d7:cd:fa:
64:c8:a2:fd:89:96:4d:f1:0f:b2:de:07:28:77:90:
bf:d6:ca:00:50:95:9c:98:b2:05:3b:8e:93:e6:ae:
c7:04:a6:58:9d:49:c3:d7:56:8c:42:1a:1d:97:a7:
a4:21:91:96:31:b5:1f:40:2b:3b:03:9c:61:e2:5a:
7b:2c:fb:97:23:15:19:14:49:2c:09:b4:06:c9:3b:
e2:f5:a8:06:3f:2e:ba:02:03:05:44:70:41:de:70:
7e:61:4c:f1:34:4b:33:5b:43:21:4e:b2:70:8e:65:
87:59:9b:5c:17:f0:2b:65:06:d1:0f:a2:cc:b6:51:
e4:61:e1:ed:ed:8c:45:82:47:65:23:2a:86:b1:94:
c8:50:4b:c8:5b:73:54:b9:f5:8c:79:d9:ad:22:d8:
9a:3c:3d:fb:ea:78:bf:39:da:23:6a:54:0b:46:dc:
0a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A3:31:B4:92:D2:A6:72:5A:F7:51:D9:3E:D6:66:4A:2E:A7:9E:EC
X509v3 Authority Key Identifier:
keyid:C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/u6MxtJLSpnJa91HZPtZmSi6nnuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/wcJrtXS4m4wYZvhHS7HLADJk7CA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4a01:c10::-2a0c:4a01:c2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
36:fb:e5:07:82:9f:25:ca:17:ec:92:9d:35:b1:e0:d3:2b:5a:
37:63:48:15:18:db:64:89:92:f9:d5:0e:31:0e:38:62:61:dd:
f7:49:3f:d4:c8:c9:b0:18:56:d6:8e:00:95:3c:2b:e3:d4:88:
b5:46:58:43:a0:2e:d9:96:f4:ee:38:34:c1:3e:bf:93:d8:2b:
73:d4:23:ae:1a:15:ef:03:2c:b2:dd:fb:b0:f4:fa:5e:28:ca:
7f:b0:a2:fc:20:3e:4c:11:6b:0c:21:8e:ce:2e:67:25:d8:93:
c9:e4:33:73:36:ab:56:8a:89:13:7e:45:65:43:79:89:ac:c9:
9e:ef:2e:44:6f:ac:64:bc:8f:8b:af:0d:d2:22:04:a5:5b:98:
23:0b:1b:9a:e4:f2:e7:99:02:42:ee:69:a2:3c:6a:7d:e2:76:
d4:bd:9e:d1:a5:6d:33:30:60:6b:54:7f:aa:d9:0e:bd:42:9e:
bf:36:a6:93:7f:7c:45:00:b9:53:5b:b6:c8:97:29:9d:ee:fb:
23:2c:09:a7:f7:5e:d9:e8:11:76:29:9d:0b:a4:10:b2:c0:ae:
2f:35:b2:1a:7c:16:9a:00:3f:b2:3c:a9:45:c7:20:8e:16:85:
8f:50:95:f7:a5:fb:a0:3e:78:e9:85:b6:7f:5a:5d:16:58:e7:
7f:98:13:56
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSUx2IytfJpcrPBlLgQJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzI2YmI1NzRiODliOGMxODY2Zjg0NzRiYjFjYjAwMzI2
NGVjMjAwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmEzMzFiNDkyZDJhNjcyNWFmNzUxZDkzZWQ2NjY0YTJlYTc5ZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoyyWPbvTNApuU6gHxMejJapv4Im
+qVlI6xo/4yQZ5ThesJxIEwAtmoVZurta59C3pzIgqzGf219P8RlZWqUKT9mbut0
O7yMQ7vj3E/yXu92l6ypVXrXzfpkyKL9iZZN8Q+y3gcod5C/1soAUJWcmLIFO46T
5q7HBKZYnUnD11aMQhodl6ekIZGWMbUfQCs7A5xh4lp7LPuXIxUZFEksCbQGyTvi
9agGPy66AgMFRHBB3nB+YUzxNEszW0MhTrJwjmWHWZtcF/ArZQbRD6LMtlHkYeHt
7YxFgkdlIyqGsZTIUEvIW3NUufWMedmtItiaPD376ni/OdojalQLRtwK4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLujMbSS0qZyWvdR2T7WZkoup57sMB8GA1UdIwQY
MBaAFMHCa7V0uJuMGGb4R0uxywAyZOwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgt
ZjJhMmE1ZDUwNDVlLzEvdTZNeHRKTFNwbkphOTFIWlB0Wm1TaTZubnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgtZjJhMmE1ZDUwNDVl
LzEvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDEoB
DBADBwQqDEoBDCAwDQYJKoZIhvcNAQELBQADggEBADb75QeCnyXKF+ySnTWx4NMr
WjdjSBUY22SJkvnVDjEOOGJh3fdJP9TIybAYVtaOAJU8K+PUiLVGWEOgLtmW9O44
NME+v5PYK3PUI64aFe8DLLLd+7D0+l4oyn+wovwgPkwRawwhjs4uZyXYk8nkM3M2
q1aKiRN+RWVDeYmsyZ7vLkRvrGS8j4uvDdIiBKVbmCMLG5rk8ueZAkLuaaI8an3i
dtS9ntGlbTMwYGtUf6rZDr1Cnr82ppN/fEUAuVNbtsiXKZ3u+yMsCaf3XtnoEXYp
nQukELLAri81shp8FpoAP7I8qUXHII4WhY9Qlfel+6A+eOmFtn9aXRZY53+YE1Y=
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:04:09 2025 by rpki-client