Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/TbXz_2DP-rOA07vD5CzugGP1bKE.roa
File: TbXz_2DP-rOA07vD5CzugGP1bKE.roa (raw, json)
Hash identifier: CAt/DLZneA51bU0SP4dHEobNsFGyRDcDTedUhguKOZA=
Subject key identifier: 4D:B5:F3:FF:60:CF:FA:B3:80:D3:BB:C3:E4:2C:EE:80:63:F5:6C:A1
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 01939740D9DDC83CA882F3F5DDCFEE1D250B
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/TbXz_2DP-rOA07vD5CzugGP1bKE.roa
Signing time: Thu 05 Dec 2024 14:37:09 +0000
ROA not before: Thu 05 Dec 2024 14:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53813
IP address blocks: 2a03:eec0:3211::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:40:d9:dd:c8:3c:a8:82:f3:f5:dd:cf:ee:1d:25:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Dec 5 14:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db5f3ff60cffab380d3bbc3e42cee8063f56ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ae:20:95:94:ba:19:ea:f3:a5:6b:6d:f0:4d:
20:ff:a1:79:44:ac:9b:af:8a:a5:9d:c9:14:5f:29:
fc:18:3f:07:f7:32:20:d1:4b:07:09:14:0e:3e:ee:
a9:f7:30:91:33:79:99:5f:30:4a:dc:55:3c:ce:52:
e8:09:cc:d4:ea:6e:45:7d:3d:41:70:29:51:e3:52:
e6:b8:8f:16:52:11:a4:f7:3a:97:4e:82:2b:dd:ec:
f3:c4:b3:8b:2e:31:db:35:36:98:3d:a1:a6:f5:2c:
5f:f8:39:3a:e1:e8:54:4b:44:38:47:8a:3f:b2:b2:
f9:af:5f:83:f0:e7:cd:9f:4a:a1:89:9c:01:d0:09:
53:93:d1:29:62:fe:0b:b5:c7:f3:5a:30:7a:b0:f5:
66:98:10:72:74:a5:63:56:51:21:8c:44:37:03:1f:
3d:64:03:68:c0:01:e5:56:4a:9a:4b:a9:f0:85:7f:
aa:f4:07:cd:00:97:a6:76:aa:48:a5:79:c7:17:98:
b4:67:bb:78:d0:6f:30:6e:7b:f2:be:b8:a3:ef:1e:
d4:98:5b:28:fd:ec:51:aa:d9:e8:66:ac:21:4f:59:
d7:32:c0:bc:92:87:dd:c1:ad:19:5a:1f:11:e3:fd:
b1:12:ec:a6:72:73:c3:66:35:e5:10:40:af:6a:91:
4b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B5:F3:FF:60:CF:FA:B3:80:D3:BB:C3:E4:2C:EE:80:63:F5:6C:A1
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/TbXz_2DP-rOA07vD5CzugGP1bKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:eec0:3211::/48
Signature Algorithm: sha256WithRSAEncryption
15:df:26:a8:e6:17:c7:79:c8:75:73:db:df:44:bb:c3:b0:e8:
b4:77:ac:f3:b5:05:1a:45:f3:5f:3d:b9:ce:35:7d:ef:2f:54:
57:f5:b5:07:5a:a6:ff:d1:60:9b:17:73:39:c8:8c:48:c6:41:
7f:9b:33:70:10:bf:bf:7b:03:4d:76:dd:c2:17:21:23:56:5d:
c3:71:e5:49:4b:40:62:31:77:ea:3d:46:f2:fe:37:98:93:77:
3d:86:fe:89:d0:a9:25:48:3d:fd:30:b5:64:6a:83:bf:c5:40:
e4:48:5e:02:5a:4e:64:0a:3a:09:18:86:07:23:9c:3c:c7:08:
09:cf:b6:d5:e2:0c:c9:de:5e:b7:16:b0:51:06:15:66:12:83:
47:f6:58:03:1e:d7:0a:d0:e0:43:aa:18:fe:97:21:5a:0e:ee:
d0:f8:69:94:06:f0:51:e6:d5:bb:88:db:a4:57:1e:d2:41:d5:
2e:bd:78:7f:37:4d:a0:a4:8b:24:84:f4:5a:98:5b:58:ed:7b:
e4:fa:89:3f:52:06:ba:35:cf:e6:7c:80:aa:88:48:64:6a:c9:
77:75:ce:0b:71:d7:2e:4b:93:41:d2:2a:18:9e:47:77:5a:68:
a7:e2:fd:ae:b2:7a:30:fc:86:b0:5f:22:38:26:a9:15:ce:09:
6d:cd:4a:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOXQNndyDyogvP13c/uHSULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjQxMjA1MTQzNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI1ZjNmZjYwY2ZmYWIzODBkM2JiYzNlNDJjZWU4MDYzZjU2Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3q4glZS6GerzpWtt8E0g/6F5RKyb
r4qlnckUXyn8GD8H9zIg0UsHCRQOPu6p9zCRM3mZXzBK3FU8zlLoCczU6m5FfT1B
cClR41LmuI8WUhGk9zqXToIr3ezzxLOLLjHbNTaYPaGm9Sxf+Dk64ehUS0Q4R4o/
srL5r1+D8OfNn0qhiZwB0AlTk9EpYv4LtcfzWjB6sPVmmBBydKVjVlEhjEQ3Ax89
ZANowAHlVkqaS6nwhX+q9AfNAJemdqpIpXnHF5i0Z7t40G8wbnvyvrij7x7UmFso
/exRqtnoZqwhT1nXMsC8kofdwa0ZWh8R4/2xEuymcnPDZjXlEECvapFLiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE218/9gz/qzgNO7w+Qs7oBj9WyhMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvVGJYel8yRFAtck9BMDd2RDVDenVnR1AxYktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPuwDIR
MA0GCSqGSIb3DQEBCwUAA4IBAQAV3yao5hfHech1c9vfRLvDsOi0d6zztQUaRfNf
PbnONX3vL1RX9bUHWqb/0WCbF3M5yIxIxkF/mzNwEL+/ewNNdt3CFyEjVl3DceVJ
S0BiMXfqPUby/jeYk3c9hv6J0KklSD39MLVkaoO/xUDkSF4CWk5kCjoJGIYHI5w8
xwgJz7bV4gzJ3l63FrBRBhVmEoNH9lgDHtcK0OBDqhj+lyFaDu7Q+GmUBvBR5tW7
iNukVx7SQdUuvXh/N02gpIskhPRamFtY7Xvk+ok/Uga6Nc/mfICqiEhkasl3dc4L
cdcuS5NB0ioYnkd3Wmin4v2usnow/IawXyI4JqkVzgltzUoH
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:17:26 2025 by rpki-client