Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/dHnakNnps1FpgliRZXyn1ekfg2M.roa
File: dHnakNnps1FpgliRZXyn1ekfg2M.roa (raw, json)
Hash identifier: D/xA7lVD/Cao7Mtsl7/z9qJnQl415wmMiTZglfQkFDY=
Subject key identifier: 74:79:DA:90:D9:E9:B3:51:69:82:58:91:65:7C:A7:D5:E9:1F:83:63
Certificate issuer: /CN=3b0f37f43a268342eaf0fec53960634090b5b1b7
Certificate serial: 01928921460B7FE21112426AE18CE8E92641
Authority key identifier: 3B:0F:37:F4:3A:26:83:42:EA:F0:FE:C5:39:60:63:40:90:B5:B1:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ow839Domg0Lq8P7FOWBjQJC1sbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/dHnakNnps1FpgliRZXyn1ekfg2M.roa
Signing time: Mon 14 Oct 2024 03:45:12 +0000
ROA not before: Mon 14 Oct 2024 03:45:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31404
IP address blocks: 2a03:9ec0:fc02::/48 maxlen: 48
2a03:9ec0:fc0f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Nov 2024 03:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:21:46:0b:7f:e2:11:12:42:6a:e1:8c:e8:e9:26:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0f37f43a268342eaf0fec53960634090b5b1b7
Validity
Not Before: Oct 14 03:45:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7479da90d9e9b35169825891657ca7d5e91f8363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:6c:0a:10:cb:2a:45:ac:52:df:a5:06:84:
6b:4d:bb:8a:cf:02:30:07:0f:57:3d:41:56:95:c6:
30:34:00:4b:84:45:dc:93:26:9d:09:49:3c:fa:f5:
f0:8e:08:a1:7f:ea:1e:d9:84:a7:21:05:59:20:3c:
f5:45:f1:ea:12:05:64:7a:ec:d0:37:55:8e:d6:9e:
2d:73:49:6e:cf:9a:11:99:43:e4:5a:53:95:ee:a0:
0d:0e:7f:e8:6e:42:f0:da:80:aa:c5:94:cf:39:db:
b4:ab:cd:3a:eb:28:3d:f9:a1:87:b2:d0:97:65:b1:
cf:3d:a6:40:1b:83:65:f8:6a:e3:31:5b:ac:c1:91:
58:ac:7f:08:6c:f1:d4:b9:e7:b0:db:cb:c4:c7:a2:
22:aa:48:ec:6c:51:52:37:23:c6:64:b8:86:e0:b9:
35:c0:5e:f2:00:be:3a:c9:dd:74:3e:3e:84:29:a8:
6a:e5:2e:2e:16:f6:1a:bf:9a:ba:f3:6c:ee:78:aa:
ab:cf:4f:ca:08:18:45:e7:30:17:05:0b:a3:f7:83:
93:26:a1:7c:5d:7e:80:01:ce:4c:da:2d:d0:63:03:
c3:62:b1:e3:05:79:be:46:6b:8c:9e:38:77:ff:04:
e9:b5:08:e2:42:97:94:0f:02:61:ea:89:2f:a1:24:
3a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:79:DA:90:D9:E9:B3:51:69:82:58:91:65:7C:A7:D5:E9:1F:83:63
X509v3 Authority Key Identifier:
keyid:3B:0F:37:F4:3A:26:83:42:EA:F0:FE:C5:39:60:63:40:90:B5:B1:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ow839Domg0Lq8P7FOWBjQJC1sbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/dHnakNnps1FpgliRZXyn1ekfg2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/04f736-3713-40ba-8c08-9ae900df4f88/1/Ow839Domg0Lq8P7FOWBjQJC1sbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9ec0:fc02::/48
2a03:9ec0:fc0f::/48
Signature Algorithm: sha256WithRSAEncryption
69:74:12:d1:81:ec:de:be:e0:05:c5:79:51:f1:90:ae:ab:fb:
f0:50:97:63:4e:15:4b:97:e3:d5:8b:3d:34:4c:43:5c:6b:3a:
92:d5:f4:9c:bc:16:b1:65:9d:96:f5:29:9d:38:c0:59:a2:00:
05:9b:31:8d:f6:fe:a2:ee:1d:43:06:19:ea:9a:ee:69:8d:95:
d3:0d:31:32:63:4b:4e:b6:65:35:6c:b9:ed:ba:63:0a:30:6c:
51:d7:b3:39:e6:ec:db:d5:fe:a0:8c:c6:e3:71:c3:bb:2b:0e:
e6:07:c7:f1:05:e9:aa:54:3f:80:f0:d3:19:07:db:d9:75:a7:
b8:4c:df:bd:96:3d:61:93:c9:00:81:b4:03:d5:c2:fe:01:d7:
9b:23:06:b8:b6:e9:70:66:88:93:b0:0c:5e:99:20:42:44:e1:
57:22:83:49:04:f9:e7:3e:1c:1f:38:07:9c:9d:4a:ab:ac:e9:
5e:50:b1:a0:b9:0c:ed:20:90:c1:c4:44:f9:38:c8:eb:87:61:
e9:46:71:2d:0c:e0:ff:c9:95:70:83:4e:d1:84:2a:82:40:7d:
49:00:5a:4d:55:3a:20:40:e9:50:43:dd:a9:d2:5b:f7:89:84:
b4:51:33:a3:e8:16:6b:2e:86:1e:20:ac:c2:52:3c:d4:f3:cf:
44:9e:c3:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKJIUYLf+IREkJq4Yzo6SZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGYzN2Y0M2EyNjgzNDJlYWYwZmVjNTM5NjA2MzQwOTBi
NWIxYjcwHhcNMjQxMDE0MDM0NTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDc5ZGE5MGQ5ZTliMzUxNjk4MjU4OTE2NTdjYTdkNWU5MWY4MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE9sChDLKkWsUt+lBoRrTbuKzwIw
Bw9XPUFWlcYwNABLhEXckyadCUk8+vXwjgihf+oe2YSnIQVZIDz1RfHqEgVkeuzQ
N1WO1p4tc0luz5oRmUPkWlOV7qANDn/obkLw2oCqxZTPOdu0q8066yg9+aGHstCX
ZbHPPaZAG4Nl+GrjMVuswZFYrH8IbPHUueew28vEx6IiqkjsbFFSNyPGZLiG4Lk1
wF7yAL46yd10Pj6EKahq5S4uFvYav5q682zueKqrz0/KCBhF5zAXBQuj94OTJqF8
XX6AAc5M2i3QYwPDYrHjBXm+RmuMnjh3/wTptQjiQpeUDwJh6okvoSQ6XQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHR52pDZ6bNRaYJYkWV8p9XpH4NjMB8GA1UdIwQY
MBaAFDsPN/Q6JoNC6vD+xTlgY0CQtbG3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3c4MzlEb21nMExxOFA3Rk9XQmpRSkMxc2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wNGY3MzYtMzcxMy00MGJhLThjMDgt
OWFlOTAwZGY0Zjg4LzEvZEhuYWtObnBzMUZwZ2xpUlpYeW4xZWtmZzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wNGY3MzYtMzcxMy00MGJhLThjMDgtOWFlOTAwZGY0Zjg4
LzEvT3c4MzlEb21nMExxOFA3Rk9XQmpRSkMxc2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgOewPwC
AwcAKgOewPwPMA0GCSqGSIb3DQEBCwUAA4IBAQBpdBLRgezevuAFxXlR8ZCuq/vw
UJdjThVLl+PViz00TENcazqS1fScvBaxZZ2W9SmdOMBZogAFmzGN9v6i7h1DBhnq
mu5pjZXTDTEyY0tOtmU1bLntumMKMGxR17M55uzb1f6gjMbjccO7Kw7mB8fxBemq
VD+A8NMZB9vZdae4TN+9lj1hk8kAgbQD1cL+AdebIwa4tulwZoiTsAxemSBCROFX
IoNJBPnnPhwfOAecnUqrrOleULGguQztIJDBxET5OMjrh2HpRnEtDOD/yZVwg07R
hCqCQH1JAFpNVTogQOlQQ92p0lv3iYS0UTOj6BZrLoYeIKzCUjzU889EnsOw
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:38:02 2025 by rpki-client