Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/qM6IFv0xz_ykGOOztv0rfUJV79M.roa
File: qM6IFv0xz_ykGOOztv0rfUJV79M.roa (raw, json)
Hash identifier: yz19uFFXJHGQUF2Wahrf3sPgBzcdergv4ijjAUXAUuM=
Subject key identifier: A8:CE:88:16:FD:31:CF:FC:A4:18:E3:B3:B6:FD:2B:7D:42:55:EF:D3
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A79C0D5AB579A5EC90EE5958C3CEDE59
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/qM6IFv0xz_ykGOOztv0rfUJV79M.roa
Signing time: Sun 08 Dec 2024 18:50:42 +0000
ROA not before: Sun 08 Dec 2024 18:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 2001:67c:1874::/48 maxlen: 48
2a0d:c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Dec 2024 18:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a7:9c:0d:5a:b5:79:a5:ec:90:ee:59:58:c3:ce:de:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 8 18:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ce8816fd31cffca418e3b3b6fd2b7d4255efd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:97:f5:e5:98:e7:cf:a9:65:e2:f9:a8:60:81:
e3:41:3e:0b:26:e3:3e:f2:f0:99:e0:26:da:43:91:
1b:5e:9f:dd:51:bf:1e:16:51:e0:0c:d0:bf:ee:29:
7f:46:9b:7f:c9:4d:77:1a:db:24:27:97:e5:b9:34:
02:17:59:57:16:1e:8f:63:f9:39:78:ee:7a:1a:ed:
c5:dd:dd:49:cf:07:b1:3b:db:e3:58:71:9c:95:64:
87:a4:cb:73:09:54:b9:32:0c:1d:61:72:13:c7:34:
b0:2d:1f:28:07:c6:3f:b1:b1:8b:60:51:44:a0:ae:
04:f9:7b:4c:75:3f:e5:32:25:bb:13:5c:d8:e7:12:
82:02:7e:7b:c6:b3:ef:60:67:5d:61:4b:88:73:39:
b7:8f:04:c3:ab:19:23:97:01:ca:e5:44:f3:22:33:
0c:a1:ca:13:eb:16:2f:ef:2f:7f:6a:1c:9a:a3:b9:
96:00:4e:1f:04:97:e0:00:e9:5f:ec:8e:8c:6c:7c:
70:1e:ac:e2:1b:9b:3f:71:14:6b:32:51:0b:b6:06:
d5:32:68:81:1d:f5:70:49:a2:16:cf:e3:b0:f9:56:
dc:17:92:1b:ff:9e:de:50:d2:e1:6e:fd:d4:31:98:
d6:06:c6:5f:37:93:9e:47:87:7c:59:3f:b0:06:3b:
f6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CE:88:16:FD:31:CF:FC:A4:18:E3:B3:B6:FD:2B:7D:42:55:EF:D3
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/qM6IFv0xz_ykGOOztv0rfUJV79M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1874::/48
2a0d:c00::/29
Signature Algorithm: sha256WithRSAEncryption
8d:21:e6:24:32:79:2e:a2:c5:55:87:0c:b0:88:ea:c4:e7:a0:
3b:3a:8e:3c:8c:26:30:43:dd:3c:82:0e:1c:bc:43:4d:44:52:
93:ed:98:81:a5:71:b0:90:a4:c1:9f:a4:4c:02:73:72:22:9a:
39:07:78:eb:62:c7:4e:f0:bf:6d:89:45:57:8a:a6:73:a6:58:
15:76:b4:5b:2d:0d:b4:5c:83:72:26:57:35:b5:39:89:95:22:
9b:cd:92:29:ad:c3:dd:7e:68:b4:ac:d2:fa:d5:c2:9a:e5:10:
2c:29:75:68:ad:31:70:e8:52:a6:61:8b:3a:90:b2:ef:d9:fc:
8a:7a:ee:58:99:ae:4f:4d:d3:43:64:02:0e:28:b4:ac:5d:ce:
0a:89:1e:05:38:a6:dd:27:c0:84:d2:e3:44:5f:80:6b:17:2c:
a8:d3:73:d2:aa:78:a9:52:78:1b:1d:4b:d4:5f:ca:56:2f:3e:
fa:26:ed:77:ac:b6:34:33:e1:86:91:31:15:41:a2:af:bc:04:
06:77:59:5b:bb:61:4d:92:8a:61:9d:72:81:0f:90:8d:4b:3e:
be:2b:3d:47:aa:a7:f5:8a:fe:85:4b:e5:db:c3:9e:e9:ae:94:
7b:a7:5c:c2:64:a0:40:94:39:0a:dc:9f:33:9e:f7:eb:39:fc:
1b:bc:8a:3b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZOnnA1atXml7JDuWVjDzt5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA4MTg1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNlODgxNmZkMzFjZmZjYTQxOGUzYjNiNmZkMmI3ZDQyNTVlZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Zf15Zjnz6ll4vmoYIHjQT4LJuM+
8vCZ4CbaQ5EbXp/dUb8eFlHgDNC/7il/Rpt/yU13GtskJ5fluTQCF1lXFh6PY/k5
eO56Gu3F3d1JzwexO9vjWHGclWSHpMtzCVS5MgwdYXITxzSwLR8oB8Y/sbGLYFFE
oK4E+XtMdT/lMiW7E1zY5xKCAn57xrPvYGddYUuIczm3jwTDqxkjlwHK5UTzIjMM
ocoT6xYv7y9/ahyao7mWAE4fBJfgAOlf7I6MbHxwHqziG5s/cRRrMlELtgbVMmiB
HfVwSaIWz+Ow+VbcF5Ib/57eUNLhbv3UMZjWBsZfN5OeR4d8WT+wBjv2rwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFKjOiBb9Mc/8pBjjs7b9K31CVe/TMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvcU02SUZ2MHh6X3lrR09PenR2MHJmVUpWNzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEGfBh0
AwUDKg0MADANBgkqhkiG9w0BAQsFAAOCAQEAjSHmJDJ5LqLFVYcMsIjqxOegOzqO
PIwmMEPdPIIOHLxDTURSk+2YgaVxsJCkwZ+kTAJzciKaOQd462LHTvC/bYlFV4qm
c6ZYFXa0Wy0NtFyDciZXNbU5iZUim82SKa3D3X5otKzS+tXCmuUQLCl1aK0xcOhS
pmGLOpCy79n8inruWJmuT03TQ2QCDii0rF3OCokeBTim3SfAhNLjRF+AaxcsqNNz
0qp4qVJ4Gx1L1F/KVi8++ibtd6y2NDPhhpExFUGir7wEBndZW7thTZKKYZ1ygQ+Q
jUs+vis9R6qn9Yr+hUvl28Oe6a6Ue6dcwmSgQJQ5CtyfM5736zn8G7yKOw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:29:04 2025 by rpki-client