Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/CcKU3WxVTTYuKuYrU3IbTevL0k0.roa
File: CcKU3WxVTTYuKuYrU3IbTevL0k0.roa (raw, json)
Hash identifier: gZvl5q2mHu4+BiX0s/FI2NtuhJLVGvkbyptnDY5Kjlo=
Subject key identifier: 09:C2:94:DD:6C:55:4D:36:2E:2A:E6:2B:53:72:1B:4D:EB:CB:D2:4D
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018F9A5B95F8EC05594141C42B1A4DD1253A
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/CcKU3WxVTTYuKuYrU3IbTevL0k0.roa
Signing time: Tue 21 May 2024 08:54:04 +0000
ROA not before: Tue 21 May 2024 08:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:f40::/29 maxlen: 29
2a13:80c0::/29 maxlen: 32
2a13:9240::/29 maxlen: 32
2a13:92c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:5b:95:f8:ec:05:59:41:41:c4:2b:1a:4d:d1:25:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: May 21 08:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c294dd6c554d362e2ae62b53721b4debcbd24d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:80:d7:6c:54:65:85:70:25:aa:20:41:4d:cb:
dc:db:63:86:39:57:45:2b:ea:9e:5c:9c:e5:a0:5e:
05:a8:0f:64:70:99:36:0e:45:15:92:6b:41:55:5e:
5b:1a:e0:52:80:10:52:51:58:03:00:49:b5:9a:ad:
cb:4e:ff:29:c3:24:59:f1:1b:1a:06:a7:5a:31:bc:
25:d9:5f:38:5d:db:ca:f8:9e:97:43:c4:e5:3c:7a:
03:da:eb:9d:8b:07:fc:c1:31:6e:f0:59:f8:a0:44:
af:4a:4b:7d:f2:be:66:8a:c7:a9:ad:7c:a1:b8:51:
c0:6d:d8:05:3c:24:8e:5f:e9:fb:7c:d9:02:8a:1a:
37:dd:21:47:3c:b2:9f:3f:d7:b5:c1:03:61:d3:ac:
4f:f5:41:e7:b9:30:5f:0d:1a:2e:90:45:fb:ff:77:
25:6c:95:b1:ee:60:b9:90:96:c7:7c:5f:43:26:f0:
c3:67:e8:18:80:81:02:77:51:97:98:d2:39:2c:fe:
27:0f:24:85:c8:4f:57:79:b1:61:c1:1f:5d:3b:a2:
eb:44:25:db:62:ba:5f:6c:fd:3e:f1:dd:74:33:75:
63:be:a7:4e:e0:61:5b:4a:0d:73:99:f1:77:01:a5:
2c:aa:04:a4:17:41:a2:8a:10:00:4d:4f:7b:66:80:
70:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C2:94:DD:6C:55:4D:36:2E:2A:E6:2B:53:72:1B:4D:EB:CB:D2:4D
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/CcKU3WxVTTYuKuYrU3IbTevL0k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f40::/29
2a13:80c0::/29
2a13:9240::/29
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:22:87:f1:7f:47:39:8a:00:64:db:2b:38:78:2c:38:88:05:
64:f6:8f:2f:0a:61:cb:25:e9:8b:fe:f4:a8:18:ec:6f:06:14:
92:0d:79:61:2a:46:f0:8f:e6:53:ff:1b:92:ba:1a:82:53:8c:
c8:fb:2b:3d:11:f9:cc:cc:50:16:81:a9:7f:d0:0d:d5:82:9a:
35:1e:38:bf:48:3f:d8:a9:30:a8:5d:b5:ff:17:5d:ac:e0:b5:
39:e6:c3:0d:c8:eb:d3:b9:e9:bd:10:7a:4f:51:31:e9:b0:57:
99:62:25:04:7e:23:17:fa:86:a4:0d:d7:68:3a:86:42:6b:4c:
ee:14:95:0f:1e:c3:0f:af:96:76:b7:93:0a:68:b9:0b:fd:06:
12:a4:89:dc:13:e0:55:d8:02:5f:c4:c1:26:fb:a9:1d:53:46:
09:b4:0d:90:25:ca:81:ac:44:5c:53:8e:0f:99:fa:69:99:fe:
5a:c3:e4:0a:43:b9:10:97:d8:08:33:d3:c0:6e:7a:f5:fb:25:
e0:e8:c4:21:88:1a:e3:1f:92:4a:ae:e6:e1:26:d0:6b:fc:48:
3f:dc:47:f7:a0:9a:74:da:2a:23:d3:3f:1a:ef:e2:42:78:46:
ce:61:ab:23:ad:97:7e:58:3f:7a:cd:d4:b9:b5:77:40:ed:b2:
ef:03:c5:a6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY+aW5X47AVZQUHEKxpN0SU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjQwNTIxMDg1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMyOTRkZDZjNTU0ZDM2MmUyYWU2MmI1MzcyMWI0ZGViY2JkMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYDXbFRlhXAlqiBBTcvc22OGOVdF
K+qeXJzloF4FqA9kcJk2DkUVkmtBVV5bGuBSgBBSUVgDAEm1mq3LTv8pwyRZ8Rsa
BqdaMbwl2V84XdvK+J6XQ8TlPHoD2uudiwf8wTFu8Fn4oESvSkt98r5miseprXyh
uFHAbdgFPCSOX+n7fNkCiho33SFHPLKfP9e1wQNh06xP9UHnuTBfDRoukEX7/3cl
bJWx7mC5kJbHfF9DJvDDZ+gYgIECd1GXmNI5LP4nDySFyE9XebFhwR9dO6LrRCXb
YrpfbP0+8d10M3VjvqdO4GFbSg1zmfF3AaUsqgSkF0GiihAATU97ZoBw+wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAnClN1sVU02LirmK1NyG03ry9JNMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvQ2NLVTNXeFZUVFl1S3VZclUzSWJUZXZMMGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0PQAMF
AyoTgMADBQMqE5JAAwUDKhOSwDANBgkqhkiG9w0BAQsFAAOCAQEAeCKH8X9HOYoA
ZNsrOHgsOIgFZPaPLwphyyXpi/70qBjsbwYUkg15YSpG8I/mU/8bkroaglOMyPsr
PRH5zMxQFoGpf9AN1YKaNR44v0g/2KkwqF21/xddrOC1OebDDcjr07npvRB6T1Ex
6bBXmWIlBH4jF/qGpA3XaDqGQmtM7hSVDx7DD6+WdreTCmi5C/0GEqSJ3BPgVdgC
X8TBJvupHVNGCbQNkCXKgaxEXFOOD5n6aZn+WsPkCkO5EJfYCDPTwG569fsl4OjE
IYga4x+SSq7m4SbQa/xIP9xH96CadNoqI9M/Gu/iQnhGzmGrI62Xflg/es3UubV3
QO2y7wPFpg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:08:13 2025 by rpki-client