Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/23nllRBkqkC_lonjG4YvQHi5tTA.roa
File: 23nllRBkqkC_lonjG4YvQHi5tTA.roa (raw, json)
Hash identifier: 0QjYfQLw+oopx+WKaucQusTs/n5f5Esel+wHpZp8frc=
Subject key identifier: DB:79:E5:95:10:64:AA:40:BF:96:89:E3:1B:86:2F:40:78:B9:B5:30
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0193DAC41618CCA8DD11F43D42FCB9182912
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/23nllRBkqkC_lonjG4YvQHi5tTA.roa
Signing time: Wed 18 Dec 2024 17:15:03 +0000
ROA not before: Wed 18 Dec 2024 17:15:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206873
IP address blocks: 2a06:d645::/32 maxlen: 32
2a0a:b386::/32 maxlen: 32
2a0d:afc3::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:c4:16:18:cc:a8:dd:11:f4:3d:42:fc:b9:18:29:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Dec 18 17:15:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db79e5951064aa40bf9689e31b862f4078b9b530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:c1:8e:a4:e2:6c:9a:55:b9:be:0b:a4:e0:
1a:2b:c5:db:22:f5:80:37:52:30:41:dd:17:fe:bb:
d3:72:d0:8a:59:05:10:ed:17:b1:b1:00:58:45:23:
86:2c:7e:07:a4:3a:46:fb:49:e0:c5:cf:ba:ca:c0:
0b:b4:87:ac:06:7c:6f:e0:38:b5:4b:a4:f6:09:02:
44:8e:36:81:bc:03:0e:ce:43:41:fa:2f:e6:44:b5:
f1:70:be:0d:d7:05:72:53:96:09:33:9a:ce:1b:88:
7e:83:5b:64:04:2e:17:3f:21:a2:18:3e:14:2a:c6:
f3:0b:29:7d:b8:a5:5c:e8:78:66:87:63:11:8b:5a:
d5:7e:2a:41:9b:03:45:10:61:c1:75:91:3d:84:e9:
57:d1:a7:a1:d6:24:93:6f:84:85:26:10:25:a9:e0:
73:4f:94:21:7e:08:4a:e3:1f:cf:6c:d5:47:11:cc:
19:f3:49:52:1f:52:92:98:31:e6:62:f5:e2:bc:ee:
59:ee:2f:5c:26:df:75:91:65:d1:5b:e9:e2:76:35:
8d:02:ea:b7:23:74:62:68:27:99:af:98:fb:b6:aa:
d7:79:3a:50:35:3a:08:f6:7c:24:7b:9a:1a:18:ec:
97:10:d8:8a:b0:14:26:76:5e:15:25:7f:aa:83:cf:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:79:E5:95:10:64:AA:40:BF:96:89:E3:1B:86:2F:40:78:B9:B5:30
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/23nllRBkqkC_lonjG4YvQHi5tTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d645::/32
2a0a:b386::/32
2a0d:afc3::/32
Signature Algorithm: sha256WithRSAEncryption
66:cc:85:55:c1:13:00:aa:50:77:0b:3e:cf:ee:69:a0:00:e8:
90:51:96:4b:47:38:c5:07:27:c7:a2:75:aa:77:c2:7f:b7:fd:
a8:66:53:0e:a7:49:94:81:14:0d:29:78:65:bc:95:82:1f:c1:
93:58:0c:f5:2f:03:27:49:7a:ec:86:90:b5:41:43:33:96:44:
f2:41:a3:d9:2d:8c:3e:25:b9:73:ba:b8:9a:1a:b9:2e:6c:6c:
a0:84:35:64:91:ee:62:54:95:12:33:a5:fd:6b:c8:19:1b:41:
f1:d3:ef:19:59:c7:46:98:8d:86:92:8b:47:3a:79:4d:2b:57:
f0:3b:fb:5b:6b:06:bd:a3:f3:ed:a1:40:34:c9:57:50:9d:ec:
2a:f2:11:64:d5:88:a6:da:92:72:ad:72:0a:c7:f5:83:45:ee:
33:01:39:4f:64:7b:7e:5c:42:f0:1a:77:67:16:94:9c:4a:b1:
1e:18:35:6b:65:34:ed:d1:66:45:3a:a2:f5:48:64:9e:29:06:
07:8c:20:86:42:ce:55:80:f0:3b:4d:11:56:14:d1:6b:6a:aa:
8b:5f:b4:1a:33:d3:70:90:44:e1:ce:f2:12:70:1a:c5:dc:2c:
ff:4b:58:c9:fa:70:e2:74:6f:e0:78:32:53:3c:ca:a7:cc:d4:
3c:1b:68:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPaxBYYzKjdEfQ9Qvy5GCkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMjE4MTcxNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc5ZTU5NTEwNjRhYTQwYmY5Njg5ZTMxYjg2MmY0MDc4YjliNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nPBjqTibJpVub4LpOAaK8XbIvWA
N1IwQd0X/rvTctCKWQUQ7RexsQBYRSOGLH4HpDpG+0ngxc+6ysALtIesBnxv4Di1
S6T2CQJEjjaBvAMOzkNB+i/mRLXxcL4N1wVyU5YJM5rOG4h+g1tkBC4XPyGiGD4U
KsbzCyl9uKVc6Hhmh2MRi1rVfipBmwNFEGHBdZE9hOlX0aeh1iSTb4SFJhAlqeBz
T5QhfghK4x/PbNVHEcwZ80lSH1KSmDHmYvXivO5Z7i9cJt91kWXRW+nidjWNAuq3
I3RiaCeZr5j7tqrXeTpQNToI9nwke5oaGOyXENiKsBQmdl4VJX+qg881kQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNt55ZUQZKpAv5aJ4xuGL0B4ubUwMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMjNubGxSQmtxa0NfbG9uakc0WXZRSGk1dFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgbWRQMF
ACoKs4YDBQAqDa/DMA0GCSqGSIb3DQEBCwUAA4IBAQBmzIVVwRMAqlB3Cz7P7mmg
AOiQUZZLRzjFByfHonWqd8J/t/2oZlMOp0mUgRQNKXhlvJWCH8GTWAz1LwMnSXrs
hpC1QUMzlkTyQaPZLYw+JblzuriaGrkubGyghDVkke5iVJUSM6X9a8gZG0Hx0+8Z
WcdGmI2GkotHOnlNK1fwO/tbawa9o/PtoUA0yVdQnewq8hFk1Yim2pJyrXIKx/WD
Re4zATlPZHt+XELwGndnFpScSrEeGDVrZTTt0WZFOqL1SGSeKQYHjCCGQs5VgPA7
TRFWFNFraqqLX7QaM9NwkEThzvIScBrF3Cz/S1jJ+nDidG/geDJTPMqnzNQ8G2g3
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:40:50 2025 by rpki-client