Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/9rNpUbLwKA3gYn0hqgoutw3fV-Q.roa
File: 9rNpUbLwKA3gYn0hqgoutw3fV-Q.roa (raw, json)
Hash identifier: TVUr3ENRWy3Rj1ZGSC9LwooUXRSPARD9upMwIkPr6j8=
Subject key identifier: F6:B3:69:51:B2:F0:28:0D:E0:62:7D:21:AA:0A:2E:B7:0D:DF:57:E4
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018E89AB3F3CE8FF39A46FD7FE2855291210
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/9rNpUbLwKA3gYn0hqgoutw3fV-Q.roa
Signing time: Fri 29 Mar 2024 10:04:45 +0000
ROA not before: Fri 29 Mar 2024 10:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a0a:b380::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Dec 2024 09:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:ab:3f:3c:e8:ff:39:a4:6f:d7:fe:28:55:29:12:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 29 10:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6b36951b2f0280de0627d21aa0a2eb70ddf57e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:3d:c9:23:ac:05:5e:aa:98:b0:5d:88:e3:
b1:46:49:41:73:be:4c:dc:e7:49:79:e5:09:0b:0b:
19:8a:aa:84:a3:d3:aa:8f:b0:78:18:5b:9b:3d:77:
ba:f3:14:5f:c0:89:f4:2a:f4:2b:74:bc:43:3f:38:
f2:8d:9e:38:b8:03:f9:c3:95:e3:78:94:e9:8b:dd:
09:83:cb:0a:e8:6d:53:40:0a:f6:c8:5e:9e:f4:e0:
70:c5:04:64:0e:50:af:3e:4a:1e:ba:81:95:1e:fe:
88:c6:0f:70:9b:f0:94:c8:75:ce:bf:5f:95:e9:6b:
76:98:f7:9a:68:e6:14:ee:38:c8:77:c4:8e:fc:3f:
0d:f5:93:77:92:4d:6c:4b:23:ce:3c:0c:2c:81:2f:
13:46:24:3f:cc:e8:81:33:5a:38:0d:c4:ae:0b:bd:
a6:6a:84:d9:84:b3:8e:f5:c0:8e:78:3c:cf:89:5c:
23:25:44:fc:03:d4:f6:11:3f:34:c8:df:35:fb:7e:
6f:17:64:ee:94:f8:37:a8:17:be:b8:15:b2:40:4a:
cf:18:6d:28:c1:2f:7c:a2:25:f1:b1:65:41:b7:15:
bf:46:e2:f8:46:5f:7e:0d:c8:84:04:dc:3e:11:68:
19:47:6a:f8:37:f7:a4:d6:04:5d:5b:87:63:b5:ef:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B3:69:51:B2:F0:28:0D:E0:62:7D:21:AA:0A:2E:B7:0D:DF:57:E4
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/9rNpUbLwKA3gYn0hqgoutw3fV-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b380::/32
Signature Algorithm: sha256WithRSAEncryption
57:64:57:93:8d:80:24:39:83:33:67:7b:dc:5d:74:6f:85:97:
db:da:00:7f:03:5d:95:55:02:65:34:cf:45:c3:f8:33:fd:a5:
26:7e:39:f7:c7:a2:ec:e9:f3:9c:63:da:1b:af:49:5e:4b:d2:
5d:cd:3b:47:7b:8a:28:fd:d1:7d:3f:d2:68:f4:c7:2a:81:53:
be:65:31:4b:5d:98:98:10:f4:35:80:ef:96:af:5e:a8:4b:fe:
3b:9a:30:52:97:47:63:1c:1c:df:0e:51:b6:ed:b3:09:65:a2:
49:40:96:30:fc:a3:d0:22:f1:60:95:92:a0:f6:47:b7:e4:53:
27:66:d8:ea:2b:11:28:33:38:de:0d:f2:0d:14:9a:2d:20:22:
d9:56:ad:26:e8:d7:55:a2:86:a0:cf:a0:e4:1a:9d:f1:ee:62:
e8:a3:ee:31:30:2d:26:85:e4:1e:70:db:76:22:fc:e7:d0:66:
a7:34:e7:37:42:f5:94:7f:06:e8:3f:17:33:be:78:b8:15:e9:
19:e0:f8:17:18:12:99:d6:02:14:9a:81:d1:86:6e:6d:84:20:
8d:7f:b1:89:9a:e3:52:78:be:64:06:9a:6c:c1:ec:d7:fe:08:
cd:bd:26:d8:19:ef:ad:72:f5:06:ef:5f:a6:7f:27:bb:9b:d9:
02:e6:15:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY6Jqz886P85pG/X/ihVKRIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMzI5MTAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmIzNjk1MWIyZjAyODBkZTA2MjdkMjFhYTBhMmViNzBkZGY1N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZA9ySOsBV6qmLBdiOOxRklBc75M
3OdJeeUJCwsZiqqEo9Oqj7B4GFubPXe68xRfwIn0KvQrdLxDPzjyjZ44uAP5w5Xj
eJTpi90Jg8sK6G1TQAr2yF6e9OBwxQRkDlCvPkoeuoGVHv6Ixg9wm/CUyHXOv1+V
6Wt2mPeaaOYU7jjId8SO/D8N9ZN3kk1sSyPOPAwsgS8TRiQ/zOiBM1o4DcSuC72m
aoTZhLOO9cCOeDzPiVwjJUT8A9T2ET80yN81+35vF2TulPg3qBe+uBWyQErPGG0o
wS98oiXxsWVBtxW/RuL4Rl9+DciEBNw+EWgZR2r4N/ek1gRdW4djte9uRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPazaVGy8CgN4GJ9IaoKLrcN31fkMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvOXJOcFViTHdLQTNnWW4waHFnb3V0dzNmVi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgqzgDAN
BgkqhkiG9w0BAQsFAAOCAQEAV2RXk42AJDmDM2d73F10b4WX29oAfwNdlVUCZTTP
RcP4M/2lJn4598ei7OnznGPaG69JXkvSXc07R3uKKP3RfT/SaPTHKoFTvmUxS12Y
mBD0NYDvlq9eqEv+O5owUpdHYxwc3w5Rtu2zCWWiSUCWMPyj0CLxYJWSoPZHt+RT
J2bY6isRKDM43g3yDRSaLSAi2VatJujXVaKGoM+g5Bqd8e5i6KPuMTAtJoXkHnDb
diL859BmpzTnN0L1lH8G6D8XM754uBXpGeD4FxgSmdYCFJqB0YZubYQgjX+xiZrj
Uni+ZAaabMHs1/4Izb0m2BnvrXL1Bu9fpn8nu5vZAuYVUQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:08 2025 by rpki-client