Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SD2kO57mDZaXlDWIYkyxmiruAkI.roa
File: SD2kO57mDZaXlDWIYkyxmiruAkI.roa (raw, json)
Hash identifier: ZNmBVNcTZkFhqM0GTV1ODDXtutriH3V3oWGNunwXEUw=
Subject key identifier: 48:3D:A4:3B:9E:E6:0D:96:97:94:35:88:62:4C:B1:9A:2A:EE:02:42
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01936ECC690CDC391B1BED726615CE74D5FF
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SD2kO57mDZaXlDWIYkyxmiruAkI.roa
Signing time: Wed 27 Nov 2024 18:05:10 +0000
ROA not before: Wed 27 Nov 2024 18:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a06:d646::/32 maxlen: 32
2a09:e302::/32 maxlen: 32
2a09:e306::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a09:ef02::/32 maxlen: 32
2a09:ef05::/32 maxlen: 32
2a09:ef07::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0b:9001::/32 maxlen: 32
2a0b:9005::/32 maxlen: 32
2a0d:3c42::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:95c1::/32 maxlen: 32
2a0d:95c2::/32 maxlen: 32
2a0d:95c5::/32 maxlen: 32
2a0d:afc0::/32 maxlen: 32
2a0d:afc6::/32 maxlen: 32
2a0d:c105::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
2a0f:3105::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Nov 2024 08:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:cc:69:0c:dc:39:1b:1b:ed:72:66:15:ce:74:d5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Nov 27 18:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=483da43b9ee60d9697943588624cb19a2aee0242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e2:1b:24:e5:15:79:4b:84:6c:29:a3:48:98:
41:f8:f9:21:1d:05:27:a6:cb:8a:f8:34:75:cb:5a:
f8:aa:54:8e:e5:12:f3:b8:ad:c4:bf:b2:ec:b8:ba:
66:06:17:c1:72:ed:be:dc:41:7b:5d:22:58:8b:8b:
a1:79:87:7b:40:8f:3f:12:aa:24:e5:3d:18:d7:f8:
88:dd:e4:e5:10:a3:71:e1:91:48:5a:6f:f7:db:c8:
e8:52:d2:39:0b:5e:90:1a:29:6e:bf:cb:c3:ca:c6:
7c:96:d3:a2:fe:59:a2:c1:1d:a4:66:5c:e7:8c:e0:
76:5e:7f:a6:be:f9:85:77:a1:17:c5:af:26:73:f7:
a4:10:79:ec:fc:60:04:1b:a4:50:20:85:1f:66:d8:
eb:a0:da:24:32:b6:90:e9:e1:99:06:4c:18:00:78:
6c:75:64:6b:c1:f1:c7:38:76:34:18:34:03:83:11:
47:ac:9b:a2:2c:66:36:36:ee:98:47:52:c4:ed:4a:
98:97:99:e2:ce:f3:0b:ae:91:e3:17:4e:a3:37:04:
14:e4:96:40:f9:f0:83:1b:ee:9e:76:b5:09:0b:33:
03:9e:0b:44:97:e0:5b:61:2f:63:91:22:2b:00:b7:
20:b8:ac:64:06:ec:dc:f0:72:f4:52:11:15:d0:78:
59:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3D:A4:3B:9E:E6:0D:96:97:94:35:88:62:4C:B1:9A:2A:EE:02:42
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/SD2kO57mDZaXlDWIYkyxmiruAkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a06:d646::/32
2a09:e302::/32
2a09:e306::/32
2a09:ef01::-2a09:ef02:ffff:ffff:ffff:ffff:ffff:ffff
2a09:ef05::/32
2a09:ef07::/32
2a0a:b385::/32
2a0b:9001::/32
2a0b:9005::/32
2a0d:3c42::/32
2a0d:3c44::/32
2a0d:95c1::-2a0d:95c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:95c5::/32
2a0d:afc0::/32
2a0d:afc6::/32
2a0d:c105::/32
2a0f:3102::/32
2a0f:3105::/32
Signature Algorithm: sha256WithRSAEncryption
28:92:07:8f:a4:1c:e4:9c:00:56:1f:7a:0c:cc:71:56:96:18:
35:e0:c0:96:31:42:f0:8c:67:de:f0:30:69:33:e9:d8:32:c5:
81:b3:53:16:4f:9f:73:bc:db:c0:98:cc:b1:81:60:a1:32:03:
79:72:c5:51:c8:06:32:5a:c5:d1:fa:db:4b:8b:31:5e:b4:74:
f8:e3:a5:3b:88:15:db:32:19:94:c9:b4:df:e8:6f:17:f7:a2:
54:b2:d5:54:cf:dd:28:4c:1d:38:c2:77:10:8d:49:f4:de:fe:
d0:5e:1f:d8:5e:d2:3f:76:6f:9a:da:4d:e6:b4:92:14:5f:a0:
0c:3e:ca:ff:2d:5b:12:6e:95:b1:14:aa:01:40:76:c3:1a:e7:
75:d0:3e:3b:37:3f:59:dd:34:13:bb:d8:a0:43:69:10:09:27:
6e:a6:59:71:1b:8e:33:3a:5a:d1:1c:85:89:34:7f:64:56:fa:
3e:01:ea:22:ef:ec:4f:ba:39:9c:ee:08:7b:55:57:86:5a:4e:
bc:99:71:65:e1:ba:bf:68:e5:da:69:5f:9d:e0:ab:9a:3d:af:
3a:cd:96:41:be:bd:07:37:2c:1e:77:69:a7:0a:fe:4e:76:96:
dc:23:39:b5:d5:0e:bc:e1:eb:7e:21:00:d4:16:8b:fe:ee:5f:
02:03:3c:81
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZNuzGkM3DkbG+1yZhXOdNX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMTI3MTgwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNkYTQzYjllZTYwZDk2OTc5NDM1ODg2MjRjYjE5YTJhZWUwMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeIbJOUVeUuEbCmjSJhB+PkhHQUn
psuK+DR1y1r4qlSO5RLzuK3Ev7LsuLpmBhfBcu2+3EF7XSJYi4uheYd7QI8/Eqok
5T0Y1/iI3eTlEKNx4ZFIWm/328joUtI5C16QGiluv8vDysZ8ltOi/lmiwR2kZlzn
jOB2Xn+mvvmFd6EXxa8mc/ekEHns/GAEG6RQIIUfZtjroNokMraQ6eGZBkwYAHhs
dWRrwfHHOHY0GDQDgxFHrJuiLGY2Nu6YR1LE7UqYl5nizvMLrpHjF06jNwQU5JZA
+fCDG+6edrUJCzMDngtEl+BbYS9jkSIrALcguKxkBuzc8HL0UhEV0HhZwQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFEg9pDue5g2Wl5Q1iGJMsZoq7gJCMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvU0Qya081N21EWmFYbERXSVlreXhtaXJ1QWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAIwgZcDBQAq
BtZAAwUAKgbWRgMFACoJ4wIDBQAqCeMGMA4DBQAqCe8BAwUAKgnvAgMFACoJ7wUD
BQAqCe8HAwUAKgqzhQMFACoLkAEDBQAqC5AFAwUAKg08QgMFACoNPEQwDgMFACoN
lcEDBQAqDZXCAwUAKg2VxQMFACoNr8ADBQAqDa/GAwUAKg3BBQMFACoPMQIDBQAq
DzEFMA0GCSqGSIb3DQEBCwUAA4IBAQAokgePpBzknABWH3oMzHFWlhg14MCWMULw
jGfe8DBpM+nYMsWBs1MWT59zvNvAmMyxgWChMgN5csVRyAYyWsXR+ttLizFetHT4
46U7iBXbMhmUybTf6G8X96JUstVUz90oTB04wncQjUn03v7QXh/YXtI/dm+a2k3m
tJIUX6AMPsr/LVsSbpWxFKoBQHbDGud10D47Nz9Z3TQTu9igQ2kQCSdupllxG44z
OlrRHIWJNH9kVvo+Aeoi7+xPujmc7gh7VVeGWk68mXFl4bq/aOXaaV+d4KuaPa86
zZZBvr0HNywed2mnCv5OdpbcIzm11Q684et+IQDUFov+7l8CAzyB
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:49 2025 by rpki-client