Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TDK89uxLZ4i22kTjPdSAfNexy8w.roa
File: TDK89uxLZ4i22kTjPdSAfNexy8w.roa (raw, json)
Hash identifier: kRJuzmCMwHZXpll8CbaGI9Btj9F8G438aGON942gMBk=
Subject key identifier: 4C:32:BC:F6:EC:4B:67:88:B6:DA:44:E3:3D:D4:80:7C:D7:B1:CB:CC
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01929C026AB554F7F2F95A1F6B50B9EDE7D4
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TDK89uxLZ4i22kTjPdSAfNexy8w.roa
Signing time: Thu 17 Oct 2024 19:44:17 +0000
ROA not before: Thu 17 Oct 2024 19:44:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:afc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 13:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:02:6a:b5:54:f7:f2:f9:5a:1f:6b:50:b9:ed:e7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 17 19:44:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c32bcf6ec4b6788b6da44e33dd4807cd7b1cbcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:ad:ba:e7:ac:ad:ea:fb:03:ef:a8:81:b4:
37:d6:75:91:03:6a:17:de:a6:0e:98:9d:d4:c6:1e:
dd:d9:30:f4:0e:9f:ec:8a:a7:8f:7e:68:a5:67:85:
ad:f3:72:53:8b:c0:5a:b5:7e:e8:42:44:d0:bb:ea:
c6:80:5e:d0:ab:d6:a5:d2:67:9e:cf:01:c2:36:f0:
94:26:b7:32:35:50:77:c1:8e:1c:b8:38:01:b1:49:
ac:68:68:ac:81:e9:49:57:cb:03:a0:36:11:a9:8d:
bc:87:31:d4:3a:39:0b:80:1c:a6:6e:d2:35:ff:c3:
d7:d6:6e:4c:35:da:7b:70:4c:65:4a:a0:53:8b:2b:
c3:89:a5:5b:ba:f4:60:70:b7:93:cf:ad:18:66:f5:
5b:fd:27:00:55:f4:be:39:fe:61:b8:a5:97:19:8b:
45:34:d3:fe:02:38:d3:04:ac:c8:13:1a:60:e6:d7:
02:fc:51:da:0a:9c:b8:1c:ea:2f:6a:49:0c:dd:07:
d8:46:e5:55:23:e3:11:ed:c7:b7:5f:e9:0c:63:21:
8d:fd:fe:a2:cb:24:3b:23:4c:9d:8c:f1:2f:1b:0f:
df:3d:d8:7c:bf:e1:d3:b7:93:39:f8:89:c0:11:41:
e7:3c:18:08:c4:43:12:91:f9:d9:cd:a0:e9:9e:dc:
4e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:32:BC:F6:EC:4B:67:88:B6:DA:44:E3:3D:D4:80:7C:D7:B1:CB:CC
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TDK89uxLZ4i22kTjPdSAfNexy8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:afc2::/32
Signature Algorithm: sha256WithRSAEncryption
d0:17:b4:f5:b4:4c:56:95:7f:0b:f0:1d:e5:88:f5:50:a9:02:
b4:80:72:63:24:68:55:b2:6f:e2:21:6b:f1:27:2f:7f:0c:80:
43:33:c2:44:23:ca:f6:fc:2c:53:e8:c3:f4:3b:f5:39:62:7d:
a4:91:bf:95:b8:55:8d:fb:26:58:51:54:db:ea:14:b7:35:02:
6b:24:87:33:29:88:ef:d3:9e:3e:93:2e:7a:0d:01:86:47:c2:
9f:c6:70:d4:db:32:40:5c:bf:55:cf:83:b3:d5:29:19:1b:64:
63:48:a9:63:78:b4:98:30:e6:14:96:c8:bd:7e:eb:15:b9:bc:
de:d1:04:9e:8f:65:07:38:15:01:03:a3:f0:1e:1d:15:9e:c9:
1f:2c:08:70:90:d9:7f:94:39:65:94:2d:7c:93:5d:e6:87:3a:
12:1d:42:cd:d7:fc:71:50:fd:af:af:1e:03:8b:ce:3c:ed:b8:
ad:76:0f:35:6b:6f:c9:fd:c2:43:fc:73:36:db:0e:c9:80:35:
4c:97:29:f1:44:84:a1:ee:93:a7:12:81:3e:ab:a6:66:e4:ab:
1b:eb:ff:77:81:41:c1:26:8f:7e:a1:8d:aa:03:a2:b0:42:f9:
1e:1e:fe:eb:22:04:8b:a1:b0:aa:c7:ed:5b:dc:7b:ac:fc:12:
e0:7a:54:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKcAmq1VPfy+Vofa1C57efUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDE3MTk0NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMyYmNmNmVjNGI2Nzg4YjZkYTQ0ZTMzZGQ0ODA3Y2Q3YjFjYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnCtuuesrer7A++ogbQ31nWRA2oX
3qYOmJ3Uxh7d2TD0Dp/siqePfmilZ4Wt83JTi8BatX7oQkTQu+rGgF7Qq9al0mee
zwHCNvCUJrcyNVB3wY4cuDgBsUmsaGisgelJV8sDoDYRqY28hzHUOjkLgBymbtI1
/8PX1m5MNdp7cExlSqBTiyvDiaVbuvRgcLeTz60YZvVb/ScAVfS+Of5huKWXGYtF
NNP+AjjTBKzIExpg5tcC/FHaCpy4HOovakkM3QfYRuVVI+MR7ce3X+kMYyGN/f6i
yyQ7I0ydjPEvGw/fPdh8v+HTt5M5+InAEUHnPBgIxEMSkfnZzaDpntxOsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEwyvPbsS2eIttpE4z3UgHzXscvMMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVERLODl1eExaNGkyMmtUalBkU0FmTmV4eTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg2vwjAN
BgkqhkiG9w0BAQsFAAOCAQEA0Be09bRMVpV/C/Ad5Yj1UKkCtIByYyRoVbJv4iFr
8ScvfwyAQzPCRCPK9vwsU+jD9Dv1OWJ9pJG/lbhVjfsmWFFU2+oUtzUCaySHMymI
79OePpMueg0BhkfCn8Zw1NsyQFy/Vc+Ds9UpGRtkY0ipY3i0mDDmFJbIvX7rFbm8
3tEEno9lBzgVAQOj8B4dFZ7JHywIcJDZf5Q5ZZQtfJNd5oc6Eh1Czdf8cVD9r68e
A4vOPO24rXYPNWtvyf3CQ/xzNtsOyYA1TJcp8USEoe6TpxKBPqumZuSrG+v/d4FB
wSaPfqGNqgOisEL5Hh7+6yIEi6GwqsftW9x7rPwS4HpU1A==
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:24:29 2024 by rpki-client on console-fra.rpki-client.org