Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hjcuoGhXwQb2xNxJ26FBZYG_6AM.roa
File: hjcuoGhXwQb2xNxJ26FBZYG_6AM.roa (raw, json)
Hash identifier: 22Yl1L8nHnwCxMoo5HmYG4+iH5XTR7uQJPm9R1Gptbo=
Subject key identifier: 86:37:2E:A0:68:57:C1:06:F6:C4:DC:49:DB:A1:41:65:81:BF:E8:03
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0193A21FA27583D723E57EF05D9DC404B9F4
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hjcuoGhXwQb2xNxJ26FBZYG_6AM.roa
Signing time: Sat 07 Dec 2024 17:16:42 +0000
ROA not before: Sat 07 Dec 2024 17:16:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206873
IP address blocks: 2a06:d645::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Dec 2024 11:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:1f:a2:75:83:d7:23:e5:7e:f0:5d:9d:c4:04:b9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Dec 7 17:16:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86372ea06857c106f6c4dc49dba1416581bfe803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:84:d8:61:12:89:f8:ba:b7:07:43:1c:2b:
ab:43:6b:8e:0c:d6:ba:aa:0b:90:cf:f4:40:57:c5:
a2:95:b4:4e:bb:3c:5e:c6:f7:1f:43:a1:d7:bd:82:
e1:e1:e5:0f:4f:aa:ff:eb:7a:9b:f2:1b:bf:4b:f3:
37:f2:cd:c6:b8:aa:ce:d4:01:51:e5:59:10:97:a5:
b9:01:a0:4d:3c:7d:dc:63:68:54:38:69:1b:cb:00:
77:9e:cf:da:10:ed:98:64:b3:58:4a:be:cb:53:83:
66:c2:8a:01:45:8f:af:d7:d7:ea:be:33:4a:a4:46:
e0:b6:94:08:9f:c9:09:90:ab:9a:64:b0:40:81:9e:
29:63:83:73:8c:a0:09:61:e1:5b:7e:52:30:74:b4:
e0:25:65:95:87:29:aa:be:64:ec:c4:ce:c0:01:e3:
5b:94:55:38:d5:79:6a:13:63:5d:9c:61:d3:79:35:
b0:82:54:b8:78:00:ae:50:ab:89:a8:fe:19:9d:a0:
36:f9:ed:b8:31:37:f0:1a:fb:6b:87:18:24:17:a7:
4a:dc:62:c2:aa:31:56:9c:ff:c7:6a:b1:60:9e:da:
2e:02:41:fa:11:00:19:89:d9:47:a7:55:24:ef:59:
f1:d3:41:f5:5f:ac:4f:89:3b:cd:2a:c8:e3:a7:15:
50:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:37:2E:A0:68:57:C1:06:F6:C4:DC:49:DB:A1:41:65:81:BF:E8:03
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hjcuoGhXwQb2xNxJ26FBZYG_6AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d645::/32
Signature Algorithm: sha256WithRSAEncryption
b1:d2:40:b3:7b:4a:0a:ae:d7:57:15:2d:69:08:10:8d:f5:61:
ab:cb:0c:6c:05:8e:80:ed:0d:0e:04:a3:4d:dd:04:46:b3:b8:
5f:33:6a:ae:d5:d0:b0:6b:b2:91:49:f5:1e:38:96:80:a8:34:
67:f9:19:ca:8f:b3:84:22:e5:04:f8:e1:2d:23:ce:c5:ab:bf:
f6:65:01:97:fb:e0:95:d2:3d:f6:c5:a8:fb:f9:99:38:2b:44:
4b:1e:6a:e1:74:8b:74:26:94:96:a0:4b:a4:fa:18:fa:6a:6b:
28:33:53:6f:fe:ed:a2:12:74:0a:dd:9f:8b:53:61:b8:f8:ed:
0d:6c:ed:e8:5f:dc:73:64:35:9a:df:fd:b3:4c:65:63:09:08:
bb:97:5c:1f:23:3a:9e:f4:3b:27:47:5b:73:1e:94:83:9b:4b:
34:2a:07:5d:05:c0:ce:77:c9:7c:ed:72:98:b3:99:4b:31:56:
d0:50:55:d1:0b:fc:a9:f9:ea:f6:96:cb:88:09:b7:cd:94:03:
94:47:3d:3f:fa:e8:c8:d3:66:f7:2d:19:89:1b:ed:a5:4a:84:
a3:1e:a1:35:b0:de:3a:3f:75:29:0c:ec:4b:3e:9f:af:63:59:
ac:39:24:30:66:c1:74:97:e5:fc:95:a0:fc:48:12:47:c0:af:
e1:f0:27:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOiH6J1g9cj5X7wXZ3EBLn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMjA3MTcxNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjM3MmVhMDY4NTdjMTA2ZjZjNGRjNDlkYmExNDE2NTgxYmZlODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjqE2GESifi6twdDHCurQ2uODNa6
qguQz/RAV8WilbROuzxexvcfQ6HXvYLh4eUPT6r/63qb8hu/S/M38s3GuKrO1AFR
5VkQl6W5AaBNPH3cY2hUOGkbywB3ns/aEO2YZLNYSr7LU4NmwooBRY+v19fqvjNK
pEbgtpQIn8kJkKuaZLBAgZ4pY4NzjKAJYeFbflIwdLTgJWWVhymqvmTsxM7AAeNb
lFU41XlqE2NdnGHTeTWwglS4eACuUKuJqP4ZnaA2+e24MTfwGvtrhxgkF6dK3GLC
qjFWnP/HarFgntouAkH6EQAZidlHp1Uk71nx00H1X6xPiTvNKsjjpxVQyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIY3LqBoV8EG9sTcSduhQWWBv+gDMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvaGpjdW9HaFh3UWIyeE54SjI2RkJaWUdfNkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgbWRTAN
BgkqhkiG9w0BAQsFAAOCAQEAsdJAs3tKCq7XVxUtaQgQjfVhq8sMbAWOgO0NDgSj
Td0ERrO4XzNqrtXQsGuykUn1HjiWgKg0Z/kZyo+zhCLlBPjhLSPOxau/9mUBl/vg
ldI99sWo+/mZOCtESx5q4XSLdCaUlqBLpPoY+mprKDNTb/7tohJ0Ct2fi1NhuPjt
DWzt6F/cc2Q1mt/9s0xlYwkIu5dcHyM6nvQ7J0dbcx6Ug5tLNCoHXQXAznfJfO1y
mLOZSzFW0FBV0Qv8qfnq9pbLiAm3zZQDlEc9P/royNNm9y0ZiRvtpUqEox6hNbDe
Oj91KQzsSz6fr2NZrDkkMGbBdJfl/JWg/EgSR8Cv4fAnAg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:38:58 2025 by rpki-client