Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3AJ0fk_X5_kNSRnoLsrY6gS4gmY.roa
File: 3AJ0fk_X5_kNSRnoLsrY6gS4gmY.roa (raw, json)
Hash identifier: lxkZMpXpmeJRCAhAefjpQPSMRWCkDQNW81oRDe53O9o=
Subject key identifier: DC:02:74:7E:4F:D7:E7:F9:0D:49:19:E8:2E:CA:D8:EA:04:B8:82:66
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252278C96EFCB39FB89F691252F596E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3AJ0fk_X5_kNSRnoLsrY6gS4gmY.roa
Signing time: Thu 02 Jan 2025 03:50:03 +0000
ROA not before: Thu 02 Jan 2025 03:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214243
IP address blocks: 2a06:de00:7f1::/48 maxlen: 48
2a0e:97c0:4c1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Jan 2025 19:52:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:78:c9:6e:fc:b3:9f:b8:9f:69:12:52:f5:96:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc02747e4fd7e7f90d4919e82ecad8ea04b88266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6a:f2:63:9c:48:f2:ae:1f:43:9e:c2:8a:c4:
88:fd:12:76:be:e3:f7:0c:00:fd:7a:37:74:a5:f8:
09:ce:d4:13:71:8a:03:00:00:b5:84:27:54:6b:bb:
1b:c0:61:bf:0d:12:0f:4b:45:2c:2e:93:11:47:4d:
a7:7f:00:18:bd:5d:c3:df:fd:3f:8f:9d:c1:87:bd:
af:f2:37:c6:85:87:a6:11:cf:d6:ae:8d:f7:42:54:
52:95:15:51:ed:4f:e7:5c:11:43:e7:4a:09:f2:35:
e1:66:57:35:a4:c0:d8:92:78:ad:91:b7:15:29:4c:
58:3e:50:d2:a0:91:6a:98:65:97:01:84:64:b0:67:
13:0b:30:12:ae:a8:1b:5c:9f:40:51:b1:89:9c:f7:
e9:a2:a0:31:94:0b:3f:ad:0b:6b:8b:6b:c2:b7:f8:
42:46:54:d2:43:0a:6e:78:dd:dd:0a:22:6d:ce:c4:
ae:d7:6b:9b:2b:0f:cd:91:b7:a1:93:f0:48:3b:15:
0a:cb:c2:96:4f:92:38:2e:72:a4:96:53:f4:00:b1:
bf:bf:ee:7b:41:e1:f5:a2:50:c7:c8:1b:78:4c:b5:
ae:b8:c6:2e:6b:44:81:1e:bd:7a:d1:06:2c:b6:fb:
90:53:54:f8:58:90:d9:a4:01:28:ff:03:16:3f:06:
db:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:02:74:7E:4F:D7:E7:F9:0D:49:19:E8:2E:CA:D8:EA:04:B8:82:66
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3AJ0fk_X5_kNSRnoLsrY6gS4gmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:7f1::/48
2a0e:97c0:4c1::/48
Signature Algorithm: sha256WithRSAEncryption
58:7b:37:50:9b:c6:b2:18:37:38:11:a3:d0:66:16:39:3a:e9:
50:e6:3e:56:66:b8:9e:91:60:7a:3a:31:5f:4d:eb:07:f2:78:
0c:30:35:6f:20:0c:55:c6:d5:c1:f0:8f:d6:94:92:dd:ed:19:
19:80:49:cc:bc:c7:9f:66:a8:46:0e:66:ac:3b:6c:bc:8d:c7:
d0:38:7d:98:d9:4b:47:31:b5:bb:fc:9d:33:ee:3a:4c:d4:ed:
46:27:b6:41:8f:44:6b:55:b2:39:0d:68:80:0b:71:74:51:93:
ea:89:97:7f:03:c3:e6:be:ec:8b:5b:c7:f1:6b:2b:88:64:2e:
11:5a:56:8e:50:ac:09:65:89:15:df:5c:6c:06:08:35:6d:99:
93:4b:45:71:35:cc:f7:93:b8:aa:04:0c:56:04:2b:fb:c4:50:
9b:d8:2d:08:f8:d2:2c:6b:19:26:18:bb:42:05:42:ce:f9:84:
15:7e:37:42:00:26:1e:92:35:15:03:6b:c3:02:5d:db:2f:6d:
e5:7f:4a:63:fb:8b:1d:96:56:d5:cb:f0:e3:14:9b:da:2e:ad:
9a:3e:35:a9:cb:f7:cb:ad:56:99:7d:a8:51:7b:e9:a1:2e:6c:
f8:55:88:7f:b0:91:2b:bd:3b:1b:38:84:a3:0f:fb:04:94:cd:
e0:e6:fe:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlInjJbvyzn7ifaRJS9ZbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzAyNzQ3ZTRmZDdlN2Y5MGQ0OTE5ZTgyZWNhZDhlYTA0Yjg4MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGryY5xI8q4fQ57CisSI/RJ2vuP3
DAD9ejd0pfgJztQTcYoDAAC1hCdUa7sbwGG/DRIPS0UsLpMRR02nfwAYvV3D3/0/
j53Bh72v8jfGhYemEc/Wro33QlRSlRVR7U/nXBFD50oJ8jXhZlc1pMDYknitkbcV
KUxYPlDSoJFqmGWXAYRksGcTCzASrqgbXJ9AUbGJnPfpoqAxlAs/rQtri2vCt/hC
RlTSQwpueN3dCiJtzsSu12ubKw/Nkbehk/BIOxUKy8KWT5I4LnKkllP0ALG/v+57
QeH1olDHyBt4TLWuuMYua0SBHr160QYstvuQU1T4WJDZpAEo/wMWPwbbWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNwCdH5P1+f5DUkZ6C7K2OoEuIJmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM0FKMGZrX1g1X2tOU1Jub0xzclk2Z1M0Z21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgbeAAfx
AwcAKg6XwATBMA0GCSqGSIb3DQEBCwUAA4IBAQBYezdQm8ayGDc4EaPQZhY5OulQ
5j5WZriekWB6OjFfTesH8ngMMDVvIAxVxtXB8I/WlJLd7RkZgEnMvMefZqhGDmas
O2y8jcfQOH2Y2UtHMbW7/J0z7jpM1O1GJ7ZBj0RrVbI5DWiAC3F0UZPqiZd/A8Pm
vuyLW8fxayuIZC4RWlaOUKwJZYkV31xsBgg1bZmTS0VxNcz3k7iqBAxWBCv7xFCb
2C0I+NIsaxkmGLtCBULO+YQVfjdCACYekjUVA2vDAl3bL23lf0pj+4sdllbVy/Dj
FJvaLq2aPjWpy/fLrVaZfahRe+mhLmz4VYh/sJErvTsbOISjD/sElM3g5v5z
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:49:49 2025 by rpki-client