Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ckO2ED6aDbdE_KHgjl2WjiyumlY.roa
File: ckO2ED6aDbdE_KHgjl2WjiyumlY.roa (raw, json)
Hash identifier: 44NRsphV/Z6RtS89L9njsBwbY+qlT3g25Ny2KXfzVe8=
Subject key identifier: 72:43:B6:10:3E:9A:0D:B7:44:FC:A1:E0:8E:5D:96:8E:2C:AE:9A:56
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 0191758E8E9751282E79E8227BB8FFDD60DE
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ckO2ED6aDbdE_KHgjl2WjiyumlY.roa
Signing time: Wed 21 Aug 2024 15:29:22 +0000
ROA not before: Wed 21 Aug 2024 15:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55207
IP address blocks: 2a0b:6b86::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:8e:8e:97:51:28:2e:79:e8:22:7b:b8:ff:dd:60:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Aug 21 15:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7243b6103e9a0db744fca1e08e5d968e2cae9a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:f1:7c:6b:16:31:e4:1e:ed:87:3d:1e:2b:
60:f0:4f:e1:68:a0:e2:02:a2:ee:80:ee:42:e4:2d:
70:15:28:07:1b:84:be:66:2e:f3:6c:b6:65:de:76:
3b:81:65:96:9c:fb:f1:01:0e:fc:18:19:cf:d1:12:
67:4d:1c:a0:e7:97:d3:5f:93:f9:1b:18:2e:2d:40:
50:8d:c8:12:de:9a:bf:54:e6:db:1e:b6:46:e3:09:
ec:cc:62:83:da:69:82:b7:bf:89:44:31:3b:4d:41:
bc:5b:db:51:dc:de:bb:35:49:12:8f:b1:e1:52:e7:
a5:06:92:8a:d7:48:23:d4:04:02:52:a7:76:b7:97:
97:36:5f:e5:52:3c:b1:d6:ed:84:3e:0a:a3:c7:93:
3f:ec:28:47:19:3f:8e:5d:55:48:58:96:a6:52:5d:
34:33:4e:31:6e:5a:68:ec:de:93:74:89:26:df:92:
be:92:b6:82:27:15:5e:56:62:5f:7a:64:67:c0:9b:
fc:2f:0d:5f:b9:20:7a:41:b7:69:95:ad:42:8b:93:
b1:1c:1c:4b:ad:46:a3:b7:33:d5:47:8d:c6:80:6f:
fa:54:1f:68:3a:b6:fd:11:e2:5c:1a:6b:e5:c7:b8:
ce:fa:c6:30:8a:d4:b9:c1:74:69:79:39:8b:3d:39:
9b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:43:B6:10:3E:9A:0D:B7:44:FC:A1:E0:8E:5D:96:8E:2C:AE:9A:56
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ckO2ED6aDbdE_KHgjl2WjiyumlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86::/48
Signature Algorithm: sha256WithRSAEncryption
01:71:09:b4:81:58:3d:9a:82:d7:d9:d2:23:fc:87:6a:8c:3d:
0b:a1:70:ee:9e:71:79:40:ad:38:d7:64:37:e4:d9:f5:0a:38:
7a:51:37:dc:3e:78:94:ea:db:0e:bc:cd:56:1b:36:f1:2b:b3:
65:9d:e5:af:21:c9:3b:da:74:1b:84:3e:f1:cb:b2:08:d3:62:
08:ac:13:95:49:79:1b:dc:72:d6:3c:b8:f6:94:50:4c:33:c0:
a4:76:df:a4:11:79:1b:9d:62:49:1d:eb:f0:12:cf:56:9a:4e:
ee:d4:48:19:74:d9:9b:1a:09:5f:0c:87:9a:9f:12:a7:a2:0b:
53:28:b2:1c:fa:7e:c4:3c:10:88:b9:f0:78:03:e7:7c:59:d5:
a8:c2:92:a1:3d:7f:73:62:7b:47:1d:0e:46:67:18:57:c1:16:
75:5e:01:02:57:82:ba:db:5e:2c:92:0b:ba:42:8e:ba:b9:9b:
ec:af:66:eb:9b:76:66:9b:72:74:28:d6:a4:51:66:d4:d3:53:
ea:3d:1e:da:a1:dc:6a:b3:e6:bd:98:f5:ce:7f:7f:c2:b4:9d:
9b:7a:f7:b9:02:e8:39:24:2e:d1:9d:ae:23:f9:8c:0b:57:db:
10:f0:46:6e:45:79:32:be:4f:31:d6:43:d8:0d:f4:35:e6:3e:
10:a1:db:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZF1jo6XUSgueegie7j/3WDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjQwODIxMTUyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQzYjYxMDNlOWEwZGI3NDRmY2ExZTA4ZTVkOTY4ZTJjYWU5YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW3xfGsWMeQe7Yc9Hitg8E/haKDi
AqLugO5C5C1wFSgHG4S+Zi7zbLZl3nY7gWWWnPvxAQ78GBnP0RJnTRyg55fTX5P5
GxguLUBQjcgS3pq/VObbHrZG4wnszGKD2mmCt7+JRDE7TUG8W9tR3N67NUkSj7Hh
UuelBpKK10gj1AQCUqd2t5eXNl/lUjyx1u2EPgqjx5M/7ChHGT+OXVVIWJamUl00
M04xblpo7N6TdIkm35K+kraCJxVeVmJfemRnwJv8Lw1fuSB6Qbdpla1Ci5OxHBxL
rUajtzPVR43GgG/6VB9oOrb9EeJcGmvlx7jO+sYwitS5wXRpeTmLPTmb1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHJDthA+mg23RPyh4I5dlo4srppWMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvY2tPMkVENmFEYmRFX0tIZ2psMldqaXl1bWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtrhgAA
MA0GCSqGSIb3DQEBCwUAA4IBAQABcQm0gVg9moLX2dIj/IdqjD0LoXDunnF5QK04
12Q35Nn1Cjh6UTfcPniU6tsOvM1WGzbxK7NlneWvIck72nQbhD7xy7II02IIrBOV
SXkb3HLWPLj2lFBMM8Ckdt+kEXkbnWJJHevwEs9Wmk7u1EgZdNmbGglfDIeanxKn
ogtTKLIc+n7EPBCIufB4A+d8WdWowpKhPX9zYntHHQ5GZxhXwRZ1XgECV4K6214s
kgu6Qo66uZvsr2brm3Zmm3J0KNakUWbU01PqPR7aodxqs+a9mPXOf3/CtJ2beve5
Aug5JC7Rna4j+YwLV9sQ8EZuRXkyvk8x1kPYDfQ15j4QoduX
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:24:53 2025 by rpki-client