Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/aN3JMob9x8buefczcd05phYOlf0.roa
File: aN3JMob9x8buefczcd05phYOlf0.roa (raw, json)
Hash identifier: kUfCg+wtP+nkX+Rd8xSjjjG2invmTEBDJcMX9x0Xlbk=
Subject key identifier: 68:DD:C9:32:86:FD:C7:C6:EE:79:F7:33:71:DD:39:A6:16:0E:95:FD
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 018CC4931DC95BEB2806647DFD87571F12F5
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/aN3JMob9x8buefczcd05phYOlf0.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49078
IP address blocks: 2a04:7140:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1d:c9:5b:eb:28:06:64:7d:fd:87:57:1f:12:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ddc93286fdc7c6ee79f73371dd39a6160e95fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:0a:e6:60:dd:2f:6e:14:3b:04:f9:e4:b6:
c8:86:ad:f1:c1:cf:28:d2:f1:68:1e:12:88:b1:80:
6a:22:24:bb:d5:b8:c6:35:a2:59:bc:12:10:7f:cc:
63:11:03:e4:11:f9:10:4d:f2:44:29:95:13:ea:b8:
9f:1f:c0:a2:31:26:d6:db:ca:58:51:60:01:e7:ea:
3b:1c:88:0c:31:3c:cc:9e:3f:84:84:fb:a7:d6:10:
76:d0:af:e8:7e:1a:12:77:87:88:c1:dc:bc:e7:c2:
34:7a:aa:f4:7f:d5:95:3a:06:85:bb:ad:3c:57:a3:
5c:0b:3a:76:37:57:38:ce:7c:23:0f:f3:01:be:0d:
ba:e6:c3:3c:db:21:69:37:31:dd:8e:ae:20:bd:6d:
7c:08:6d:b0:74:ba:e7:b7:33:ef:42:14:b6:e5:14:
7e:8c:f5:f9:4e:29:58:f4:4f:6b:4b:a8:3b:ed:7f:
b2:6f:05:d6:83:b5:a2:d0:7f:e7:95:18:60:e9:de:
4e:c7:47:1e:da:f4:44:ee:c5:1c:79:ee:b6:2d:44:
57:7d:c3:da:51:14:d3:7a:8a:1c:4d:fd:32:2d:95:
73:73:03:e6:2e:3f:aa:0c:18:f2:b4:46:8d:6e:30:
2e:a7:a6:45:02:82:d9:c6:a4:bf:86:55:50:5c:e9:
3f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DD:C9:32:86:FD:C7:C6:EE:79:F7:33:71:DD:39:A6:16:0E:95:FD
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/aN3JMob9x8buefczcd05phYOlf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:7140:21::/48
Signature Algorithm: sha256WithRSAEncryption
4d:df:48:c3:b1:94:b9:4e:2f:5d:24:46:9f:0a:d3:1e:78:48:
ac:ca:06:cf:9e:8b:e6:d7:17:d4:c1:f4:35:fa:f2:72:bc:52:
a3:72:71:96:5d:e8:f4:71:e8:39:78:04:8f:88:56:60:81:f9:
0b:05:7a:a6:53:5e:91:0b:6a:69:fe:b0:6a:ba:ea:33:ab:55:
4a:24:0f:06:f4:bf:58:24:e4:3c:cf:0c:b7:13:a3:20:e5:cd:
78:41:b4:2e:fd:2b:0c:9f:d7:e8:6f:6f:81:13:8d:e8:b6:6f:
a4:de:e5:c7:1a:77:3a:2a:8a:21:4f:16:16:9f:35:a9:5b:51:
2f:cf:67:f9:43:fc:a6:c9:e9:56:d1:19:b3:f5:a9:0f:ef:4b:
85:0a:d9:82:b4:04:af:8f:e2:db:52:b9:3d:36:cc:c4:ea:1f:
05:02:05:23:37:9d:ce:4c:b0:de:d1:af:64:db:11:e1:fa:4e:
84:4a:e4:a5:6c:76:c9:a3:43:fc:8d:08:cf:56:70:0e:73:78:
af:d7:7a:69:4f:6e:0e:cc:e4:bc:a3:1b:d2:5f:a8:63:d7:dc:
8f:e0:17:ab:d5:5a:7c:89:4b:d4:a4:18:89:36:1f:1e:63:2d:
92:36:fd:f6:c4:13:80:18:e9:f3:7b:a2:d2:db:2b:36:86:3c:
58:d9:46:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEkx3JW+soBmR9/YdXHxL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRkYzkzMjg2ZmRjN2M2ZWU3OWY3MzM3MWRkMzlhNjE2MGU5NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEwK5mDdL24UOwT55LbIhq3xwc8o
0vFoHhKIsYBqIiS71bjGNaJZvBIQf8xjEQPkEfkQTfJEKZUT6rifH8CiMSbW28pY
UWAB5+o7HIgMMTzMnj+EhPun1hB20K/ofhoSd4eIwdy858I0eqr0f9WVOgaFu608
V6NcCzp2N1c4znwjD/MBvg265sM82yFpNzHdjq4gvW18CG2wdLrntzPvQhS25RR+
jPX5TilY9E9rS6g77X+ybwXWg7Wi0H/nlRhg6d5Ox0ce2vRE7sUcee62LURXfcPa
URTTeoocTf0yLZVzcwPmLj+qDBjytEaNbjAup6ZFAoLZxqS/hlVQXOk/qQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGjdyTKG/cfG7nn3M3HdOaYWDpX9MB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvYU4zSk1vYjl4OGJ1ZWZjemNkMDVwaFlPbGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRxQAAh
MA0GCSqGSIb3DQEBCwUAA4IBAQBN30jDsZS5Ti9dJEafCtMeeEisygbPnovm1xfU
wfQ1+vJyvFKjcnGWXej0ceg5eASPiFZggfkLBXqmU16RC2pp/rBquuozq1VKJA8G
9L9YJOQ8zwy3E6Mg5c14QbQu/SsMn9fob2+BE43otm+k3uXHGnc6KoohTxYWnzWp
W1Evz2f5Q/ymyelW0Rmz9akP70uFCtmCtASvj+LbUrk9NszE6h8FAgUjN53OTLDe
0a9k2xHh+k6ESuSlbHbJo0P8jQjPVnAOc3iv13ppT24OzOS8oxvSX6hj19yP4Ber
1Vp8iUvUpBiJNh8eYy2SNv32xBOAGOnze6LS2ys2hjxY2Uag
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:22 2025 by rpki-client