Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/840DNE_G_OTeJiaP6cWhUjJctuE.roa
File: 840DNE_G_OTeJiaP6cWhUjJctuE.roa (raw, json)
Hash identifier: N8NZroVGA0hOfnOxrSpLNSx8DArpqJfqotyKq/+/qS4=
Subject key identifier: F3:8D:03:34:4F:C6:FC:E4:DE:26:26:8F:E9:C5:A1:52:32:5C:B6:E1
Certificate issuer: /CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Certificate serial: 018CC2DAB75E59CDB4ED744FD80EACE58516
Authority key identifier: 6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/840DNE_G_OTeJiaP6cWhUjJctuE.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205055
IP address blocks: 2a07:9443::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b7:5e:59:cd:b4:ed:74:4f:d8:0e:ac:e5:85:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f38d03344fc6fce4de26268fe9c5a152325cb6e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:19:0c:72:78:e4:42:7a:64:47:79:60:c3:bd:
66:68:a5:3d:e1:f0:77:13:5e:bb:30:25:f8:bf:4b:
62:77:5c:33:bf:4a:15:44:18:e3:bc:d3:c4:1d:53:
11:a4:7a:64:2d:21:a4:df:f8:b5:09:48:a1:9a:0b:
f6:66:0a:53:8b:c3:11:36:d6:c6:49:c0:2b:03:52:
f0:80:1a:36:8c:3b:2a:4d:cd:e2:f9:d5:86:e4:0e:
49:93:0c:1f:53:4d:f2:fc:f9:c3:49:03:79:9b:ca:
5b:c5:9f:8a:a3:d6:32:b9:5c:5a:cb:ad:a3:d0:26:
3c:d8:5f:03:e8:c7:d6:fa:41:f3:09:f5:28:3b:4e:
3e:cc:52:53:f8:c3:8e:ef:85:e0:8b:c3:8b:5a:ba:
00:f4:db:12:1e:2f:71:49:46:ab:df:62:d4:0d:02:
61:4d:12:b7:64:59:50:65:03:13:01:3d:5a:71:d8:
fe:c1:41:2f:e2:fd:69:7f:43:71:2d:b0:31:ae:4c:
f8:49:ba:2c:f5:3f:98:bd:e6:b0:93:0c:5d:cc:0c:
18:37:5b:64:d4:a5:12:5e:22:fb:16:57:e8:64:37:
b4:f0:a4:c8:2b:63:6b:69:bd:fb:9d:03:11:cc:7b:
06:22:84:f3:03:b6:7c:aa:ed:97:88:89:80:f0:f1:
cf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8D:03:34:4F:C6:FC:E4:DE:26:26:8F:E9:C5:A1:52:32:5C:B6:E1
X509v3 Authority Key Identifier:
keyid:6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/840DNE_G_OTeJiaP6cWhUjJctuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/b1dizVOgPjIkIEagGo4cyslGtt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:9443::/32
Signature Algorithm: sha256WithRSAEncryption
6d:ae:e0:8a:3c:c3:8a:e9:0f:f9:d6:1b:c7:52:3a:2a:55:68:
bc:2c:e6:32:dd:cc:5c:55:72:6f:c8:17:b8:b8:b0:8b:18:c6:
f2:95:cd:39:57:a5:b6:7d:ea:19:b8:8b:6c:18:18:e2:02:0e:
af:ca:43:0c:5b:cb:5a:ee:0b:6c:dd:43:1e:a6:74:7a:e0:7b:
c5:45:f4:ea:e5:8c:74:f5:65:be:9f:92:2e:e5:cd:3c:56:d0:
bc:92:17:60:83:c1:25:94:1f:52:44:5f:db:8d:f0:41:d5:9d:
3f:37:7d:fc:49:e8:b2:fd:51:a5:46:6e:53:2e:8e:76:98:03:
b2:60:7c:94:3c:81:d7:35:d0:59:ab:8b:41:0a:8b:e8:5c:50:
d9:3c:3b:ab:bd:85:27:a0:f1:41:75:7c:80:66:93:b9:3f:a8:
40:c2:97:c2:77:31:04:8e:66:83:04:6a:15:a6:f9:f8:9e:c0:
fa:bc:54:40:31:82:85:41:61:75:7d:89:67:a7:0e:36:f2:ba:
4a:4a:05:4d:7a:05:26:ec:43:96:21:79:63:1e:f5:3d:84:e2:
70:f7:bf:dc:66:0a:9b:d1:99:ea:a1:db:1d:f5:88:2f:17:bc:
a8:10:f0:09:a0:1c:4c:6a:99:00:70:dc:1d:e8:b8:8f:19:6c:
72:9c:26:57
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC2rdeWc207XRP2A6s5YUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTc2MmNkNTNhMDNlMzIyNDIwNDZhMDFhOGUxY2NhYzk0
NmI2ZGQwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzhkMDMzNDRmYzZmY2U0ZGUyNjI2OGZlOWM1YTE1MjMyNWNiNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBkMcnjkQnpkR3lgw71maKU94fB3
E167MCX4v0tid1wzv0oVRBjjvNPEHVMRpHpkLSGk3/i1CUihmgv2ZgpTi8MRNtbG
ScArA1LwgBo2jDsqTc3i+dWG5A5JkwwfU03y/PnDSQN5m8pbxZ+Ko9YyuVxay62j
0CY82F8D6MfW+kHzCfUoO04+zFJT+MOO74Xgi8OLWroA9NsSHi9xSUar32LUDQJh
TRK3ZFlQZQMTAT1acdj+wUEv4v1pf0NxLbAxrkz4Sbos9T+YveawkwxdzAwYN1tk
1KUSXiL7FlfoZDe08KTIK2Nrab37nQMRzHsGIoTzA7Z8qu2XiImA8PHP/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPONAzRPxvzk3iYmj+nFoVIyXLbhMB8GA1UdIwQY
MBaAFG9XYs1ToD4yJCBGoBqOHMrJRrbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgt
NzljYmYzOTVkNzI2LzEvODQwRE5FX0dfT1RlSmlhUDZjV2hVakpjdHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgtNzljYmYzOTVkNzI2
LzEvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgeUQzAN
BgkqhkiG9w0BAQsFAAOCAQEAba7gijzDiukP+dYbx1I6KlVovCzmMt3MXFVyb8gX
uLiwixjG8pXNOVeltn3qGbiLbBgY4gIOr8pDDFvLWu4LbN1DHqZ0euB7xUX06uWM
dPVlvp+SLuXNPFbQvJIXYIPBJZQfUkRf243wQdWdPzd9/Enosv1RpUZuUy6OdpgD
smB8lDyB1zXQWauLQQqL6FxQ2Tw7q72FJ6DxQXV8gGaTuT+oQMKXwncxBI5mgwRq
Fab5+J7A+rxUQDGChUFhdX2JZ6cONvK6SkoFTXoFJuxDliF5Yx71PYTicPe/3GYK
m9GZ6qHbHfWILxe8qBDwCaAcTGqZAHDcHei4jxlscpwmVw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:10 2025 by rpki-client