Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/c9b733-3bb4-4bbb-9636-74e620b1801b/1/6YjMqV6dlx7M5A539kkzyMkoga0.roa
File: 6YjMqV6dlx7M5A539kkzyMkoga0.roa (raw, json)
Hash identifier: JeiYGGHZFuUFSjBwn/Pjj6IWVtrddM9sRfR6lqTKA4s=
Subject key identifier: E9:88:CC:A9:5E:9D:97:1E:CC:E4:0E:77:F6:49:33:C8:C9:28:81:AD
Certificate issuer: /CN=42262920438231f321e3b8101088b20f90c08d46
Certificate serial: 0190DAA6441BCDC6942F1922CA7D46CA7AAB
Authority key identifier: 42:26:29:20:43:82:31:F3:21:E3:B8:10:10:88:B2:0F:90:C0:8D:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiYpIEOCMfMh47gQEIiyD5DAjUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/c9b733-3bb4-4bbb-9636-74e620b1801b/1/6YjMqV6dlx7M5A539kkzyMkoga0.roa
Signing time: Mon 22 Jul 2024 13:34:07 +0000
ROA not before: Mon 22 Jul 2024 13:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212702
IP address blocks: 2a0d:ca00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:a6:44:1b:cd:c6:94:2f:19:22:ca:7d:46:ca:7a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42262920438231f321e3b8101088b20f90c08d46
Validity
Not Before: Jul 22 13:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e988cca95e9d971ecce40e77f64933c8c92881ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:53:11:ee:e2:eb:6e:49:04:95:a2:7e:1b:bd:
e3:a6:8d:bd:5f:ca:da:f2:8b:38:98:68:70:5d:fa:
52:33:e1:22:73:a4:37:34:30:56:51:e8:d8:30:c6:
ed:c3:e1:89:d1:64:c3:47:ee:c4:eb:85:51:5b:fa:
6a:4c:ce:c0:51:db:72:f0:77:7c:b1:8d:06:5e:2e:
25:26:45:0a:c4:71:01:88:c2:5d:3a:28:72:0e:ef:
53:eb:e5:9c:b4:d7:a5:a2:bd:72:a2:09:5f:6f:63:
ce:a9:3e:1b:9c:fe:74:db:0a:8a:36:21:3c:22:f3:
f7:6c:89:3e:36:aa:6f:fe:75:5e:5b:4f:13:ac:e3:
46:8d:96:d1:2d:d7:da:de:23:f3:73:74:c4:f1:9c:
94:fc:e8:63:3d:ab:44:36:86:f5:35:df:f4:e1:23:
18:64:1a:72:4c:26:4e:35:2a:f2:7b:0a:62:3d:dd:
41:55:c6:33:0f:da:a5:45:11:8f:d9:96:a2:c8:49:
2d:fb:b6:5f:cc:80:00:94:cb:16:9e:f1:fd:df:f7:
69:fa:3c:4d:37:40:7d:86:5d:dd:e7:c8:6d:92:1e:
d4:27:46:18:f6:47:a4:77:df:11:3a:a3:9c:62:34:
b1:e3:b9:a3:9b:89:99:60:c5:5b:5a:fb:7a:75:ce:
8b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:88:CC:A9:5E:9D:97:1E:CC:E4:0E:77:F6:49:33:C8:C9:28:81:AD
X509v3 Authority Key Identifier:
keyid:42:26:29:20:43:82:31:F3:21:E3:B8:10:10:88:B2:0F:90:C0:8D:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiYpIEOCMfMh47gQEIiyD5DAjUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c9b733-3bb4-4bbb-9636-74e620b1801b/1/6YjMqV6dlx7M5A539kkzyMkoga0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/c9b733-3bb4-4bbb-9636-74e620b1801b/1/QiYpIEOCMfMh47gQEIiyD5DAjUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ca00::/32
Signature Algorithm: sha256WithRSAEncryption
3a:c9:87:25:af:60:f9:76:23:80:14:c6:f7:5c:b0:d1:a8:83:
be:d5:6a:70:2e:61:5c:4a:26:0a:01:59:fc:9c:c6:8e:dd:c9:
cd:2e:c2:57:12:f2:cc:2c:51:90:0a:3c:39:5e:1d:c3:92:62:
ed:a8:7a:d1:61:09:f7:18:37:cf:39:c1:58:47:98:12:f5:4a:
d4:bd:b6:aa:c3:82:57:be:c1:59:46:2d:4c:f3:2b:de:12:bb:
9f:fe:78:29:00:c1:97:db:46:4e:6f:71:0e:8e:35:95:9a:a9:
ad:61:72:55:2d:bf:0a:55:64:a4:ae:5a:f7:ff:9d:f0:69:5a:
1b:4a:ab:1e:f6:70:d3:78:3b:be:b0:f1:89:ca:16:62:ea:01:
3e:21:97:e9:ec:3f:b1:b9:39:81:6f:a7:1b:00:b7:bd:41:c2:
ba:fa:7c:1a:ae:8f:f7:aa:a8:60:8a:3d:48:1c:3c:e8:41:b6:
32:b9:4d:bf:79:12:c3:02:6d:93:21:1a:93:d1:d3:65:85:10:
82:b5:d0:99:c7:99:82:2d:74:fc:5e:f7:32:4f:94:95:e8:00:
bb:21:17:1d:f8:a1:2e:00:d8:df:01:ed:59:01:1d:e1:04:50:
eb:33:e3:ce:7d:4d:70:71:6b:5a:99:be:ad:47:cf:99:1d:43:
e0:06:70:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZDapkQbzcaULxkiyn1GynqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjYyOTIwNDM4MjMxZjMyMWUzYjgxMDEwODhiMjBmOTBj
MDhkNDYwHhcNMjQwNzIyMTMzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTg4Y2NhOTVlOWQ5NzFlY2NlNDBlNzdmNjQ5MzNjOGM5Mjg4MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1MR7uLrbkkElaJ+G73jpo29X8ra
8os4mGhwXfpSM+Eic6Q3NDBWUejYMMbtw+GJ0WTDR+7E64VRW/pqTM7AUdty8Hd8
sY0GXi4lJkUKxHEBiMJdOihyDu9T6+WctNelor1yoglfb2POqT4bnP502wqKNiE8
IvP3bIk+Nqpv/nVeW08TrONGjZbRLdfa3iPzc3TE8ZyU/OhjPatENob1Nd/04SMY
ZBpyTCZONSryewpiPd1BVcYzD9qlRRGP2ZaiyEkt+7ZfzIAAlMsWnvH93/dp+jxN
N0B9hl3d58htkh7UJ0YY9kekd98ROqOcYjSx47mjm4mZYMVbWvt6dc6L5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmIzKlenZcezOQOd/ZJM8jJKIGtMB8GA1UdIwQY
MBaAFEImKSBDgjHzIeO4EBCIsg+QwI1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlZcElFT0NNZk1oNDdnUUVJaXlENURBalVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jOWI3MzMtM2JiNC00YmJiLTk2MzYt
NzRlNjIwYjE4MDFiLzEvNllqTXFWNmRseDdNNUE1Mzlra3p5TWtvZ2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jOWI3MzMtM2JiNC00YmJiLTk2MzYtNzRlNjIwYjE4MDFi
LzEvUWlZcElFT0NNZk1oNDdnUUVJaXlENURBalVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3KADAN
BgkqhkiG9w0BAQsFAAOCAQEAOsmHJa9g+XYjgBTG91yw0aiDvtVqcC5hXEomCgFZ
/JzGjt3JzS7CVxLyzCxRkAo8OV4dw5Ji7ah60WEJ9xg3zznBWEeYEvVK1L22qsOC
V77BWUYtTPMr3hK7n/54KQDBl9tGTm9xDo41lZqprWFyVS2/ClVkpK5a9/+d8Gla
G0qrHvZw03g7vrDxicoWYuoBPiGX6ew/sbk5gW+nGwC3vUHCuvp8Gq6P96qoYIo9
SBw86EG2MrlNv3kSwwJtkyEak9HTZYUQgrXQmceZgi10/F73Mk+UlegAuyEXHfih
LgDY3wHtWQEd4QRQ6zPjzn1NcHFrWpm+rUfPmR1D4AZw3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:07 2025 by rpki-client