Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/K68G3dzuNkbWyzH-ZFsGQEEDbnQ.roa
File: K68G3dzuNkbWyzH-ZFsGQEEDbnQ.roa (raw, json)
Hash identifier: ypC9UNvcdbqSuXYuGIw4OB2Xjnp2Ol8KsW7qZsQdwEo=
Subject key identifier: 2B:AF:06:DD:DC:EE:36:46:D6:CB:31:FE:64:5B:06:40:41:03:6E:74
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 018CD9919DA2FB0D57170D0B77D813649E46
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/K68G3dzuNkbWyzH-ZFsGQEEDbnQ.roa
Signing time: Fri 05 Jan 2024 12:20:48 +0000
ROA not before: Fri 05 Jan 2024 12:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208753
IP address blocks: 2a10:ba87:feef::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:91:9d:a2:fb:0d:57:17:0d:0b:77:d8:13:64:9e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 5 12:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2baf06dddcee3646d6cb31fe645b064041036e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8d:26:e5:80:a9:b5:b6:e1:73:e2:67:5d:0b:
f5:17:a4:72:d3:2c:a6:94:c3:72:c5:20:af:4b:f3:
a5:ca:fe:41:12:55:f2:4f:b6:ea:59:a4:7a:d2:6d:
79:dd:fa:2e:4d:d5:3f:2a:10:7f:ec:3a:6b:45:02:
16:5c:d4:0c:88:71:f7:20:e4:b1:27:63:bd:00:47:
49:cf:eb:cf:5f:94:74:2c:ee:66:2c:3e:62:24:2b:
d0:fc:7b:6f:76:d8:9b:73:5f:0f:f0:43:80:62:b4:
d2:57:38:a2:a1:73:cc:22:ac:80:bd:bf:21:78:ec:
28:f7:19:90:d5:d7:7d:68:64:60:07:f3:fe:f9:af:
0c:01:d0:2f:12:68:6a:e6:75:3c:56:ea:46:c8:98:
10:f5:1c:b0:3b:44:af:7e:9a:e2:ef:65:17:94:33:
79:1b:ae:c9:05:b0:96:59:15:15:0a:23:4b:6f:a5:
7c:99:f0:05:e4:b9:06:d3:a5:e8:48:d4:46:ce:8f:
10:80:29:ae:ed:9e:dd:1a:1b:ae:5a:da:08:2a:33:
24:56:10:1d:99:7d:d0:3e:71:72:f0:c7:22:cd:3e:
9e:3b:8d:4b:c9:82:41:e7:d2:ff:0f:eb:c9:57:0e:
ef:b8:79:66:dc:8e:d3:f3:42:e1:9d:e5:8a:58:1a:
cb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AF:06:DD:DC:EE:36:46:D6:CB:31:FE:64:5B:06:40:41:03:6E:74
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/K68G3dzuNkbWyzH-ZFsGQEEDbnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:feef::/48
Signature Algorithm: sha256WithRSAEncryption
95:f4:be:ba:4e:ae:44:e2:f2:d9:66:f9:50:5d:0c:18:e5:7b:
c6:c0:76:b6:4d:0b:e6:3f:31:97:a7:da:3c:2c:8a:b0:98:5b:
8c:04:da:01:77:5e:ab:4a:88:40:9b:10:97:a1:bf:d5:50:ed:
91:ef:b0:5a:cc:44:5d:7a:51:01:5a:c3:dc:44:16:51:ee:73:
a1:de:da:f0:f3:87:1a:27:e5:d0:04:d3:b1:e2:ea:83:0d:d4:
70:dc:2a:f9:db:db:20:cd:8e:ff:9b:60:5d:d4:10:ba:ff:de:
56:5d:a1:61:d7:d2:1e:55:90:b6:8f:31:dd:96:68:3e:91:bb:
f9:96:23:fb:b9:1b:8c:9b:2a:ca:a8:ff:39:03:19:ed:1a:0a:
99:e9:98:96:2f:01:f7:8c:9a:58:b8:f2:51:84:eb:2a:b9:6a:
66:08:16:0b:d5:f3:26:46:36:a3:51:6a:98:e7:39:62:25:0a:
1a:9f:a2:6c:2e:c2:1d:fb:e2:da:d7:86:e1:6d:a1:3f:c1:9b:
9a:76:f9:60:94:7f:af:21:90:13:57:a4:d3:e8:fc:da:68:2c:
6b:93:17:6a:f3:a0:cf:72:2a:be:bb:c6:09:cb:b2:fe:ba:4e:
9c:e7:c9:94:7c:83:e5:e5:84:5a:e7:4c:0c:b0:dc:e4:dd:d8:
8c:8b:61:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzZkZ2i+w1XFw0Ld9gTZJ5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQwMTA1MTIyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFmMDZkZGRjZWUzNjQ2ZDZjYjMxZmU2NDViMDY0MDQxMDM2ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko0m5YCptbbhc+JnXQv1F6Ry0yym
lMNyxSCvS/Olyv5BElXyT7bqWaR60m153fouTdU/KhB/7DprRQIWXNQMiHH3IOSx
J2O9AEdJz+vPX5R0LO5mLD5iJCvQ/Htvdtibc18P8EOAYrTSVziioXPMIqyAvb8h
eOwo9xmQ1dd9aGRgB/P++a8MAdAvEmhq5nU8VupGyJgQ9RywO0Svfpri72UXlDN5
G67JBbCWWRUVCiNLb6V8mfAF5LkG06XoSNRGzo8QgCmu7Z7dGhuuWtoIKjMkVhAd
mX3QPnFy8McizT6eO41LyYJB59L/D+vJVw7vuHlm3I7T80LhneWKWBrLDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCuvBt3c7jZG1ssx/mRbBkBBA250MB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvSzY4RzNkenVOa2JXeXpILVpGc0dRRUVEYm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhC6h/7v
MA0GCSqGSIb3DQEBCwUAA4IBAQCV9L66Tq5E4vLZZvlQXQwY5XvGwHa2TQvmPzGX
p9o8LIqwmFuMBNoBd16rSohAmxCXob/VUO2R77BazERdelEBWsPcRBZR7nOh3trw
84caJ+XQBNOx4uqDDdRw3Cr529sgzY7/m2Bd1BC6/95WXaFh19IeVZC2jzHdlmg+
kbv5liP7uRuMmyrKqP85AxntGgqZ6ZiWLwH3jJpYuPJRhOsquWpmCBYL1fMmRjaj
UWqY5zliJQoan6JsLsId++La14bhbaE/wZuadvlglH+vIZATV6TT6PzaaCxrkxdq
86DPciq+u8YJy7L+uk6c58mUfIPl5YRa50wMsNzk3diMi2FA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:02 2025 by rpki-client