Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1GqqfK79naNqTiPKsBwIxWeuYQk.roa
File: 1GqqfK79naNqTiPKsBwIxWeuYQk.roa (raw, json)
Hash identifier: ztB4HQN3Fk3j/d2bCSjVy10yKnmflPIOJ5VvisanNI8=
Subject key identifier: D4:6A:AA:7C:AE:FD:9D:A3:6A:4E:23:CA:B0:1C:08:C5:67:AE:61:09
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC6F5CC881B05BE08B0B4AED2E3850
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1GqqfK79naNqTiPKsBwIxWeuYQk.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205148
IP address blocks: 2a0d:f407:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6f:5c:c8:81:b0:5b:e0:8b:0b:4a:ed:2e:38:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46aaa7caefd9da36a4e23cab01c08c567ae6109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:79:9b:1e:2d:9e:e8:6b:e6:77:09:2c:ff:
c8:e5:f9:94:e2:fa:7c:83:9c:1d:8f:37:6a:4d:90:
c4:49:4d:cf:21:4b:9a:f2:ab:66:42:a3:21:29:c1:
51:a3:84:16:da:bd:77:43:ee:50:a7:6f:9d:64:6e:
5a:f4:fb:e5:c3:7b:38:da:f9:33:94:d7:18:80:68:
1a:3d:41:7a:c5:20:81:83:01:ef:83:54:71:a9:a6:
90:d0:93:86:19:f3:93:15:f0:f4:e9:ad:23:1e:f7:
40:99:1c:2b:95:7f:ed:6c:f3:ba:d2:64:fc:bc:99:
c6:aa:4b:6b:8b:23:5d:99:f1:52:06:d4:5b:85:08:
e5:5f:8c:e3:34:6a:53:24:45:76:13:13:89:1d:d6:
60:a6:07:d1:f9:fa:12:ed:8d:25:f6:0a:4b:60:b6:
37:45:c9:f7:bc:51:0e:4e:2f:1d:aa:b6:9a:d9:a0:
71:27:5f:7c:ce:99:50:0d:a5:11:ed:d2:ba:ba:66:
36:fe:ca:9d:39:b5:ba:84:80:5f:4d:78:ec:82:05:
cd:17:8a:b0:ac:88:da:20:3d:7e:ce:49:9b:b9:0b:
71:15:8e:d5:e9:2e:62:14:44:2c:aa:a5:91:62:2b:
12:97:44:5d:d7:92:6d:d9:ac:58:f1:15:2f:e4:f0:
2a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6A:AA:7C:AE:FD:9D:A3:6A:4E:23:CA:B0:1C:08:C5:67:AE:61:09
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/1GqqfK79naNqTiPKsBwIxWeuYQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:100::/44
Signature Algorithm: sha256WithRSAEncryption
b7:a0:6e:e3:70:c7:cd:c7:98:94:5e:75:47:82:85:23:39:0b:
de:22:b1:55:27:0e:12:5c:45:fc:0c:96:d4:03:67:98:59:f8:
83:b5:71:2f:c6:53:d6:46:db:b7:c9:83:f4:d5:34:b7:e0:9c:
cc:9a:44:31:b1:fb:db:62:ad:fc:ba:91:e2:81:b1:2a:a5:ae:
db:fb:9d:df:8c:68:12:90:9e:ce:8f:dc:d9:c9:25:56:4f:da:
f0:73:c9:57:ee:e9:55:c4:78:60:99:94:64:52:91:4d:68:7c:
eb:11:9b:e8:4b:9e:84:d8:ce:d9:9d:aa:77:d6:d2:79:71:92:
e8:1d:d0:5c:be:4d:a6:92:e4:61:8f:5e:f8:1c:3e:ba:5f:c5:
3d:65:43:90:40:21:97:59:c3:70:fe:f6:2d:13:7e:ec:1a:f9:
19:bb:c5:e9:c6:bf:77:63:c8:18:7d:40:dc:8b:21:72:8b:43:
91:f8:5a:ae:99:a6:74:d8:7d:78:99:77:bb:c5:53:e0:61:08:
42:71:36:bc:8b:66:cf:d0:2a:ae:b6:61:93:b9:56:2a:86:2c:
78:0a:e3:76:90:c6:04:6e:94:77:a4:0a:b2:73:e9:c9:3a:04:
3f:de:04:24:70:ac:63:1b:b9:48:ba:a6:6f:08:27:4e:ad:e3:
ae:37:b2:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvG9cyIGwW+CLC0rtLjhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZhYWE3Y2FlZmQ5ZGEzNmE0ZTIzY2FiMDFjMDhjNTY3YWU2MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvd5mx4tnuhr5ncJLP/I5fmU4vp8
g5wdjzdqTZDESU3PIUua8qtmQqMhKcFRo4QW2r13Q+5Qp2+dZG5a9Pvlw3s42vkz
lNcYgGgaPUF6xSCBgwHvg1RxqaaQ0JOGGfOTFfD06a0jHvdAmRwrlX/tbPO60mT8
vJnGqktriyNdmfFSBtRbhQjlX4zjNGpTJEV2ExOJHdZgpgfR+foS7Y0l9gpLYLY3
Rcn3vFEOTi8dqraa2aBxJ198zplQDaUR7dK6umY2/sqdObW6hIBfTXjsggXNF4qw
rIjaID1+zkmbuQtxFY7V6S5iFEQsqqWRYisSl0Rd15Jt2axY8RUv5PAqywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNRqqnyu/Z2jak4jyrAcCMVnrmEJMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvMUdxcWZLNzluYU5xVGlQS3NCd0l4V2V1WVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg30BwEA
MA0GCSqGSIb3DQEBCwUAA4IBAQC3oG7jcMfNx5iUXnVHgoUjOQveIrFVJw4SXEX8
DJbUA2eYWfiDtXEvxlPWRtu3yYP01TS34JzMmkQxsfvbYq38upHigbEqpa7b+53f
jGgSkJ7Oj9zZySVWT9rwc8lX7ulVxHhgmZRkUpFNaHzrEZvoS56E2M7Znap31tJ5
cZLoHdBcvk2mkuRhj174HD66X8U9ZUOQQCGXWcNw/vYtE37sGvkZu8Xpxr93Y8gY
fUDciyFyi0OR+FqumaZ02H14mXe7xVPgYQhCcTa8i2bP0CqutmGTuVYqhix4CuN2
kMYEbpR3pAqyc+nJOgQ/3gQkcKxjG7lIuqZvCCdOreOuN7KU
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:03 2025 by rpki-client