Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/tMgG9IZZ_AY2QXFrFgikmH_tb0I.roa
File: tMgG9IZZ_AY2QXFrFgikmH_tb0I.roa (raw, json)
Hash identifier: 9sGV5pBXamcQ1Vym05LXxfssd99QZGwLY2Gaw9fyQtM=
Subject key identifier: B4:C8:06:F4:86:59:FC:06:36:41:71:6B:16:08:A4:98:7F:ED:6F:42
Certificate issuer: /CN=86daaf4e68d322248230544cd8db29568e6cf003
Certificate serial: 018CC649F825EE437055CCF01C406C8AD15B
Authority key identifier: 86:DA:AF:4E:68:D3:22:24:82:30:54:4C:D8:DB:29:56:8E:6C:F0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htqvTmjTIiSCMFRM2NspVo5s8AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/tMgG9IZZ_AY2QXFrFgikmH_tb0I.roa
Signing time: Mon 01 Jan 2024 18:29:45 +0000
ROA not before: Mon 01 Jan 2024 18:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204088
IP address blocks: 2001:67c:2d14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f8:25:ee:43:70:55:cc:f0:1c:40:6c:8a:d1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86daaf4e68d322248230544cd8db29568e6cf003
Validity
Not Before: Jan 1 18:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c806f48659fc063641716b1608a4987fed6f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ad:cd:f8:6d:7f:8a:e7:6e:40:19:e7:1a:e8:
b8:fb:9f:0d:6a:25:12:b5:42:af:e3:80:2e:f1:4a:
b9:f8:47:c6:5b:c6:20:ed:b4:a8:b2:bd:68:63:bb:
5e:71:ad:f5:be:f6:6f:24:31:6b:50:e0:36:5e:4b:
b8:14:14:9b:c2:27:06:0d:62:da:de:90:f4:7d:f3:
cb:0b:1f:92:43:9d:f0:77:df:22:75:dd:58:95:5a:
ab:94:98:60:33:f1:70:54:d7:3c:a8:c4:1c:25:1e:
de:6e:47:c8:01:fe:da:ef:f9:08:1a:1d:62:30:24:
e1:ed:d8:47:57:8d:de:fd:3c:20:c5:e7:4f:e0:0c:
09:3c:07:4e:95:cb:1e:d7:4c:cd:d5:92:af:ac:dc:
40:10:8d:fd:5b:8a:e2:33:7e:bd:36:21:45:3d:90:
3d:12:52:41:ac:b6:63:c2:fa:ac:27:09:48:96:5d:
d8:50:15:d1:c4:32:0c:89:72:2f:70:0d:b5:d0:5c:
c0:16:70:34:d7:81:a1:ba:a1:f6:92:d4:98:19:ff:
58:ff:ca:b6:b9:87:c5:87:02:de:d8:3b:12:86:c7:
0a:73:9b:28:9b:42:23:3b:fe:b7:45:14:eb:b5:b4:
44:f4:ec:45:42:4d:50:5d:60:41:6e:fc:ad:a9:25:
72:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C8:06:F4:86:59:FC:06:36:41:71:6B:16:08:A4:98:7F:ED:6F:42
X509v3 Authority Key Identifier:
keyid:86:DA:AF:4E:68:D3:22:24:82:30:54:4C:D8:DB:29:56:8E:6C:F0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htqvTmjTIiSCMFRM2NspVo5s8AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/tMgG9IZZ_AY2QXFrFgikmH_tb0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/htqvTmjTIiSCMFRM2NspVo5s8AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d14::/48
Signature Algorithm: sha256WithRSAEncryption
30:df:6b:e0:9e:37:b4:4e:82:16:76:1b:78:82:fc:25:a3:d2:
6c:b4:0c:e6:27:30:69:91:48:e0:ea:5d:35:66:16:f5:ab:4a:
a4:91:53:68:03:a3:a6:63:6e:81:ab:2d:6f:34:aa:d9:1f:e9:
87:54:1c:89:9e:1d:20:68:20:11:4a:57:43:9d:2d:a4:7d:52:
a9:0d:e4:ff:f9:e6:39:34:7b:3c:e5:d5:aa:d1:20:2b:34:3f:
a4:5a:43:bc:c9:48:5a:1f:d4:63:54:77:bf:99:62:8f:6d:d5:
2d:0e:d6:53:80:19:e6:4e:c6:30:ba:ad:e8:94:e0:35:15:27:
49:b5:2d:9a:d6:bb:55:28:69:32:c8:c2:7a:66:15:29:34:15:
2d:46:c3:4d:71:e3:4f:83:21:69:f2:d9:4e:5c:d9:2a:8d:58:
bd:64:a2:f6:a3:27:34:54:b1:aa:c9:47:41:54:27:0f:6c:16:
d2:20:fc:f9:74:e5:57:83:22:68:29:97:aa:07:14:04:c1:cd:
f4:80:b3:ea:11:5a:63:7b:2c:72:c8:44:36:13:23:c5:41:86:
db:72:57:22:e8:4e:01:aa:3b:ac:ea:83:74:12:47:05:57:18:
4c:4b:9d:eb:7c:1b:09:27:83:c1:36:56:69:e1:ff:eb:2c:7c:
b7:66:a4:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSfgl7kNwVczwHEBsitFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGFhZjRlNjhkMzIyMjQ4MjMwNTQ0Y2Q4ZGIyOTU2OGU2
Y2YwMDMwHhcNMjQwMTAxMTgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM4MDZmNDg2NTlmYzA2MzY0MTcxNmIxNjA4YTQ5ODdmZWQ2ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA463N+G1/iuduQBnnGui4+58NaiUS
tUKv44Au8Uq5+EfGW8Yg7bSosr1oY7teca31vvZvJDFrUOA2Xku4FBSbwicGDWLa
3pD0ffPLCx+SQ53wd98idd1YlVqrlJhgM/FwVNc8qMQcJR7ebkfIAf7a7/kIGh1i
MCTh7dhHV43e/TwgxedP4AwJPAdOlcse10zN1ZKvrNxAEI39W4riM369NiFFPZA9
ElJBrLZjwvqsJwlIll3YUBXRxDIMiXIvcA210FzAFnA014GhuqH2ktSYGf9Y/8q2
uYfFhwLe2DsShscKc5som0IjO/63RRTrtbRE9OxFQk1QXWBBbvytqSVymQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLTIBvSGWfwGNkFxaxYIpJh/7W9CMB8GA1UdIwQY
MBaAFIbar05o0yIkgjBUTNjbKVaObPADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRxdlRtalRJaVNDTUZSTTJOc3BWbzVzOEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81N2QxZGItZDhlYi00OWUwLTgxMzMt
NWJjOTA1MDVkOGNhLzEvdE1nRzlJWlpfQVkyUVhGckZnaWttSF90YjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81N2QxZGItZDhlYi00OWUwLTgxMzMtNWJjOTA1MDVkOGNh
LzEvaHRxdlRtalRJaVNDTUZSTTJOc3BWbzVzOEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0U
MA0GCSqGSIb3DQEBCwUAA4IBAQAw32vgnje0ToIWdht4gvwlo9JstAzmJzBpkUjg
6l01Zhb1q0qkkVNoA6OmY26Bqy1vNKrZH+mHVByJnh0gaCARSldDnS2kfVKpDeT/
+eY5NHs85dWq0SArND+kWkO8yUhaH9RjVHe/mWKPbdUtDtZTgBnmTsYwuq3olOA1
FSdJtS2a1rtVKGkyyMJ6ZhUpNBUtRsNNceNPgyFp8tlOXNkqjVi9ZKL2oyc0VLGq
yUdBVCcPbBbSIPz5dOVXgyJoKZeqBxQEwc30gLPqEVpjeyxyyEQ2EyPFQYbbclci
6E4Bqjus6oN0EkcFVxhMS53rfBsJJ4PBNlZp4f/rLHy3ZqQE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:25 2025 by rpki-client