Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/OK6c6QaepeNGoOGafZTPA-qwMfk.roa
File: OK6c6QaepeNGoOGafZTPA-qwMfk.roa (raw, json)
Hash identifier: 6lP8xsrXaWDut+dHBr333teIOV2mx6u5gcvbkyrhI+M=
Subject key identifier: 38:AE:9C:E9:06:9E:A5:E3:46:A0:E1:9A:7D:94:CF:03:EA:B0:31:F9
Certificate issuer: /CN=4777da157768423fcba9217392ec7f483b3b9442
Certificate serial: 018DE585E6C9F3DF25D97C49DD647ABC9E8F
Authority key identifier: 47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/OK6c6QaepeNGoOGafZTPA-qwMfk.roa
Signing time: Mon 26 Feb 2024 13:06:14 +0000
ROA not before: Mon 26 Feb 2024 13:06:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8832
IP address blocks: 2a00:1498::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:85:e6:c9:f3:df:25:d9:7c:49:dd:64:7a:bc:9e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4777da157768423fcba9217392ec7f483b3b9442
Validity
Not Before: Feb 26 13:06:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38ae9ce9069ea5e346a0e19a7d94cf03eab031f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:60:8a:c7:a0:24:a8:44:4f:9b:a9:3e:77:6f:
b1:be:32:ae:b7:dd:e7:1c:a3:4c:6f:56:5a:45:e6:
5c:22:d9:fc:d0:8a:73:5d:30:06:76:24:17:d8:a0:
68:1e:45:88:60:7e:f6:49:5f:e8:bb:3a:78:7e:e9:
48:30:9f:11:95:d7:f0:9b:af:d2:c6:00:9f:ba:bb:
65:46:f2:15:78:0f:b2:a9:6e:d5:6a:39:7f:4e:cc:
b4:3d:74:88:96:3c:2b:02:3f:2b:52:ec:9e:a7:94:
b0:92:a5:f0:e3:09:c9:4b:9e:05:5b:d2:d8:5f:11:
b9:6c:4e:1f:55:39:3d:2b:6e:79:37:aa:5d:a5:37:
c7:b5:64:d0:7f:da:e3:75:16:20:85:e1:12:b7:16:
0c:f0:a2:ce:f1:87:05:41:08:2a:e5:83:43:5b:fc:
1f:1a:63:80:90:4d:ba:96:fa:32:98:ac:71:45:53:
21:75:36:62:8b:ed:e0:09:5d:c4:59:a5:b9:d1:c8:
8f:a5:26:be:8a:8d:17:e1:ea:9d:9a:d5:f4:6f:90:
dd:c7:4b:d1:59:b4:27:d0:88:24:75:b0:57:f3:b9:
27:69:3a:4e:55:c1:5f:dd:98:57:e5:8b:90:b3:94:
a7:a8:b8:65:9a:9c:02:ed:27:31:e8:d0:e4:ae:17:
e1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AE:9C:E9:06:9E:A5:E3:46:A0:E1:9A:7D:94:CF:03:EA:B0:31:F9
X509v3 Authority Key Identifier:
keyid:47:77:DA:15:77:68:42:3F:CB:A9:21:73:92:EC:7F:48:3B:3B:94:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3faFXdoQj_LqSFzkux_SDs7lEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/OK6c6QaepeNGoOGafZTPA-qwMfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b21a38-db62-4438-ba9c-f57f86df4f16/1/R3faFXdoQj_LqSFzkux_SDs7lEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1498::/32
Signature Algorithm: sha256WithRSAEncryption
7e:5b:a7:12:e3:c3:27:40:d3:bf:88:99:ef:6d:26:aa:e8:9e:
78:66:ef:4b:06:11:aa:f6:e8:58:0e:b7:8f:44:0e:76:69:ef:
57:58:fd:37:31:f0:03:04:9e:8d:2a:c1:5a:47:6a:a4:ff:bc:
a7:dd:48:67:dd:1b:d5:79:c7:1e:47:6e:43:58:8c:6b:fa:5b:
d3:8a:7c:00:ec:db:2d:9d:52:29:1f:b6:63:3b:40:33:91:f1:
ce:c8:30:b6:99:bf:23:55:76:a1:a3:d6:ec:71:e2:5c:df:6e:
2f:a1:32:12:c4:62:fe:7c:cf:c5:20:dc:d6:a2:81:27:d7:bf:
b0:a5:f6:7d:b3:92:9d:2d:0b:77:3e:05:24:b2:0f:dc:d7:04:
c9:6e:80:b9:45:02:1e:bb:05:3d:94:15:23:34:0c:6f:08:17:
01:e1:36:71:e9:59:31:12:48:ae:1e:17:b9:ff:f8:c8:cc:f8:
ca:2b:99:b6:46:0f:94:d3:4a:3b:70:ff:40:3d:e6:43:70:88:
f0:fd:8d:bf:31:00:c6:ad:81:85:8e:54:82:ad:c6:1f:fa:ad:
2a:f9:b3:33:28:1e:22:db:6b:18:e7:35:87:16:d4:89:19:4c:
81:a3:02:99:35:c3:0d:41:1a:10:e8:0c:03:97:ea:8c:3e:9d:
36:a0:61:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3lhebJ898l2XxJ3WR6vJ6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzdkYTE1Nzc2ODQyM2ZjYmE5MjE3MzkyZWM3ZjQ4M2Iz
Yjk0NDIwHhcNMjQwMjI2MTMwNjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFlOWNlOTA2OWVhNWUzNDZhMGUxOWE3ZDk0Y2YwM2VhYjAzMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWCKx6AkqERPm6k+d2+xvjKut93n
HKNMb1ZaReZcItn80IpzXTAGdiQX2KBoHkWIYH72SV/ouzp4fulIMJ8Rldfwm6/S
xgCfurtlRvIVeA+yqW7Vajl/Tsy0PXSIljwrAj8rUuyep5SwkqXw4wnJS54FW9LY
XxG5bE4fVTk9K255N6pdpTfHtWTQf9rjdRYgheEStxYM8KLO8YcFQQgq5YNDW/wf
GmOAkE26lvoymKxxRVMhdTZii+3gCV3EWaW50ciPpSa+io0X4eqdmtX0b5Ddx0vR
WbQn0IgkdbBX87knaTpOVcFf3ZhX5YuQs5SnqLhlmpwC7Scx6NDkrhfhAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDiunOkGnqXjRqDhmn2UzwPqsDH5MB8GA1UdIwQY
MBaAFEd32hV3aEI/y6khc5Lsf0g7O5RCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNmYUZYZG9Ral9McVNGemt1eF9TRHM3bEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMjFhMzgtZGI2Mi00NDM4LWJhOWMt
ZjU3Zjg2ZGY0ZjE2LzEvT0s2YzZRYWVwZU5Hb09HYWZaVFBBLXF3TWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iMjFhMzgtZGI2Mi00NDM4LWJhOWMtZjU3Zjg2ZGY0ZjE2
LzEvUjNmYUZYZG9Ral9McVNGemt1eF9TRHM3bEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAUmDAN
BgkqhkiG9w0BAQsFAAOCAQEAflunEuPDJ0DTv4iZ720mquieeGbvSwYRqvboWA63
j0QOdmnvV1j9NzHwAwSejSrBWkdqpP+8p91IZ90b1XnHHkduQ1iMa/pb04p8AOzb
LZ1SKR+2YztAM5Hxzsgwtpm/I1V2oaPW7HHiXN9uL6EyEsRi/nzPxSDc1qKBJ9e/
sKX2fbOSnS0Ldz4FJLIP3NcEyW6AuUUCHrsFPZQVIzQMbwgXAeE2celZMRJIrh4X
uf/4yMz4yiuZtkYPlNNKO3D/QD3mQ3CI8P2NvzEAxq2BhY5Ugq3GH/qtKvmzMyge
IttrGOc1hxbUiRlMgaMCmTXDDUEaEOgMA5fqjD6dNqBhfw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:36 2025 by rpki-client