Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/ENnpfMUq2ZLBwnHEUb3kT8Rk6fs.roa
File: ENnpfMUq2ZLBwnHEUb3kT8Rk6fs.roa (raw, json)
Hash identifier: 3cMsLgFNiXp3m/E4J92Az1ciJGD1kdigjGn8OwHjAsw=
Subject key identifier: 10:D9:E9:7C:C5:2A:D9:92:C1:C2:71:C4:51:BD:E4:4F:C4:64:E9:FB
Certificate issuer: /CN=4d946f4df2237491a68dfa407be41fae84bbda66
Certificate serial: 018CCA2A7FD8D07E3A04F3B2A4B681F0DCA0
Authority key identifier: 4D:94:6F:4D:F2:23:74:91:A6:8D:FA:40:7B:E4:1F:AE:84:BB:DA:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TZRvTfIjdJGmjfpAe-QfroS72mY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/ENnpfMUq2ZLBwnHEUb3kT8Rk6fs.roa
Signing time: Tue 02 Jan 2024 12:33:51 +0000
ROA not before: Tue 02 Jan 2024 12:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210729
IP address blocks: 2001:67c:1bc8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7f:d8:d0:7e:3a:04:f3:b2:a4:b6:81:f0:dc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d946f4df2237491a68dfa407be41fae84bbda66
Validity
Not Before: Jan 2 12:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10d9e97cc52ad992c1c271c451bde44fc464e9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:7e:a9:77:7d:72:84:02:d8:63:96:4d:ea:
53:c6:38:48:61:6a:99:68:23:fa:26:38:fe:4d:84:
24:32:e0:81:05:44:f8:f8:28:0a:49:a3:70:7c:66:
98:a2:aa:ee:5a:10:7e:e0:b7:a7:dc:cb:b1:3b:fb:
87:9c:8d:4c:30:c6:15:39:4a:be:ca:d6:da:92:a4:
5a:aa:1b:97:92:2c:4f:27:02:ab:85:88:e9:3f:30:
d6:c8:12:60:01:9e:fe:df:4c:2e:3b:7b:67:e4:8b:
95:36:df:2a:e2:c9:04:71:43:0e:55:f2:43:82:e7:
62:83:9b:99:67:5a:20:13:02:52:3f:6c:c2:61:1e:
23:6a:61:f9:e4:a3:ae:07:d5:d2:24:0c:3a:f5:17:
44:3a:b8:44:50:77:ab:0a:03:67:f6:76:40:55:c1:
f1:47:a3:df:07:09:b1:09:2a:11:11:9f:76:2c:32:
be:16:ab:4f:c9:97:0e:47:e3:00:b6:46:a8:3f:0d:
b6:41:7a:d8:77:df:7e:ed:02:59:32:0a:34:a7:ea:
a3:40:98:92:e5:0c:be:01:b5:e9:7d:93:ce:e6:1b:
52:8e:63:90:81:54:2e:28:56:85:ca:bd:bf:41:77:
b7:3d:07:62:18:24:dd:b5:4b:26:16:ce:df:b0:1f:
52:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D9:E9:7C:C5:2A:D9:92:C1:C2:71:C4:51:BD:E4:4F:C4:64:E9:FB
X509v3 Authority Key Identifier:
keyid:4D:94:6F:4D:F2:23:74:91:A6:8D:FA:40:7B:E4:1F:AE:84:BB:DA:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TZRvTfIjdJGmjfpAe-QfroS72mY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/ENnpfMUq2ZLBwnHEUb3kT8Rk6fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1bc8::/48
Signature Algorithm: sha256WithRSAEncryption
71:b0:7a:7e:69:6e:de:8d:9d:a4:2d:19:7a:74:bd:fc:33:d0:
9e:df:9a:30:15:ce:3f:0e:25:50:87:f7:03:54:a2:93:5f:70:
e9:68:99:a0:25:8a:c0:aa:b0:27:48:fd:66:01:13:2f:68:ee:
85:df:80:7d:b3:3e:78:c8:d5:40:65:75:3d:10:1b:c9:cc:a1:
93:4e:7d:b0:93:1c:db:71:f9:e6:b1:5e:e3:df:89:9b:77:8f:
38:c5:5a:4f:80:73:c5:87:be:b2:bd:89:a0:92:1a:ff:a7:00:
62:43:bb:85:91:77:32:e9:4b:8e:e4:1a:36:b1:80:84:4c:3f:
1d:d9:54:5c:29:35:a1:d3:b8:bb:42:98:3b:01:32:49:b5:f2:
e0:17:87:f9:1d:44:10:c2:3c:92:39:52:cc:fa:a4:57:cc:2e:
41:e5:0a:f1:cf:5d:37:04:cd:dd:17:13:8e:27:01:c2:dc:b4:
08:3b:3d:5b:72:8e:71:e2:4c:97:d2:1c:2e:1c:c1:5d:93:af:
7f:4b:a5:1a:4e:7c:8e:7a:39:06:cf:e2:ce:28:2a:8a:df:c3:
68:5b:f6:87:05:86:d9:e7:8c:09:3e:7e:d1:3c:41:20:cf:5e:
a7:9f:bd:06:0e:81:15:51:7d:ba:0b:a7:eb:d7:16:62:df:6c:
3b:09:d4:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKn/Y0H46BPOypLaB8NygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkOTQ2ZjRkZjIyMzc0OTFhNjhkZmE0MDdiZTQxZmFlODRi
YmRhNjYwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ5ZTk3Y2M1MmFkOTkyYzFjMjcxYzQ1MWJkZTQ0ZmM0NjRlOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhx+qXd9coQC2GOWTepTxjhIYWqZ
aCP6Jjj+TYQkMuCBBUT4+CgKSaNwfGaYoqruWhB+4Len3MuxO/uHnI1MMMYVOUq+
ytbakqRaqhuXkixPJwKrhYjpPzDWyBJgAZ7+30wuO3tn5IuVNt8q4skEcUMOVfJD
gudig5uZZ1ogEwJSP2zCYR4jamH55KOuB9XSJAw69RdEOrhEUHerCgNn9nZAVcHx
R6PfBwmxCSoREZ92LDK+FqtPyZcOR+MAtkaoPw22QXrYd99+7QJZMgo0p+qjQJiS
5Qy+AbXpfZPO5htSjmOQgVQuKFaFyr2/QXe3PQdiGCTdtUsmFs7fsB9SXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBDZ6XzFKtmSwcJxxFG95E/EZOn7MB8GA1UdIwQY
MBaAFE2Ub03yI3SRpo36QHvkH66Eu9pmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFpSdlRmSWpkSkdtamZwQWUtUWZyb1M3Mm1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jYmZkMWUtMTIwMi00MGMxLWJkZjAt
YzI0ZWUwNDk0NTQxLzEvRU5ucGZNVXEyWkxCd25IRVViM2tUOFJrNmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jYmZkMWUtMTIwMi00MGMxLWJkZjAtYzI0ZWUwNDk0NTQx
LzEvVFpSdlRmSWpkSkdtamZwQWUtUWZyb1M3Mm1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBvI
MA0GCSqGSIb3DQEBCwUAA4IBAQBxsHp+aW7ejZ2kLRl6dL38M9Ce35owFc4/DiVQ
h/cDVKKTX3DpaJmgJYrAqrAnSP1mARMvaO6F34B9sz54yNVAZXU9EBvJzKGTTn2w
kxzbcfnmsV7j34mbd484xVpPgHPFh76yvYmgkhr/pwBiQ7uFkXcy6UuO5Bo2sYCE
TD8d2VRcKTWh07i7Qpg7ATJJtfLgF4f5HUQQwjySOVLM+qRXzC5B5Qrxz103BM3d
FxOOJwHC3LQIOz1bco5x4kyX0hwuHMFdk69/S6UaTnyOejkGz+LOKCqK38NoW/aH
BYbZ54wJPn7RPEEgz16nn70GDoEVUX26C6fr1xZi32w7CdSJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:45 2025 by rpki-client