Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/dbe923-aaef-4912-843f-a4efc43a0478/1/4tfdkH79TTzfMrcl58y9NGMq59o.roa
File: 4tfdkH79TTzfMrcl58y9NGMq59o.roa (raw, json)
Hash identifier: 2V+k9uWN7JyACBytHJrY9EJ0pSXWAoU7fK6gOncU8LI=
Subject key identifier: E2:D7:DD:90:7E:FD:4D:3C:DF:32:B7:25:E7:CC:BD:34:63:2A:E7:DA
Certificate issuer: /CN=00b4fe4394e33fc22ac5cbb545f9cd1094087567
Certificate serial: 018CC5007E63B0379C488426AD7F0B2CDE35
Authority key identifier: 00:B4:FE:43:94:E3:3F:C2:2A:C5:CB:B5:45:F9:CD:10:94:08:75:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALT-Q5TjP8Iqxcu1RfnNEJQIdWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/dbe923-aaef-4912-843f-a4efc43a0478/1/4tfdkH79TTzfMrcl58y9NGMq59o.roa
Signing time: Mon 01 Jan 2024 12:29:53 +0000
ROA not before: Mon 01 Jan 2024 12:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206155
IP address blocks: 2001:678:3cc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7e:63:b0:37:9c:48:84:26:ad:7f:0b:2c:de:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b4fe4394e33fc22ac5cbb545f9cd1094087567
Validity
Not Before: Jan 1 12:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2d7dd907efd4d3cdf32b725e7ccbd34632ae7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c7:c0:28:26:a5:ee:84:a8:39:b2:5a:23:c9:
cd:ac:de:6d:e3:a9:9b:28:c3:3a:61:da:86:7e:96:
61:01:29:ec:80:31:e4:b9:90:f4:0f:82:11:8a:44:
da:7d:52:0d:cc:de:e0:3a:9a:c9:6a:b3:95:e8:fd:
e6:15:3f:27:ee:a3:2f:94:32:e4:1d:8d:77:ae:78:
60:92:ea:57:8a:5d:e7:85:c2:ca:6a:69:f4:c2:c0:
31:1c:cf:4c:97:e3:5d:b7:93:73:79:0a:c4:b4:42:
2a:5b:1f:9d:00:9e:04:24:51:af:10:c6:51:ac:31:
c6:64:ac:5f:ca:51:3a:f4:b2:b2:db:72:b4:d9:b9:
6e:ee:31:38:1e:93:04:67:f2:8c:91:5a:23:4f:00:
da:c4:fb:e6:84:e4:62:b1:6d:36:91:b0:52:29:d2:
4b:43:26:d9:51:1a:cf:09:22:84:53:5b:48:78:bf:
31:b4:fe:a2:27:37:51:08:46:1f:6b:1c:db:05:99:
02:ec:3a:62:9d:35:20:35:cc:a5:64:a6:58:a0:84:
a8:bf:41:75:b2:3d:e2:8a:b9:48:1e:30:3d:e3:ba:
26:7f:e1:ef:5e:89:e0:df:93:8f:01:f9:3e:79:4d:
27:70:5a:fa:08:19:62:95:fa:ec:1d:d2:6a:df:08:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D7:DD:90:7E:FD:4D:3C:DF:32:B7:25:E7:CC:BD:34:63:2A:E7:DA
X509v3 Authority Key Identifier:
keyid:00:B4:FE:43:94:E3:3F:C2:2A:C5:CB:B5:45:F9:CD:10:94:08:75:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALT-Q5TjP8Iqxcu1RfnNEJQIdWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/dbe923-aaef-4912-843f-a4efc43a0478/1/4tfdkH79TTzfMrcl58y9NGMq59o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/dbe923-aaef-4912-843f-a4efc43a0478/1/ALT-Q5TjP8Iqxcu1RfnNEJQIdWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:3cc::/48
Signature Algorithm: sha256WithRSAEncryption
81:d6:35:da:6c:62:ba:99:f1:e8:21:6d:a9:09:6f:a0:19:c1:
5a:25:24:4f:78:31:e8:5a:89:bc:33:99:8c:7a:8b:9a:5e:77:
dd:6f:04:cf:65:63:26:59:de:1b:e8:78:2d:38:8e:4a:dd:2d:
02:cd:c1:2c:84:c2:7a:e6:dc:8e:63:13:3a:ef:7b:4b:6d:db:
2c:83:23:c5:88:bb:08:48:05:b7:26:c0:9b:4d:67:2e:b4:41:
1e:42:37:5d:38:2a:78:37:64:bc:55:de:a2:31:e1:4d:e7:ce:
08:73:ef:97:49:aa:70:07:0b:47:84:77:8b:91:54:40:56:f0:
4e:8b:a6:51:cf:c2:88:3c:ad:a0:14:f7:01:b0:ac:c3:50:64:
32:49:7e:f0:67:bc:de:ab:51:26:1b:81:de:e1:8a:4d:ba:ea:
60:46:7e:1f:e1:ec:91:f9:0f:f8:8b:44:7f:7e:2e:bc:a5:2e:
69:b1:b5:a9:36:89:f8:aa:5d:64:c3:c7:0b:f4:98:b1:27:88:
ed:60:ec:c6:2a:7f:cd:58:67:0f:5a:32:cc:b2:16:de:b3:c1:
3f:3e:ae:ea:17:ba:85:39:a5:f1:39:5b:d9:9b:0f:41:bb:6c:
2e:a3:49:0a:5a:17:8d:37:09:4e:fb:00:56:a6:dd:6b:b2:ec:
02:3d:60:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAH5jsDecSIQmrX8LLN41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjRmZTQzOTRlMzNmYzIyYWM1Y2JiNTQ1ZjljZDEwOTQw
ODc1NjcwHhcNMjQwMTAxMTIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ3ZGQ5MDdlZmQ0ZDNjZGYzMmI3MjVlN2NjYmQzNDYzMmFlN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocfAKCal7oSoObJaI8nNrN5t46mb
KMM6YdqGfpZhASnsgDHkuZD0D4IRikTafVINzN7gOprJarOV6P3mFT8n7qMvlDLk
HY13rnhgkupXil3nhcLKamn0wsAxHM9Ml+Ndt5NzeQrEtEIqWx+dAJ4EJFGvEMZR
rDHGZKxfylE69LKy23K02blu7jE4HpMEZ/KMkVojTwDaxPvmhORisW02kbBSKdJL
QybZURrPCSKEU1tIeL8xtP6iJzdRCEYfaxzbBZkC7DpinTUgNcylZKZYoISov0F1
sj3iirlIHjA947omf+HvXong35OPAfk+eU0ncFr6CBlilfrsHdJq3whuKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOLX3ZB+/U083zK3JefMvTRjKufaMB8GA1UdIwQY
MBaAFAC0/kOU4z/CKsXLtUX5zRCUCHVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxULVE1VGpQOElxeGN1MVJmbk5FSlFJZFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9kYmU5MjMtYWFlZi00OTEyLTg0M2Yt
YTRlZmM0M2EwNDc4LzEvNHRmZGtINzlUVHpmTXJjbDU4eTlOR01xNTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9kYmU5MjMtYWFlZi00OTEyLTg0M2YtYTRlZmM0M2EwNDc4
LzEvQUxULVE1VGpQOElxeGN1MVJmbk5FSlFJZFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAPM
MA0GCSqGSIb3DQEBCwUAA4IBAQCB1jXabGK6mfHoIW2pCW+gGcFaJSRPeDHoWom8
M5mMeouaXnfdbwTPZWMmWd4b6HgtOI5K3S0CzcEshMJ65tyOYxM673tLbdssgyPF
iLsISAW3JsCbTWcutEEeQjddOCp4N2S8Vd6iMeFN584Ic++XSapwBwtHhHeLkVRA
VvBOi6ZRz8KIPK2gFPcBsKzDUGQySX7wZ7zeq1EmG4He4YpNuupgRn4f4eyR+Q/4
i0R/fi68pS5psbWpNon4ql1kw8cL9JixJ4jtYOzGKn/NWGcPWjLMshbes8E/Pq7q
F7qFOaXxOVvZmw9Bu2wuo0kKWheNNwlO+wBWpt1rsuwCPWD5
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:19:08 2025 by rpki-client