Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/9pTgCkCGTOE-TNe7lM5zKlaLwBM.roa
File: 9pTgCkCGTOE-TNe7lM5zKlaLwBM.roa (raw, json)
Hash identifier: 5OOQZ271VzPV/L+GM9bj6vVnpqYOzJDgO+xclgdO5Ac=
Subject key identifier: F6:94:E0:0A:40:86:4C:E1:3E:4C:D7:BB:94:CE:73:2A:56:8B:C0:13
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019034BBB292F24696BD371518DF04191099
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/9pTgCkCGTOE-TNe7lM5zKlaLwBM.roa
Signing time: Thu 20 Jun 2024 08:20:34 +0000
ROA not before: Thu 20 Jun 2024 08:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:eb04::/32 maxlen: 32
2a0f:ed00::/32 maxlen: 32
2a0f:ed01::/32 maxlen: 32
2a0f:ed05::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a443::/32 maxlen: 32
2a13:a444::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 23 Jun 2024 06:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:bb:b2:92:f2:46:96:bd:37:15:18:df:04:19:10:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 20 08:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f694e00a40864ce13e4cd7bb94ce732a568bc013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:b2:25:c8:01:3d:33:c0:8a:bc:00:d4:ab:
92:fe:55:fc:7e:fa:45:6a:c1:63:33:6e:2c:d6:c5:
88:db:61:fd:94:13:80:b1:12:41:96:dc:ec:ab:42:
ad:65:32:8d:4e:e0:1d:55:86:18:ba:35:d6:28:2c:
15:e1:0e:cc:f1:8a:3e:c6:72:0a:70:22:76:6d:5f:
35:c4:19:6f:a2:25:44:63:25:8f:54:0a:f6:12:b7:
05:63:d6:ca:42:6f:1a:2e:c6:b6:86:c2:4e:03:c5:
e7:e9:cb:57:fe:4d:02:49:49:ea:81:9f:db:1f:ca:
b0:86:d4:11:1e:51:2c:b3:79:cd:8e:27:f6:7b:46:
a6:4d:03:7d:23:e0:0e:4a:3c:ab:74:d3:b8:87:55:
fd:b7:0a:e3:95:b2:a1:2c:3b:1e:71:0e:8c:1a:6f:
b4:de:5b:71:0e:99:05:fc:e0:fc:5e:df:22:95:1d:
d7:47:35:a0:25:c4:f6:d2:af:28:57:a8:00:16:65:
af:c3:a1:90:05:e3:bf:a0:fe:57:08:fb:d9:39:71:
25:ad:5a:ef:36:06:ea:0c:8e:83:e1:e8:3c:33:97:
f0:d5:73:31:ab:ec:53:97:95:50:6f:f3:69:6b:a7:
36:8d:f4:db:26:6d:28:aa:db:fd:1f:a1:40:ff:24:
2c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:94:E0:0A:40:86:4C:E1:3E:4C:D7:BB:94:CE:73:2A:56:8B:C0:13
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/9pTgCkCGTOE-TNe7lM5zKlaLwBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:eb04::/32
2a0f:ed00::/31
2a0f:ed05::/32
2a13:a442::-2a13:a444:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
83:83:e0:8d:cf:41:59:1e:98:e3:f5:64:5d:0e:a5:cb:89:c5:
04:fe:eb:8b:fa:4d:c0:4e:fb:79:bd:c7:2e:27:fa:39:f8:2e:
fa:fe:02:97:ae:2a:98:31:17:da:4b:de:2f:35:dc:bf:0a:57:
33:ce:4e:88:95:f7:3c:8d:25:b7:26:08:36:86:6f:5a:df:22:
34:b1:35:ba:d9:12:9c:0a:80:36:3b:66:05:dd:21:70:30:b5:
b5:ee:61:2a:ca:5b:d1:13:97:ad:59:e3:d7:77:be:9f:57:f2:
5b:45:70:a0:14:42:0f:07:b0:51:21:bf:37:42:bd:1d:7c:f1:
22:a2:be:67:e5:67:7f:35:84:4a:e4:9c:79:c7:71:5c:80:93:
4e:81:d6:50:2f:71:d6:87:f7:ba:f0:3f:47:ef:84:ee:32:42:
fb:c6:e8:fc:4e:be:0e:bc:f4:d3:16:02:60:dc:b4:2c:08:5e:
dc:1e:3a:13:b5:89:18:c9:b2:64:7d:87:4e:15:7b:39:f9:7c:
21:66:6c:84:b2:94:43:f4:db:60:9b:86:10:9c:2d:5b:64:f2:
24:ad:39:e5:11:b3:4e:91:77:3f:f0:99:19:9c:ab:5b:72:69:
79:eb:77:0c:c4:7d:2f:d8:ce:42:21:cb:fa:2b:a1:c2:98:5f:
91:d4:ea:29
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZA0u7KS8kaWvTcVGN8EGRCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNjIwMDgyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjk0ZTAwYTQwODY0Y2UxM2U0Y2Q3YmI5NGNlNzMyYTU2OGJjMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswyyJcgBPTPAirwA1KuS/lX8fvpF
asFjM24s1sWI22H9lBOAsRJBltzsq0KtZTKNTuAdVYYYujXWKCwV4Q7M8Yo+xnIK
cCJ2bV81xBlvoiVEYyWPVAr2ErcFY9bKQm8aLsa2hsJOA8Xn6ctX/k0CSUnqgZ/b
H8qwhtQRHlEss3nNjif2e0amTQN9I+AOSjyrdNO4h1X9twrjlbKhLDsecQ6MGm+0
3ltxDpkF/OD8Xt8ilR3XRzWgJcT20q8oV6gAFmWvw6GQBeO/oP5XCPvZOXElrVrv
NgbqDI6D4eg8M5fw1XMxq+xTl5VQb/Npa6c2jfTbJm0oqtv9H6FA/yQszQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPaU4ApAhkzhPkzXu5TOcypWi8ATMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvOXBUZ0NrQ0dUT0UtVE5lN2xNNXpLbGFMd0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKg/rBAMF
ASoP7QADBQAqD+0FMA4DBQEqE6RCAwUAKhOkRDANBgkqhkiG9w0BAQsFAAOCAQEA
g4Pgjc9BWR6Y4/VkXQ6ly4nFBP7ri/pNwE77eb3HLif6Ofgu+v4Cl64qmDEX2kve
LzXcvwpXM85OiJX3PI0ltyYINoZvWt8iNLE1utkSnAqANjtmBd0hcDC1te5hKspb
0ROXrVnj13e+n1fyW0VwoBRCDwewUSG/N0K9HXzxIqK+Z+VnfzWESuScecdxXICT
ToHWUC9x1of3uvA/R++E7jJC+8bo/E6+Drz00xYCYNy0LAhe3B46E7WJGMmyZH2H
ThV7Ofl8IWZshLKUQ/TbYJuGEJwtW2TyJK055RGzTpF3P/CZGZyrW3Jpeet3DMR9
L9jOQiHL+iuhwphfkdTqKQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:22 2025 by rpki-client