Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/627d4a-1e07-4e0c-89fd-fca2453434c9/1/XNOnrNwCbkK-fWlgVFmlh4qqJHo.roa
File: XNOnrNwCbkK-fWlgVFmlh4qqJHo.roa (raw, json)
Hash identifier: 3QWYSInu38r/5/KTKjAC8sguJHur37e5F5m4udIiWR4=
Subject key identifier: 5C:D3:A7:AC:DC:02:6E:42:BE:7D:69:60:54:59:A5:87:8A:AA:24:7A
Certificate issuer: /CN=f786c277f6ca808afdca05673f4b6c2573974e3e
Certificate serial: 018CC56DF34EAB85FC8A62A09CB0DF43315F
Authority key identifier: F7:86:C2:77:F6:CA:80:8A:FD:CA:05:67:3F:4B:6C:25:73:97:4E:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94bCd_bKgIr9ygVnP0tsJXOXTj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/627d4a-1e07-4e0c-89fd-fca2453434c9/1/XNOnrNwCbkK-fWlgVFmlh4qqJHo.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34087
IP address blocks: 2001:678:464::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f3:4e:ab:85:fc:8a:62:a0:9c:b0:df:43:31:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f786c277f6ca808afdca05673f4b6c2573974e3e
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cd3a7acdc026e42be7d69605459a5878aaa247a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4b:10:23:d7:c3:4b:c5:29:81:f3:20:76:d2:
df:60:0f:75:c1:ae:e3:19:8c:25:a8:35:52:bb:d6:
ab:a9:dc:4f:73:25:60:82:78:c8:e7:dc:b4:9c:ec:
b3:d4:90:2b:9c:6e:fd:42:54:2d:3e:b2:a8:8b:13:
a9:b3:6a:b3:5f:2c:88:a7:b3:11:9c:72:63:f5:b2:
37:b1:9c:e7:41:7e:c9:c8:89:0f:cd:52:b4:4a:44:
93:5b:95:ce:7a:19:dc:08:48:b1:cc:de:61:e8:75:
34:3a:7c:b6:5d:4f:88:be:83:c0:45:84:00:2d:46:
ba:ee:62:77:10:8e:7c:47:05:c7:86:0d:6e:ae:62:
b7:d6:4b:ac:3f:ed:5e:81:84:ae:4d:18:4f:c7:b7:
15:c2:e3:91:3a:09:3a:65:a1:d5:7d:ca:85:b9:bc:
e8:8b:f2:f8:7e:7e:6e:a0:40:c6:f8:5a:7e:97:73:
ec:cf:91:4d:00:67:85:25:82:13:1b:58:ad:8e:60:
3d:63:b5:72:eb:a9:ce:f3:4f:df:b3:17:33:fb:39:
bb:54:e9:0d:94:c4:5d:dc:b4:10:a0:57:61:9d:eb:
6e:bc:f2:21:b5:20:dc:bb:7a:e7:8b:e0:d6:7a:4d:
6d:b5:fc:83:89:08:1f:b6:24:c7:68:c3:16:84:a1:
61:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D3:A7:AC:DC:02:6E:42:BE:7D:69:60:54:59:A5:87:8A:AA:24:7A
X509v3 Authority Key Identifier:
keyid:F7:86:C2:77:F6:CA:80:8A:FD:CA:05:67:3F:4B:6C:25:73:97:4E:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94bCd_bKgIr9ygVnP0tsJXOXTj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/627d4a-1e07-4e0c-89fd-fca2453434c9/1/XNOnrNwCbkK-fWlgVFmlh4qqJHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/627d4a-1e07-4e0c-89fd-fca2453434c9/1/94bCd_bKgIr9ygVnP0tsJXOXTj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:464::/48
Signature Algorithm: sha256WithRSAEncryption
41:f9:7a:3f:62:cb:6e:ed:f5:1a:5e:ce:56:af:69:6c:63:80:
3c:d7:8a:4c:da:1e:b9:58:5d:58:6f:e8:79:76:e4:9e:19:31:
68:8b:7c:48:1e:4f:a2:c9:e5:1f:4b:57:3b:a3:b2:ab:96:49:
1e:44:4b:77:f6:ac:e1:e9:29:c0:92:61:ec:36:fb:6f:9b:ce:
83:4d:08:df:1b:4d:73:90:a3:d5:89:68:66:e4:f7:a2:67:22:
31:25:55:d0:73:22:ba:7e:bd:9d:d8:af:c4:15:ed:79:42:cd:
44:1d:2f:1e:fa:ce:50:01:42:fb:09:be:ad:61:b5:02:a5:ff:
2e:b1:70:37:72:26:4f:f6:3d:5a:bf:f9:89:8c:96:19:a1:c7:
cb:c5:3f:76:ef:d8:e5:ee:8d:96:60:6d:80:0a:09:94:5b:db:
e7:2d:3d:66:94:4c:82:9a:a9:28:2d:84:4c:76:a7:aa:32:bc:
12:55:d9:79:4e:f4:9a:bc:d6:77:00:34:7e:be:8f:e2:68:ae:
7b:88:b4:03:19:66:07:a6:f9:27:e1:d5:1b:72:9b:09:70:e7:
0c:31:aa:da:8c:9d:83:53:21:2b:3c:4f:17:0c:9c:69:13:65:
b4:9e:4a:24:33:c8:b4:fb:57:a0:f1:a7:90:3c:f9:99:b9:24:
b7:f9:a9:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbfNOq4X8imKgnLDfQzFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODZjMjc3ZjZjYTgwOGFmZGNhMDU2NzNmNGI2YzI1NzM5
NzRlM2UwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QzYTdhY2RjMDI2ZTQyYmU3ZDY5NjA1NDU5YTU4NzhhYWEyNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0sQI9fDS8UpgfMgdtLfYA91wa7j
GYwlqDVSu9arqdxPcyVggnjI59y0nOyz1JArnG79QlQtPrKoixOps2qzXyyIp7MR
nHJj9bI3sZznQX7JyIkPzVK0SkSTW5XOehncCEixzN5h6HU0Ony2XU+IvoPARYQA
LUa67mJ3EI58RwXHhg1urmK31kusP+1egYSuTRhPx7cVwuOROgk6ZaHVfcqFubzo
i/L4fn5uoEDG+Fp+l3Psz5FNAGeFJYITG1itjmA9Y7Vy66nO80/fsxcz+zm7VOkN
lMRd3LQQoFdhnetuvPIhtSDcu3rni+DWek1ttfyDiQgftiTHaMMWhKFhNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFzTp6zcAm5Cvn1pYFRZpYeKqiR6MB8GA1UdIwQY
MBaAFPeGwnf2yoCK/coFZz9LbCVzl04+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRiQ2RfYktnSXI5eWdWblAwdHNKWE9YVGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MjdkNGEtMWUwNy00ZTBjLTg5ZmQt
ZmNhMjQ1MzQzNGM5LzEvWE5PbnJOd0Nia0stZldsZ1ZGbWxoNHFxSkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MjdkNGEtMWUwNy00ZTBjLTg5ZmQtZmNhMjQ1MzQzNGM5
LzEvOTRiQ2RfYktnSXI5eWdWblAwdHNKWE9YVGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeARk
MA0GCSqGSIb3DQEBCwUAA4IBAQBB+Xo/Ystu7fUaXs5Wr2lsY4A814pM2h65WF1Y
b+h5duSeGTFoi3xIHk+iyeUfS1c7o7KrlkkeREt39qzh6SnAkmHsNvtvm86DTQjf
G01zkKPViWhm5PeiZyIxJVXQcyK6fr2d2K/EFe15Qs1EHS8e+s5QAUL7Cb6tYbUC
pf8usXA3ciZP9j1av/mJjJYZocfLxT9279jl7o2WYG2ACgmUW9vnLT1mlEyCmqko
LYRMdqeqMrwSVdl5TvSavNZ3ADR+vo/iaK57iLQDGWYHpvkn4dUbcpsJcOcMMara
jJ2DUyErPE8XDJxpE2W0nkokM8i0+1eg8aeQPPmZuSS3+an8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:55 2025 by rpki-client