Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/3o4HKrJsv9KPV8BJ86yE6kqo_vI.roa
File: 3o4HKrJsv9KPV8BJ86yE6kqo_vI.roa (raw, json)
Hash identifier: b6KGNZI2Rsi9JcxCqkJPmaUh+N7qcyEb6lb9RYukI9c=
Subject key identifier: DE:8E:07:2A:B2:6C:BF:D2:8F:57:C0:49:F3:AC:84:EA:4A:A8:FE:F2
Certificate issuer: /CN=d6c480bac972607fdab605593a84b8364c6ab1b0
Certificate serial: 018CC26D80E92BF15F36B67C76BAC86ABC51
Authority key identifier: D6:C4:80:BA:C9:72:60:7F:DA:B6:05:59:3A:84:B8:36:4C:6A:B1:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sSAuslyYH_atgVZOoS4NkxqsbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/3o4HKrJsv9KPV8BJ86yE6kqo_vI.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64449
IP address blocks: 2001:678:1d4::/48 maxlen: 48
2001:67c:d08::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:80:e9:2b:f1:5f:36:b6:7c:76:ba:c8:6a:bc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c480bac972607fdab605593a84b8364c6ab1b0
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8e072ab26cbfd28f57c049f3ac84ea4aa8fef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:9f:16:82:39:88:45:68:46:12:d8:d6:21:
92:ec:ff:77:c1:50:c9:33:44:a1:a8:e8:9b:ce:62:
d1:8c:b0:4c:e3:90:83:b9:7d:98:e2:17:74:9f:37:
10:54:79:56:6f:a9:d3:c2:6b:71:52:38:e5:a2:c9:
db:11:3f:64:8f:bd:b5:75:7c:8b:9b:16:b3:1e:f0:
d4:0a:7b:fc:44:47:1b:ae:a6:92:f3:38:0a:ba:d0:
d3:40:db:c8:39:ae:f6:a6:c4:87:a5:9b:1e:ec:d5:
72:6d:1d:c7:92:fd:95:69:4e:01:a0:77:d4:81:cd:
09:79:8f:7a:e4:14:2c:87:d3:a3:dd:e3:45:73:42:
13:f6:78:b7:35:aa:0d:6a:66:03:df:8a:f8:b5:dc:
f5:81:60:9d:44:36:fe:5f:6c:be:4f:90:2f:68:47:
74:23:c1:4f:26:0d:f7:fb:1e:9a:3d:26:45:d8:d7:
62:c8:6b:ac:5c:2b:75:e2:2d:88:a4:89:79:50:d9:
9f:1e:f3:b6:51:f6:da:f0:fd:14:4a:94:e1:c6:ec:
ff:4b:90:7c:89:43:8b:b5:48:ba:1e:7c:f4:e6:e3:
84:70:fc:51:a6:16:1c:fa:18:b2:b5:69:31:9a:db:
b8:ed:74:b2:c4:1c:ce:7b:84:fb:c6:42:e7:af:51:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8E:07:2A:B2:6C:BF:D2:8F:57:C0:49:F3:AC:84:EA:4A:A8:FE:F2
X509v3 Authority Key Identifier:
keyid:D6:C4:80:BA:C9:72:60:7F:DA:B6:05:59:3A:84:B8:36:4C:6A:B1:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sSAuslyYH_atgVZOoS4NkxqsbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/3o4HKrJsv9KPV8BJ86yE6kqo_vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/1sSAuslyYH_atgVZOoS4NkxqsbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1d4::/48
2001:67c:d08::/48
Signature Algorithm: sha256WithRSAEncryption
80:6f:54:fa:79:16:93:2a:fd:2f:f1:de:d6:11:3f:fa:cb:fe:
c0:49:3a:c0:fe:99:7e:9c:36:3b:2b:ae:5b:ef:7f:90:91:a3:
89:af:31:c9:ba:d6:dc:6f:2d:bc:ca:26:c7:ef:1d:1c:ed:2c:
8d:2c:d5:cf:84:63:ef:a0:60:80:27:dc:1f:ad:ec:80:9e:e5:
7c:57:3f:00:54:11:9b:e3:8e:cd:18:f1:21:7f:68:c3:7b:9a:
cf:65:88:1c:25:bb:ed:ee:71:e9:ea:a9:cf:03:5e:45:fc:b1:
8a:73:57:68:f1:7a:8c:8a:69:a0:cd:08:71:32:7a:a5:a7:c8:
65:35:eb:68:ee:d2:e6:8a:12:23:b4:4b:d8:5f:b4:dd:32:57:
00:b1:23:99:c5:19:18:62:e6:f4:bb:a5:11:b3:5c:1a:6a:50:
a2:a3:fd:05:7c:4b:1f:19:7e:f5:75:e4:0e:64:41:92:79:23:
5e:b1:f7:55:43:cd:d3:ea:35:8a:b4:28:85:9a:c3:04:5b:1b:
45:60:cd:9a:0d:c5:ba:64:d2:55:44:a1:f3:be:22:bb:05:78:
3e:1b:67:ce:1e:43:67:a4:71:2e:5b:ac:58:04:87:fe:5c:8a:
63:b6:fd:8b:a7:9f:f0:d0:bd:23:1c:3b:bc:e0:f8:6c:d8:7a:
c1:64:86:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbYDpK/FfNrZ8drrIarxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzQ4MGJhYzk3MjYwN2ZkYWI2MDU1OTNhODRiODM2NGM2
YWIxYjAwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThlMDcyYWIyNmNiZmQyOGY1N2MwNDlmM2FjODRlYTRhYThmZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmOfFoI5iEVoRhLY1iGS7P93wVDJ
M0ShqOibzmLRjLBM45CDuX2Y4hd0nzcQVHlWb6nTwmtxUjjlosnbET9kj721dXyL
mxazHvDUCnv8REcbrqaS8zgKutDTQNvIOa72psSHpZse7NVybR3Hkv2VaU4BoHfU
gc0JeY965BQsh9Oj3eNFc0IT9ni3NaoNamYD34r4tdz1gWCdRDb+X2y+T5AvaEd0
I8FPJg33+x6aPSZF2NdiyGusXCt14i2IpIl5UNmfHvO2Ufba8P0USpThxuz/S5B8
iUOLtUi6Hnz05uOEcPxRphYc+hiytWkxmtu47XSyxBzOe4T7xkLnr1HR0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN6OByqybL/Sj1fASfOshOpKqP7yMB8GA1UdIwQY
MBaAFNbEgLrJcmB/2rYFWTqEuDZMarGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNTQXVzbHlZSF9hdGdWWk9vUzROa3hxc2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84OTE4ZmEtZjRhYi00YjE5LTk0NTMt
OTdjNzNiZTkzYmNkLzEvM280SEtySnN2OUtQVjhCSjg2eUU2a3FvX3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84OTE4ZmEtZjRhYi00YjE5LTk0NTMtOTdjNzNiZTkzYmNk
LzEvMXNTQXVzbHlZSF9hdGdWWk9vUzROa3hxc2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAHU
AwcAIAEGfA0IMA0GCSqGSIb3DQEBCwUAA4IBAQCAb1T6eRaTKv0v8d7WET/6y/7A
STrA/pl+nDY7K65b73+QkaOJrzHJutbcby28yibH7x0c7SyNLNXPhGPvoGCAJ9wf
reyAnuV8Vz8AVBGb447NGPEhf2jDe5rPZYgcJbvt7nHp6qnPA15F/LGKc1do8XqM
immgzQhxMnqlp8hlNeto7tLmihIjtEvYX7TdMlcAsSOZxRkYYub0u6URs1waalCi
o/0FfEsfGX71deQOZEGSeSNesfdVQ83T6jWKtCiFmsMEWxtFYM2aDcW6ZNJVRKHz
viK7BXg+G2fOHkNnpHEuW6xYBIf+XIpjtv2Lp5/w0L0jHDu84Phs2HrBZIb8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:17 2025 by rpki-client