Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f99db4-987e-43b1-a0ca-20f27e870d01/1/s6iX-FN4IUwjfeH5K9I5CE9brso.roa
File: s6iX-FN4IUwjfeH5K9I5CE9brso.roa (raw, json)
Hash identifier: eFKmu52wHZ2OmD0GBEteMlmN6pPR42nwhinNHnwzE/E=
Subject key identifier: B3:A8:97:F8:53:78:21:4C:23:7D:E1:F9:2B:D2:39:08:4F:5B:AE:CA
Certificate issuer: /CN=c3743c89df34ec770a65973f1005146bfb32b0f2
Certificate serial: 018CC6B86A7646C882DEDFC75BF29A3EBC72
Authority key identifier: C3:74:3C:89:DF:34:EC:77:0A:65:97:3F:10:05:14:6B:FB:32:B0:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3Q8id807HcKZZc_EAUUa_sysPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f99db4-987e-43b1-a0ca-20f27e870d01/1/s6iX-FN4IUwjfeH5K9I5CE9brso.roa
Signing time: Mon 01 Jan 2024 20:30:23 +0000
ROA not before: Mon 01 Jan 2024 20:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197942
IP address blocks: 2001:67c:1904::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:6a:76:46:c8:82:de:df:c7:5b:f2:9a:3e:bc:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3743c89df34ec770a65973f1005146bfb32b0f2
Validity
Not Before: Jan 1 20:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3a897f85378214c237de1f92bd239084f5baeca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0d:92:21:41:04:3d:f7:39:4e:f3:ac:b1:b1:
64:51:b8:90:11:4b:b7:04:af:98:01:a8:aa:bb:b7:
48:bf:5d:1d:fc:00:b7:e9:0f:76:d8:e3:0d:81:50:
92:42:7e:6a:9c:4b:36:c4:69:f2:9d:14:5e:05:fc:
74:c9:98:50:f2:33:dc:d0:63:e3:d7:5c:a9:a8:23:
92:43:e0:d7:c9:93:2b:e8:20:58:33:c7:0e:45:09:
d6:92:e8:53:f4:53:f8:f1:8a:14:c0:8f:07:d8:5a:
a2:c3:2d:09:c9:d7:e0:fc:9c:be:04:52:0a:7d:08:
99:84:0f:ce:77:17:66:ca:05:50:a5:d5:2e:bd:a7:
09:04:f2:c0:c6:39:25:50:3e:5f:32:c4:5d:b0:1e:
89:12:be:65:70:8e:a1:06:2e:3e:08:9f:c8:ee:ff:
af:86:60:90:43:71:f0:92:33:cf:05:6d:5f:14:89:
66:d9:4e:0d:11:0d:f4:f7:27:b7:1d:83:02:78:fa:
62:5e:48:6b:19:2c:57:e8:ca:93:67:58:3c:9c:1b:
f1:59:2f:78:1e:ee:ab:11:c5:a3:ff:25:85:e3:39:
8c:dc:0d:7d:37:49:e8:aa:0b:28:06:e9:c5:bd:73:
f2:11:32:b5:70:7c:60:bc:84:79:00:2a:54:49:81:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A8:97:F8:53:78:21:4C:23:7D:E1:F9:2B:D2:39:08:4F:5B:AE:CA
X509v3 Authority Key Identifier:
keyid:C3:74:3C:89:DF:34:EC:77:0A:65:97:3F:10:05:14:6B:FB:32:B0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3Q8id807HcKZZc_EAUUa_sysPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f99db4-987e-43b1-a0ca-20f27e870d01/1/s6iX-FN4IUwjfeH5K9I5CE9brso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f99db4-987e-43b1-a0ca-20f27e870d01/1/w3Q8id807HcKZZc_EAUUa_sysPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1904::/48
Signature Algorithm: sha256WithRSAEncryption
2a:3f:73:49:53:3d:df:7e:40:37:e4:39:c0:80:22:32:b2:72:
04:9e:e4:b9:a7:36:32:f4:2d:43:4c:1d:e8:7b:39:7e:22:59:
87:0d:61:82:50:81:95:e4:88:e9:9f:ff:14:0c:7a:91:07:c8:
bf:f4:65:45:bb:9d:8e:f3:f0:ab:07:43:7d:c6:92:1b:20:a1:
80:74:1f:16:cf:8e:a3:7c:2d:9c:f7:fd:12:87:42:d0:80:55:
d8:9a:35:cc:97:ac:b2:da:eb:e4:c2:c8:d7:a7:61:5c:51:dc:
45:d4:dd:83:19:af:0e:b3:f1:ea:71:ad:91:ef:93:7f:1d:bb:
b8:60:23:b7:c1:16:0e:90:cb:6d:09:66:9a:fb:4e:75:e7:1f:
05:a6:2c:e3:f4:65:3b:90:e6:0a:98:32:6c:84:08:76:8b:db:
99:a6:da:33:f9:7f:ea:c8:9a:dc:43:12:5e:f5:ff:8e:27:dd:
e4:ad:2d:a8:b2:a9:08:61:ad:3d:48:46:e9:b9:40:9a:57:e2:
66:29:23:d0:f7:b9:33:1e:70:ef:bb:de:be:94:57:ce:aa:27:
0b:e2:b9:f8:84:63:dd:48:29:a6:13:51:d9:e3:23:67:46:6f:
30:fa:4f:00:fa:72:43:f8:98:3b:3c:56:cb:34:e9:f2:f5:8d:
7f:0e:8c:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuGp2RsiC3t/HW/KaPrxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzQzYzg5ZGYzNGVjNzcwYTY1OTczZjEwMDUxNDZiZmIz
MmIwZjIwHhcNMjQwMTAxMjAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E4OTdmODUzNzgyMTRjMjM3ZGUxZjkyYmQyMzkwODRmNWJhZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow2SIUEEPfc5TvOssbFkUbiQEUu3
BK+YAaiqu7dIv10d/AC36Q922OMNgVCSQn5qnEs2xGnynRReBfx0yZhQ8jPc0GPj
11ypqCOSQ+DXyZMr6CBYM8cORQnWkuhT9FP48YoUwI8H2Fqiwy0Jydfg/Jy+BFIK
fQiZhA/OdxdmygVQpdUuvacJBPLAxjklUD5fMsRdsB6JEr5lcI6hBi4+CJ/I7v+v
hmCQQ3HwkjPPBW1fFIlm2U4NEQ309ye3HYMCePpiXkhrGSxX6MqTZ1g8nBvxWS94
Hu6rEcWj/yWF4zmM3A19N0noqgsoBunFvXPyETK1cHxgvIR5ACpUSYHqUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLOol/hTeCFMI33h+SvSOQhPW67KMB8GA1UdIwQY
MBaAFMN0PInfNOx3CmWXPxAFFGv7MrDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNROGlkODA3SGNLWlpjX0VBVVVhX3N5c1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mOTlkYjQtOTg3ZS00M2IxLWEwY2Et
MjBmMjdlODcwZDAxLzEvczZpWC1GTjRJVXdqZmVINUs5STVDRTlicnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mOTlkYjQtOTg3ZS00M2IxLWEwY2EtMjBmMjdlODcwZDAx
LzEvdzNROGlkODA3SGNLWlpjX0VBVVVhX3N5c1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBkE
MA0GCSqGSIb3DQEBCwUAA4IBAQAqP3NJUz3ffkA35DnAgCIysnIEnuS5pzYy9C1D
TB3oezl+IlmHDWGCUIGV5Ijpn/8UDHqRB8i/9GVFu52O8/CrB0N9xpIbIKGAdB8W
z46jfC2c9/0Sh0LQgFXYmjXMl6yy2uvkwsjXp2FcUdxF1N2DGa8Os/Hqca2R75N/
Hbu4YCO3wRYOkMttCWaa+0515x8Fpizj9GU7kOYKmDJshAh2i9uZptoz+X/qyJrc
QxJe9f+OJ93krS2osqkIYa09SEbpuUCaV+JmKSPQ97kzHnDvu96+lFfOqicL4rn4
hGPdSCmmE1HZ4yNnRm8w+k8A+nJD+Jg7PFbLNOny9Y1/Dozj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:30 2025 by rpki-client