Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/mTdadl6_IF-4DkkjSk_W0j9_HGk.roa
File: mTdadl6_IF-4DkkjSk_W0j9_HGk.roa (raw, json)
Hash identifier: 2SLDseD83BJWAUcSGhjIBQB8EWHvm2+ZvkUx+l+nQkM=
Subject key identifier: 99:37:5A:76:5E:BF:20:5F:B8:0E:49:23:4A:4F:D6:D2:3F:7F:1C:69
Certificate issuer: /CN=a3f0099ad86dd8434e52f8c6fddeeb2c3ed6c6ca
Certificate serial: 018CC80191ACEA86F4519BFF321835B86145
Authority key identifier: A3:F0:09:9A:D8:6D:D8:43:4E:52:F8:C6:FD:DE:EB:2C:3E:D6:C6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_AJmtht2ENOUvjG_d7rLD7Wxso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/mTdadl6_IF-4DkkjSk_W0j9_HGk.roa
Signing time: Tue 02 Jan 2024 02:29:55 +0000
ROA not before: Tue 02 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202728
IP address blocks: 2001:67c:a7c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:91:ac:ea:86:f4:51:9b:ff:32:18:35:b8:61:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3f0099ad86dd8434e52f8c6fddeeb2c3ed6c6ca
Validity
Not Before: Jan 2 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99375a765ebf205fb80e49234a4fd6d23f7f1c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:03:3d:af:6b:cd:b3:dc:57:4c:9b:1e:16:31:
12:a5:90:8e:ed:35:f0:12:38:0a:70:d6:a4:c6:bb:
c2:a3:41:2a:05:e1:ac:15:24:72:78:80:53:60:46:
e4:0e:aa:36:b5:81:e0:84:19:81:fe:67:e8:50:04:
3d:3c:28:ea:53:4b:8b:d6:32:c8:72:df:02:d1:59:
4f:1c:d6:e8:7b:ed:c8:27:82:eb:5d:6f:f3:9a:48:
fc:4e:17:5f:02:30:57:c8:35:1c:17:10:41:a5:05:
0b:73:0b:35:3f:08:2d:8d:35:11:85:1b:cd:a1:26:
f5:4d:85:a5:d4:63:b4:55:b5:6e:e3:72:ca:dd:5a:
40:1e:92:5a:2c:69:cd:c6:71:2a:9a:0b:ff:fa:2e:
ca:27:fa:76:1b:cb:9e:9b:01:a1:90:7a:05:a6:12:
1a:18:57:ca:60:b1:f6:2f:be:4b:10:20:f2:61:df:
cb:a9:bc:be:7c:9f:2e:15:c6:48:a5:dc:e5:8b:07:
a7:59:11:e0:70:0b:22:f7:be:a5:a6:fb:88:f5:05:
38:a2:5f:6f:7f:fa:94:99:86:68:ce:ff:bd:7d:8e:
9b:9b:11:aa:ee:6f:91:df:7a:e9:b6:1c:8b:5b:31:
06:52:3e:5f:ec:b3:41:92:08:66:b5:c7:ec:8c:d9:
68:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:37:5A:76:5E:BF:20:5F:B8:0E:49:23:4A:4F:D6:D2:3F:7F:1C:69
X509v3 Authority Key Identifier:
keyid:A3:F0:09:9A:D8:6D:D8:43:4E:52:F8:C6:FD:DE:EB:2C:3E:D6:C6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_AJmtht2ENOUvjG_d7rLD7Wxso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/mTdadl6_IF-4DkkjSk_W0j9_HGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cce012-2cb9-4be6-a1b6-d5167e6756b6/1/o_AJmtht2ENOUvjG_d7rLD7Wxso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a7c::/48
Signature Algorithm: sha256WithRSAEncryption
74:44:28:c5:23:1a:d7:77:b7:5c:f9:dc:35:2e:ca:37:4e:c8:
a1:19:63:70:6a:a7:90:0c:5c:bd:cc:44:85:21:ab:8d:2d:00:
43:bf:ec:80:c1:58:89:49:bd:2b:9c:7c:03:ad:7c:c1:34:06:
01:03:73:23:87:cd:6a:0a:8f:34:cc:89:a6:66:18:56:d6:75:
94:1f:fa:e4:09:9c:ff:a4:1f:0f:4e:46:9d:69:50:61:de:f7:
a3:9b:98:d0:63:3d:25:43:7a:dd:a4:ab:a8:bc:ac:2f:a5:34:
7d:da:29:b1:c6:82:96:0d:17:d3:4a:67:aa:c6:04:8b:8b:28:
5d:23:12:c6:f1:29:49:cb:9e:8c:3e:ea:cc:da:f6:58:69:58:
15:f4:78:d8:fb:71:82:d4:41:68:18:d9:63:c4:00:b1:35:bb:
e3:df:66:f9:a0:bf:0f:86:5b:1a:8c:bb:0b:f6:2f:e3:3b:8a:
54:9c:8e:15:76:d6:34:68:56:51:3e:4d:8b:0a:99:f6:0c:16:
50:fe:2f:18:5e:c9:46:a0:c8:f0:d9:cc:1b:ca:02:97:46:81:
7c:5b:64:83:bb:2f:75:15:fa:1c:15:16:98:a6:a5:6f:8a:7d:
92:c1:93:e7:f7:65:86:24:67:28:6e:b6:86:18:8d:36:4b:db:
de:0f:c1:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAZGs6ob0UZv/Mhg1uGFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjAwOTlhZDg2ZGQ4NDM0ZTUyZjhjNmZkZGVlYjJjM2Vk
NmM2Y2EwHhcNMjQwMTAyMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM3NWE3NjVlYmYyMDVmYjgwZTQ5MjM0YTRmZDZkMjNmN2YxYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAM9r2vNs9xXTJseFjESpZCO7TXw
EjgKcNakxrvCo0EqBeGsFSRyeIBTYEbkDqo2tYHghBmB/mfoUAQ9PCjqU0uL1jLI
ct8C0VlPHNboe+3IJ4LrXW/zmkj8ThdfAjBXyDUcFxBBpQULcws1PwgtjTURhRvN
oSb1TYWl1GO0VbVu43LK3VpAHpJaLGnNxnEqmgv/+i7KJ/p2G8uemwGhkHoFphIa
GFfKYLH2L75LECDyYd/Lqby+fJ8uFcZIpdzliwenWRHgcAsi976lpvuI9QU4ol9v
f/qUmYZozv+9fY6bmxGq7m+R33rpthyLWzEGUj5f7LNBkghmtcfsjNloOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJk3WnZevyBfuA5JI0pP1tI/fxxpMB8GA1UdIwQY
MBaAFKPwCZrYbdhDTlL4xv3e6yw+1sbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19BSm10aHQyRU5PVXZqR19kN3JMRDdXeHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jY2UwMTItMmNiOS00YmU2LWExYjYt
ZDUxNjdlNjc1NmI2LzEvbVRkYWRsNl9JRi00RGtralNrX1cwajlfSEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jY2UwMTItMmNiOS00YmU2LWExYjYtZDUxNjdlNjc1NmI2
LzEvb19BSm10aHQyRU5PVXZqR19kN3JMRDdXeHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAp8
MA0GCSqGSIb3DQEBCwUAA4IBAQB0RCjFIxrXd7dc+dw1Lso3TsihGWNwaqeQDFy9
zESFIauNLQBDv+yAwViJSb0rnHwDrXzBNAYBA3Mjh81qCo80zImmZhhW1nWUH/rk
CZz/pB8PTkadaVBh3vejm5jQYz0lQ3rdpKuovKwvpTR92imxxoKWDRfTSmeqxgSL
iyhdIxLG8SlJy56MPurM2vZYaVgV9HjY+3GC1EFoGNljxACxNbvj32b5oL8Phlsa
jLsL9i/jO4pUnI4VdtY0aFZRPk2LCpn2DBZQ/i8YXslGoMjw2cwbygKXRoF8W2SD
uy91FfocFRaYpqVvin2SwZPn92WGJGcobraGGI02S9veD8EI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:01 2025 by rpki-client