Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/fTXt2lNKdgdWLDzsplbttjMDISw.roa
File: fTXt2lNKdgdWLDzsplbttjMDISw.roa (raw, json)
Hash identifier: G6FUq6a9hPnO3pKfGTqwzrKz9cDzORlyasNYQfgeuhw=
Subject key identifier: 7D:35:ED:DA:53:4A:76:07:56:2C:3C:EC:A6:56:ED:B6:33:03:21:2C
Certificate issuer: /CN=918283d785cc88ef8520862ac161f27b5630bc14
Certificate serial: 018CC86F5E3A6ACF61B0DCE65182DC1EAFBA
Authority key identifier: 91:82:83:D7:85:CC:88:EF:85:20:86:2A:C1:61:F2:7B:56:30:BC:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYKD14XMiO-FIIYqwWHye1YwvBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/fTXt2lNKdgdWLDzsplbttjMDISw.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202739
IP address blocks: 2001:678:1e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5e:3a:6a:cf:61:b0:dc:e6:51:82:dc:1e:af:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918283d785cc88ef8520862ac161f27b5630bc14
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d35edda534a7607562c3ceca656edb63303212c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:75:d6:14:36:96:60:fc:23:9d:da:9c:30:25:
47:04:43:3a:1e:ef:56:be:3a:9a:87:ff:6a:9c:55:
dc:0c:ee:30:5e:b0:f9:ea:25:17:9c:33:97:71:e6:
21:2a:93:89:20:bf:2f:ca:29:7b:ea:56:f8:8a:82:
05:b0:f2:f6:85:d9:c3:60:66:84:21:be:37:96:3a:
e6:3c:10:d5:5e:76:c2:44:1c:8c:c4:04:e0:2f:55:
13:03:a0:ec:69:61:f8:8e:13:b8:05:80:7e:51:a9:
24:c0:ac:31:79:8b:8c:7a:7b:8d:d7:aa:36:6f:4e:
a9:08:d4:46:72:01:e4:a9:3d:07:05:a8:f2:9b:31:
71:99:9e:e5:41:65:e4:4d:0c:b8:71:4b:e2:61:d3:
68:cf:96:90:ee:77:97:56:e8:57:cc:b1:9c:90:a2:
87:10:e3:19:27:7b:c3:63:02:ba:c3:88:f6:1f:f1:
7a:14:7e:be:e8:00:ca:eb:f8:28:c0:f3:f0:03:53:
6a:16:5e:ca:d3:29:25:6a:c7:0f:fe:07:a0:af:65:
bb:7a:27:de:ca:9e:43:c4:23:5e:7d:41:68:f9:f0:
98:85:9d:0e:03:5a:6b:9a:a8:35:e9:93:96:9f:49:
5e:08:d3:61:60:93:4d:26:27:52:f0:59:ec:cb:6b:
6f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:35:ED:DA:53:4A:76:07:56:2C:3C:EC:A6:56:ED:B6:33:03:21:2C
X509v3 Authority Key Identifier:
keyid:91:82:83:D7:85:CC:88:EF:85:20:86:2A:C1:61:F2:7B:56:30:BC:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYKD14XMiO-FIIYqwWHye1YwvBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/fTXt2lNKdgdWLDzsplbttjMDISw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1e0::/48
Signature Algorithm: sha256WithRSAEncryption
90:7f:72:6d:31:b3:5b:02:d0:83:e2:5a:41:fb:30:55:e7:af:
e9:00:e8:d4:d3:d0:36:ff:81:fc:7e:3a:93:e4:fb:96:4c:39:
00:10:25:68:42:9e:ea:1d:ce:ac:c8:81:f2:eb:f0:6a:22:0b:
c8:f4:74:e2:ea:33:71:f2:fa:e2:78:9a:7e:db:93:c7:36:15:
ba:16:f1:f4:4a:97:ed:48:12:59:5d:8d:06:a4:16:cb:25:fd:
cd:e6:ae:43:24:f7:a7:83:4b:62:f6:d7:75:21:1f:4d:6c:c5:
03:3b:3c:ca:0b:1a:d2:e2:98:c6:01:80:a9:3f:92:d3:5f:e5:
e7:87:66:b2:46:d3:89:f0:36:67:bf:55:25:ea:c4:b6:fd:85:
2f:c0:98:4f:23:2f:05:5d:87:ba:4a:70:2e:7f:d0:08:47:fc:
3a:39:91:41:2c:24:3f:a2:e6:4b:4b:5a:4e:77:61:bf:f3:80:
19:47:0a:c4:ab:13:c5:26:41:5e:2e:b2:79:ef:2a:7b:2b:70:
77:fb:bc:80:d4:10:03:eb:15:1c:72:51:05:3b:9f:4d:15:c7:
9d:57:e2:6f:c4:6e:bf:95:b7:2b:e9:aa:0f:b6:c0:65:71:87:
bc:f7:0f:86:69:ed:bd:f0:80:ed:08:17:28:14:42:58:d5:07:
ee:08:87:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb146as9hsNzmUYLcHq+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODI4M2Q3ODVjYzg4ZWY4NTIwODYyYWMxNjFmMjdiNTYz
MGJjMTQwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM1ZWRkYTUzNGE3NjA3NTYyYzNjZWNhNjU2ZWRiNjMzMDMyMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXXWFDaWYPwjndqcMCVHBEM6Hu9W
vjqah/9qnFXcDO4wXrD56iUXnDOXceYhKpOJIL8vyil76lb4ioIFsPL2hdnDYGaE
Ib43ljrmPBDVXnbCRByMxATgL1UTA6DsaWH4jhO4BYB+UakkwKwxeYuMenuN16o2
b06pCNRGcgHkqT0HBajymzFxmZ7lQWXkTQy4cUviYdNoz5aQ7neXVuhXzLGckKKH
EOMZJ3vDYwK6w4j2H/F6FH6+6ADK6/gowPPwA1NqFl7K0yklascP/gegr2W7eife
yp5DxCNefUFo+fCYhZ0OA1prmqg16ZOWn0leCNNhYJNNJidS8Fnsy2tvkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH017dpTSnYHViw87KZW7bYzAyEsMB8GA1UdIwQY
MBaAFJGCg9eFzIjvhSCGKsFh8ntWMLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lLRDE0WE1pTy1GSUlZcXdXSHllMVl3dkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jY2E0NzYtYTNjOC00YTY1LThjMGMt
ZjMyMjYwZTA1NzAwLzEvZlRYdDJsTktkZ2RXTER6c3BsYnR0ak1ESVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jY2E0NzYtYTNjOC00YTY1LThjMGMtZjMyMjYwZTA1NzAw
LzEva1lLRDE0WE1pTy1GSUlZcXdXSHllMVl3dkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAHg
MA0GCSqGSIb3DQEBCwUAA4IBAQCQf3JtMbNbAtCD4lpB+zBV56/pAOjU09A2/4H8
fjqT5PuWTDkAECVoQp7qHc6syIHy6/BqIgvI9HTi6jNx8vrieJp+25PHNhW6FvH0
SpftSBJZXY0GpBbLJf3N5q5DJPeng0ti9td1IR9NbMUDOzzKCxrS4pjGAYCpP5LT
X+Xnh2ayRtOJ8DZnv1Ul6sS2/YUvwJhPIy8FXYe6SnAuf9AIR/w6OZFBLCQ/ouZL
S1pOd2G/84AZRwrEqxPFJkFeLrJ57yp7K3B3+7yA1BAD6xUcclEFO59NFcedV+Jv
xG6/lbcr6aoPtsBlcYe89w+Gae298IDtCBcoFEJY1QfuCId3
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:07:14 2025 by rpki-client