Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0b6G9fOsySwbl3rY4GiMKTzbYpo.roa
File: 0b6G9fOsySwbl3rY4GiMKTzbYpo.roa (raw, json)
Hash identifier: m1vMVXAfwg3OeDaez5UExuWk/DlC56mw0lmOJIcUjZg=
Subject key identifier: D1:BE:86:F5:F3:AC:C9:2C:1B:97:7A:D8:E0:68:8C:29:3C:DB:62:9A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FD1FFB6EFDCBD2045EAF8251B9ACDFD1A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0b6G9fOsySwbl3rY4GiMKTzbYpo.roa
Signing time: Sat 01 Jun 2024 04:12:27 +0000
ROA not before: Sat 01 Jun 2024 04:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a10:4100::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4102::/36 maxlen: 36
2a10:4102:1000::/36 maxlen: 36
2a10:4102:2000::/36 maxlen: 36
2a10:4102:3000::/36 maxlen: 36
2a10:4102:4000::/36 maxlen: 36
2a10:4102:5000::/36 maxlen: 36
2a10:4102:6000::/36 maxlen: 36
2a10:4102:7000::/36 maxlen: 36
2a12:a345::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Jun 2024 12:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d1:ff:b6:ef:dc:bd:20:45:ea:f8:25:1b:9a:cd:fd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 1 04:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1be86f5f3acc92c1b977ad8e0688c293cdb629a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7c:cb:f1:fc:c2:a1:ef:f6:4f:cd:a8:71:8e:
24:33:db:4e:d9:ca:28:ca:ff:0e:47:5e:92:9a:46:
ad:d8:84:1a:a1:0b:f4:b5:18:65:c7:9c:b4:7f:eb:
22:e5:fd:2c:c6:a7:1c:4d:0c:3b:47:a4:a2:9c:c9:
62:35:ac:cc:16:5c:50:c7:70:a9:04:23:d2:31:dc:
70:a5:37:80:ce:5c:01:45:cb:f4:7f:89:a1:9a:82:
cc:f8:df:2a:c6:a1:b1:5b:94:b2:80:7f:26:31:c2:
4c:5e:1a:c0:d8:51:93:a0:78:74:d4:50:89:34:0c:
3a:5c:00:d2:de:b0:6c:1d:6f:8c:75:3f:c5:a6:1e:
bb:c2:f0:63:b7:a3:37:7e:ea:84:c1:82:fc:81:3f:
96:46:49:e1:aa:45:52:6c:6f:b4:50:d0:69:61:c4:
1b:55:f6:ea:f4:38:c6:23:25:1d:e5:30:6c:02:7c:
4f:e8:af:4a:cd:5e:8b:66:86:d1:fb:70:30:8d:a1:
c1:1b:7d:1c:01:09:2b:55:2b:01:63:25:b1:bd:d7:
5f:86:c3:36:eb:68:f5:e8:fc:0b:c6:d0:70:9a:ee:
62:f1:fd:f3:03:eb:3f:2f:02:c8:03:7e:0b:fd:59:
34:86:46:95:d7:6f:f8:08:ef:8f:85:17:d6:47:77:
69:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BE:86:F5:F3:AC:C9:2C:1B:97:7A:D8:E0:68:8C:29:3C:DB:62:9A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0b6G9fOsySwbl3rY4GiMKTzbYpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4100::/32
2a10:4102::/32
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
15:9e:31:8a:42:ff:ea:cd:68:16:45:57:6c:d6:ed:a1:79:44:
c3:5b:20:8d:77:3d:82:9c:69:f9:09:29:cb:6a:7b:ca:49:9b:
d3:4e:55:e4:27:c5:37:b7:fc:0b:37:43:e7:12:a2:e6:65:51:
be:51:d7:dd:13:24:65:f3:f3:9a:ab:51:f3:51:85:12:d0:f0:
8e:5f:d4:4c:a4:2d:ff:47:b7:b2:76:12:f0:fa:c0:99:8d:e4:
89:bc:7b:f1:d9:36:eb:f2:25:15:eb:53:0c:e7:7d:da:4e:43:
3a:00:ca:f6:3a:01:c5:6c:69:3c:bc:84:da:ae:1f:dc:b1:c9:
bd:78:17:35:02:53:e0:e8:58:bb:8f:fd:ce:6e:b2:d9:d0:85:
d7:f7:79:2a:22:86:f3:73:57:cc:e8:ac:ae:b5:19:2a:8f:d5:
5c:08:22:57:15:ea:ff:be:1a:92:6d:74:2d:aa:20:83:35:a1:
8f:c8:c0:86:56:5a:81:39:74:b2:9c:21:75:54:db:6d:94:e8:
71:b7:f3:f2:b2:48:bc:6b:cb:c2:d7:f0:7d:e0:ec:76:42:e6:
a6:4b:a8:b4:df:52:26:0b:e0:08:94:39:d2:bc:00:41:70:40:
8c:71:3e:3f:f6:07:73:d1:a2:b0:d2:8c:6a:c7:93:eb:be:fd:
df:68:0d:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/R/7bv3L0gRer4JRuazf0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNjAxMDQxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJlODZmNWYzYWNjOTJjMWI5NzdhZDhlMDY4OGMyOTNjZGI2MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXzL8fzCoe/2T82ocY4kM9tO2coo
yv8OR16Smkat2IQaoQv0tRhlx5y0f+si5f0sxqccTQw7R6SinMliNazMFlxQx3Cp
BCPSMdxwpTeAzlwBRcv0f4mhmoLM+N8qxqGxW5SygH8mMcJMXhrA2FGToHh01FCJ
NAw6XADS3rBsHW+MdT/Fph67wvBjt6M3fuqEwYL8gT+WRknhqkVSbG+0UNBpYcQb
Vfbq9DjGIyUd5TBsAnxP6K9KzV6LZobR+3AwjaHBG30cAQkrVSsBYyWxvddfhsM2
62j16PwLxtBwmu5i8f3zA+s/LwLIA34L/Vk0hkaV12/4CO+PhRfWR3dpHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNG+hvXzrMksG5d62OBojCk822KaMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMGI2RzlmT3N5U3dibDNyWTRHaU1LVHpiWXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhBBAAMF
ACoQQQIDBQAqEqNFMA0GCSqGSIb3DQEBCwUAA4IBAQAVnjGKQv/qzWgWRVds1u2h
eUTDWyCNdz2CnGn5CSnLanvKSZvTTlXkJ8U3t/wLN0PnEqLmZVG+UdfdEyRl8/Oa
q1HzUYUS0PCOX9RMpC3/R7eydhLw+sCZjeSJvHvx2Tbr8iUV61MM533aTkM6AMr2
OgHFbGk8vITarh/cscm9eBc1AlPg6Fi7j/3ObrLZ0IXX93kqIobzc1fM6KyutRkq
j9VcCCJXFer/vhqSbXQtqiCDNaGPyMCGVlqBOXSynCF1VNttlOhxt/Pyski8a8vC
1/B94Ox2QuamS6i031ImC+AIlDnSvABBcECMcT4/9gdz0aKw0oxqx5Prvv3faA12
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:13 2025 by rpki-client