Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/IPNkbIZrDXwTuWTjYY4-DJoahk0.roa
File: IPNkbIZrDXwTuWTjYY4-DJoahk0.roa (raw, json)
Hash identifier: ZcrDvTNoyQGOO8QVApkEnatGCIzf1V60kwVBcoMTqQk=
Subject key identifier: 20:F3:64:6C:86:6B:0D:7C:13:B9:64:E3:61:8E:3E:0C:9A:1A:86:4D
Certificate issuer: /CN=080702932802c2743d335f67d47a4238c3324533
Certificate serial: 0193F04F7880C0495F23D1C7641ECDF2B214
Authority key identifier: 08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/IPNkbIZrDXwTuWTjYY4-DJoahk0.roa
Signing time: Sun 22 Dec 2024 21:39:20 +0000
ROA not before: Sun 22 Dec 2024 21:39:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29670
IP address blocks: 2001:67c:fb8::/52 maxlen: 52
Validation: Failed, certificate revoked on Mon 23 Dec 2024 18:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f0:4f:78:80:c0:49:5f:23:d1:c7:64:1e:cd:f2:b2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080702932802c2743d335f67d47a4238c3324533
Validity
Not Before: Dec 22 21:39:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20f3646c866b0d7c13b964e3618e3e0c9a1a864d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:74:1d:bb:1d:82:70:34:36:f5:6f:6f:b4:eb:
8e:50:cf:ac:03:8c:3c:8f:3d:a5:f4:34:3b:f5:8e:
ef:4b:d2:ba:eb:64:10:f6:29:1d:d8:4e:05:85:b2:
1c:85:4e:f4:c8:3e:75:de:b9:4e:a7:88:37:69:56:
e7:11:64:21:3b:fb:c6:1c:8f:7c:cc:00:cd:ed:97:
05:78:87:b4:04:45:dc:5f:2e:c5:60:b5:6f:88:3b:
56:f1:0d:34:18:27:a4:51:a0:be:2d:c9:78:a8:4a:
da:8e:9c:06:8b:22:af:00:d2:fc:c0:77:2b:ad:4a:
60:ec:a6:6c:3a:5f:18:81:ea:e6:ed:2f:b5:e9:f9:
02:81:22:d8:6b:18:4c:11:45:8e:af:9a:54:e1:c1:
2e:35:48:df:a4:7b:f8:ef:93:96:18:05:c2:1a:79:
61:a2:71:d0:6b:7a:d8:97:3e:17:05:68:00:0c:13:
a9:38:b7:83:92:8a:e3:ef:ef:d1:8d:4f:7b:ef:94:
f4:03:96:ed:24:24:29:08:67:8a:aa:4a:89:2d:32:
42:d7:75:c6:74:9a:a0:87:5b:94:78:68:16:12:b9:
a1:43:b0:8f:c3:24:c3:cf:e1:37:87:46:eb:3c:b3:
1a:77:a0:7f:07:af:ea:eb:3d:66:9f:99:c7:d0:e4:
3f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F3:64:6C:86:6B:0D:7C:13:B9:64:E3:61:8E:3E:0C:9A:1A:86:4D
X509v3 Authority Key Identifier:
keyid:08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/IPNkbIZrDXwTuWTjYY4-DJoahk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/CAcCkygCwnQ9M19n1HpCOMMyRTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:fb8::/52
Signature Algorithm: sha256WithRSAEncryption
67:56:1f:73:84:e9:2a:67:0f:00:c5:fe:34:88:4d:b3:b7:5a:
53:6e:f8:f1:0e:1e:8e:06:ef:94:d4:10:5d:af:ab:2f:91:43:
45:ab:61:65:9b:03:98:65:d2:d3:13:93:cd:b0:18:6f:48:d8:
64:f3:11:f4:2c:04:cf:b4:b4:a7:b3:04:6e:53:98:14:04:f0:
b3:a2:4b:1e:fc:7b:67:9e:66:bf:7a:bc:82:fe:8b:c4:97:8a:
80:b8:70:97:21:c2:a0:a1:30:2b:64:a4:a9:9f:a3:80:c5:53:
dc:7b:6e:b3:49:d9:d4:3d:3c:2e:20:ef:06:81:18:9c:4e:e2:
3f:bb:51:de:b0:4c:a1:59:f9:e0:07:7d:7d:84:b8:44:61:65:
0f:80:6f:bd:d8:aa:07:37:d0:22:ef:29:84:3d:82:a5:a6:fc:
78:ef:b3:a5:2b:a9:63:c5:ba:94:3b:36:4c:ae:81:f0:03:59:
f8:36:c0:40:2c:d3:81:6e:18:a4:2a:cf:6c:61:96:dc:e4:85:
af:60:fb:a8:70:3b:8e:2d:94:0a:be:86:ba:e1:81:bc:a0:4a:
82:13:81:cf:ff:58:9a:d1:2e:46:c6:b6:30:11:e6:60:56:f2:
d3:0a:3c:3a:cd:bc:21:3e:d5:10:8e:a0:97:a8:a3:1c:57:25:
37:ac:83:2d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZPwT3iAwElfI9HHZB7N8rIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDcwMjkzMjgwMmMyNzQzZDMzNWY2N2Q0N2E0MjM4YzMz
MjQ1MzMwHhcNMjQxMjIyMjEzOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYzNjQ2Yzg2NmIwZDdjMTNiOTY0ZTM2MThlM2UwYzlhMWE4NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXQdux2CcDQ29W9vtOuOUM+sA4w8
jz2l9DQ79Y7vS9K662QQ9ikd2E4FhbIchU70yD513rlOp4g3aVbnEWQhO/vGHI98
zADN7ZcFeIe0BEXcXy7FYLVviDtW8Q00GCekUaC+Lcl4qErajpwGiyKvANL8wHcr
rUpg7KZsOl8Ygerm7S+16fkCgSLYaxhMEUWOr5pU4cEuNUjfpHv475OWGAXCGnlh
onHQa3rYlz4XBWgADBOpOLeDkorj7+/RjU9775T0A5btJCQpCGeKqkqJLTJC13XG
dJqgh1uUeGgWErmhQ7CPwyTDz+E3h0brPLMad6B/B6/q6z1mn5nH0OQ/nQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFCDzZGyGaw18E7lk42GOPgyaGoZNMB8GA1UdIwQY
MBaAFAgHApMoAsJ0PTNfZ9R6QjjDMkUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODct
NDgwZmViOTJkNzE4LzEvSVBOa2JJWnJEWHdUdVdUallZNC1ESm9haGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODctNDgwZmViOTJkNzE4
LzEvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgEIAEGfA+4
ADANBgkqhkiG9w0BAQsFAAOCAQEAZ1Yfc4TpKmcPAMX+NIhNs7daU2748Q4ejgbv
lNQQXa+rL5FDRathZZsDmGXS0xOTzbAYb0jYZPMR9CwEz7S0p7MEblOYFATws6JL
Hvx7Z55mv3q8gv6LxJeKgLhwlyHCoKEwK2SkqZ+jgMVT3Htus0nZ1D08LiDvBoEY
nE7iP7tR3rBMoVn54Ad9fYS4RGFlD4BvvdiqBzfQIu8phD2Cpab8eO+zpSupY8W6
lDs2TK6B8ANZ+DbAQCzTgW4YpCrPbGGW3OSFr2D7qHA7ji2UCr6GuuGBvKBKghOB
z/9YmtEuRsa2MBHmYFby0wo8Os28IT7VEI6gl6ijHFclN6yDLQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:44:46 2025 by rpki-client