Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/TKQiN4e6aN3AuYx8-nqZA1R8Hxc.roa
File: TKQiN4e6aN3AuYx8-nqZA1R8Hxc.roa (raw, json)
Hash identifier: FYv2A1GT76JF5+Nu4rDL9iPAsrm+mmSc1L5NAfCaQeA=
Subject key identifier: 4C:A4:22:37:87:BA:68:DD:C0:B9:8C:7C:FA:7A:99:03:54:7C:1F:17
Certificate issuer: /CN=080702932802c2743d335f67d47a4238c3324533
Certificate serial: 0193F4E5B9A346F0C2AA5C0090C0AB4B4EF5
Authority key identifier: 08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/TKQiN4e6aN3AuYx8-nqZA1R8Hxc.roa
Signing time: Mon 23 Dec 2024 19:01:56 +0000
ROA not before: Mon 23 Dec 2024 19:01:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29670
IP address blocks: 2001:67c:fb8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:e5:b9:a3:46:f0:c2:aa:5c:00:90:c0:ab:4b:4e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080702932802c2743d335f67d47a4238c3324533
Validity
Not Before: Dec 23 19:01:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca4223787ba68ddc0b98c7cfa7a9903547c1f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f9:5f:cc:be:78:0f:1a:a4:1a:c2:80:12:44:
4e:10:44:02:6e:11:15:81:4e:9d:cb:0e:b0:1c:c4:
de:42:2e:46:10:51:26:5d:8f:f7:ed:cc:40:c8:bc:
83:11:f6:f9:57:d8:d1:9d:34:89:d1:95:d8:d8:45:
c8:b9:b0:7b:a5:6d:03:58:fc:33:67:9b:3e:b8:6a:
0d:d2:19:aa:24:86:6d:44:e3:40:b8:09:2a:d9:e5:
14:83:70:3a:a6:dc:1f:49:32:72:f0:48:68:ca:0d:
b2:32:14:21:86:cd:79:e3:b5:80:ba:3e:fb:83:a3:
a2:8a:4f:1a:16:4a:21:be:5e:a1:8c:43:a9:77:1c:
2d:f9:06:48:b5:4e:f8:ad:26:4d:d2:84:f9:3f:b6:
28:40:1f:6e:be:7a:d3:6a:ac:79:b9:d8:42:53:f6:
23:cc:45:3b:34:19:82:cc:b0:57:bb:14:5d:d5:62:
12:fc:c2:f8:04:66:01:75:8f:bd:11:fd:68:29:a6:
95:f8:72:02:56:da:0c:76:4d:20:e8:d6:6a:83:0a:
80:4f:87:de:dd:78:4c:58:12:47:b6:5e:b5:e7:a0:
03:79:07:8e:0f:cb:da:c1:ef:36:6b:09:3a:3b:56:
22:38:7f:ca:30:51:91:9c:54:ae:a6:65:dc:03:57:
65:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A4:22:37:87:BA:68:DD:C0:B9:8C:7C:FA:7A:99:03:54:7C:1F:17
X509v3 Authority Key Identifier:
keyid:08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/TKQiN4e6aN3AuYx8-nqZA1R8Hxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/CAcCkygCwnQ9M19n1HpCOMMyRTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:fb8::/48
Signature Algorithm: sha256WithRSAEncryption
44:fe:98:9f:60:3b:e1:0f:5b:4d:d1:6e:83:90:fa:5b:7a:40:
91:46:cc:ee:47:3c:08:6b:61:0a:c6:45:28:de:7d:98:86:f5:
ba:e3:b3:96:eb:f2:6c:29:ed:ba:26:8e:dc:43:68:a8:f9:f4:
70:2d:40:88:66:1a:fb:62:c3:a5:f5:e7:ba:25:b3:a8:7f:f1:
b2:8a:e9:89:e0:f2:36:0f:d0:e6:ba:fe:2f:d4:bb:90:82:f7:
21:ac:07:32:d6:b4:6c:1a:da:56:be:9c:bb:b6:6a:c7:f6:df:
b4:88:5a:fa:1c:21:15:f7:cb:d1:e0:15:87:35:68:fb:bb:ff:
9e:4c:4d:05:9c:09:a1:1d:0a:a1:97:98:ce:11:8e:29:49:b4:
55:14:45:eb:00:ff:ff:29:1e:68:4c:cc:60:94:07:72:66:3c:
af:80:62:49:79:e0:b0:22:16:7e:d6:83:00:9e:80:6d:98:e6:
8b:c3:7d:15:c8:7c:42:7b:8d:22:0d:53:d7:83:ec:90:70:ba:
5a:8e:cb:88:5d:c3:ea:da:97:fd:0d:d7:3f:d4:26:b2:cc:77:
82:0f:b9:58:4e:24:37:5a:87:f7:7c:44:0b:1c:c6:64:cb:ef:
c4:3b:06:82:62:68:7c:a9:9c:7b:22:0c:14:d0:46:3c:d6:06:
c0:73:35:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZP05bmjRvDCqlwAkMCrS071MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDcwMjkzMjgwMmMyNzQzZDMzNWY2N2Q0N2E0MjM4YzMz
MjQ1MzMwHhcNMjQxMjIzMTkwMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E0MjIzNzg3YmE2OGRkYzBiOThjN2NmYTdhOTkwMzU0N2MxZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvlfzL54DxqkGsKAEkROEEQCbhEV
gU6dyw6wHMTeQi5GEFEmXY/37cxAyLyDEfb5V9jRnTSJ0ZXY2EXIubB7pW0DWPwz
Z5s+uGoN0hmqJIZtRONAuAkq2eUUg3A6ptwfSTJy8Ehoyg2yMhQhhs1547WAuj77
g6Oiik8aFkohvl6hjEOpdxwt+QZItU74rSZN0oT5P7YoQB9uvnrTaqx5udhCU/Yj
zEU7NBmCzLBXuxRd1WIS/ML4BGYBdY+9Ef1oKaaV+HICVtoMdk0g6NZqgwqAT4fe
3XhMWBJHtl6156ADeQeOD8vawe82awk6O1YiOH/KMFGRnFSupmXcA1dl/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEykIjeHumjdwLmMfPp6mQNUfB8XMB8GA1UdIwQY
MBaAFAgHApMoAsJ0PTNfZ9R6QjjDMkUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODct
NDgwZmViOTJkNzE4LzEvVEtRaU40ZTZhTjNBdVl4OC1ucVpBMVI4SHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODctNDgwZmViOTJkNzE4
LzEvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA+4
MA0GCSqGSIb3DQEBCwUAA4IBAQBE/pifYDvhD1tN0W6DkPpbekCRRszuRzwIa2EK
xkUo3n2YhvW647OW6/JsKe26Jo7cQ2io+fRwLUCIZhr7YsOl9ee6JbOof/GyiumJ
4PI2D9Dmuv4v1LuQgvchrAcy1rRsGtpWvpy7tmrH9t+0iFr6HCEV98vR4BWHNWj7
u/+eTE0FnAmhHQqhl5jOEY4pSbRVFEXrAP//KR5oTMxglAdyZjyvgGJJeeCwIhZ+
1oMAnoBtmOaLw30VyHxCe40iDVPXg+yQcLpajsuIXcPq2pf9Ddc/1CayzHeCD7lY
TiQ3Wof3fEQLHMZky+/EOwaCYmh8qZx7IgwU0EY81gbAczWC
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:09:05 2025 by rpki-client