Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/m1ZS24gEYBRPgFthGKVdyQEopkY.roa
File: m1ZS24gEYBRPgFthGKVdyQEopkY.roa (raw, json)
Hash identifier: NB1PEhlLKnPN8o6xD0TNlYbcWV36EYE6G4JjqNpQeo0=
Subject key identifier: 9B:56:52:DB:88:04:60:14:4F:80:5B:61:18:A5:5D:C9:01:28:A6:46
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01936417AD297D65FA0B22D50F6B60D67E8B
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/m1ZS24gEYBRPgFthGKVdyQEopkY.roa
Signing time: Mon 25 Nov 2024 16:11:33 +0000
ROA not before: Mon 25 Nov 2024 16:11:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a06:d646::/32 maxlen: 32
2a09:e302::/32 maxlen: 32
2a09:e306::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a09:ef02::/32 maxlen: 32
2a09:ef05::/32 maxlen: 32
2a09:ef07::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0b:9001::/32 maxlen: 32
2a0d:3c42::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:95c1::/32 maxlen: 32
2a0d:95c2::/32 maxlen: 32
2a0d:95c5::/32 maxlen: 32
2a0d:afc0::/32 maxlen: 32
2a0d:afc6::/32 maxlen: 32
2a0d:c104::/32 maxlen: 32
2a0d:c105::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
2a0f:3105::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Nov 2024 17:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:64:17:ad:29:7d:65:fa:0b:22:d5:0f:6b:60:d6:7e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Nov 25 16:11:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b5652db880460144f805b6118a55dc90128a646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:72:9c:f9:3d:7d:35:dc:9a:9c:e8:c7:fe:
5f:c8:bf:e5:7e:46:37:0c:26:40:84:76:1e:d6:b1:
b6:f5:8b:8f:72:5c:54:4a:ca:30:70:cd:23:ef:2c:
3d:14:7f:90:d5:44:df:ff:37:b9:92:ca:5e:8d:45:
98:78:2e:1c:69:ae:44:41:01:cb:d2:78:bf:30:48:
c2:3e:3e:85:ca:45:9e:92:2d:b8:7a:4b:4a:28:e8:
63:92:40:37:ae:c6:fa:2b:c6:e4:07:c3:65:21:c2:
c0:86:05:2c:d8:ea:8f:69:c2:90:6a:d7:2c:1c:e3:
81:ef:f5:6d:8c:eb:ae:de:fd:d4:a7:63:4b:b5:32:
ac:58:2b:f8:b4:38:b6:4f:d6:c1:10:4b:96:b5:7c:
2d:aa:5b:da:07:dd:f5:73:69:d9:c3:b7:f2:4b:c2:
4d:6f:31:f5:0d:4b:07:7c:ee:e6:e0:5d:a7:1d:8f:
0d:c0:89:ac:be:9e:28:1a:f7:9c:50:21:2d:ca:2e:
ba:c2:58:55:94:2d:22:a2:8f:bb:06:19:4e:6d:a8:
24:88:19:0e:57:4a:2a:bc:7f:bb:03:e5:8b:de:d8:
4f:20:c7:66:cd:91:f4:78:19:bc:29:43:06:8b:02:
87:21:09:ad:b7:54:79:61:fe:3d:92:5c:ac:9a:56:
c8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:56:52:DB:88:04:60:14:4F:80:5B:61:18:A5:5D:C9:01:28:A6:46
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/m1ZS24gEYBRPgFthGKVdyQEopkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a06:d646::/32
2a09:e302::/32
2a09:e306::/32
2a09:ef01::-2a09:ef02:ffff:ffff:ffff:ffff:ffff:ffff
2a09:ef05::/32
2a09:ef07::/32
2a0a:b385::/32
2a0b:9001::/32
2a0d:3c42::/32
2a0d:3c44::/32
2a0d:95c1::-2a0d:95c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:95c5::/32
2a0d:afc0::/32
2a0d:afc6::/32
2a0d:c104::/31
2a0f:3102::/32
2a0f:3105::/32
Signature Algorithm: sha256WithRSAEncryption
d4:01:f6:f0:c5:1c:10:a4:3b:a3:8c:45:4f:d3:a9:4c:1c:c3:
61:b9:d5:7c:ae:39:a5:8c:2e:f6:e6:95:83:43:ea:b9:89:68:
24:4c:47:62:9d:a6:c0:7a:2a:ba:5a:cb:c6:af:3d:32:59:23:
00:b9:2a:29:8e:e9:06:7c:8d:66:12:c2:82:69:94:21:e4:48:
78:59:40:08:d6:03:98:13:35:1b:5f:b7:72:40:39:dc:16:a9:
bb:6f:e4:56:f7:7a:b4:9c:13:10:e8:6b:fa:96:dd:b5:48:3c:
a7:5a:4b:1f:1e:a9:89:d9:34:e0:29:5a:b8:b6:26:70:a1:17:
42:db:2f:44:0c:64:d2:4d:e6:dd:8f:b6:8d:24:88:84:78:98:
34:15:ec:39:06:22:0c:0c:90:b3:f3:ab:df:28:41:ab:64:75:
46:05:32:dd:5c:76:4f:b8:00:71:f6:5d:52:4c:a7:c1:0b:32:
84:6f:ae:a2:ce:8f:73:c8:70:65:01:76:17:16:ca:a5:bc:1f:
6a:e5:06:43:23:aa:67:f1:7e:4d:96:89:39:4c:74:82:8c:7f:
a0:cf:55:73:c1:bc:65:be:72:94:da:12:a5:78:ca:e3:6f:fa:
5d:c4:61:d2:7a:0b:b9:90:34:50:24:d4:51:ba:27:6f:e5:50:
b5:48:b4:24
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZNkF60pfWX6CyLVD2tg1n6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMTI1MTYxMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU2NTJkYjg4MDQ2MDE0NGY4MDViNjExOGE1NWRjOTAxMjhhNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxldynPk9fTXcmpzox/5fyL/lfkY3
DCZAhHYe1rG29YuPclxUSsowcM0j7yw9FH+Q1UTf/ze5kspejUWYeC4caa5EQQHL
0ni/MEjCPj6FykWeki24ektKKOhjkkA3rsb6K8bkB8NlIcLAhgUs2OqPacKQatcs
HOOB7/VtjOuu3v3Up2NLtTKsWCv4tDi2T9bBEEuWtXwtqlvaB931c2nZw7fyS8JN
bzH1DUsHfO7m4F2nHY8NwImsvp4oGvecUCEtyi66wlhVlC0ioo+7BhlObagkiBkO
V0oqvH+7A+WL3thPIMdmzZH0eBm8KUMGiwKHIQmtt1R5Yf49klysmlbIAwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJtWUtuIBGAUT4BbYRilXckBKKZGMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvbTFaUzI0Z0VZQlJQZ0Z0aEdLVmR5UUVvcGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAIwgZADBQAq
BtZAAwUAKgbWRgMFACoJ4wIDBQAqCeMGMA4DBQAqCe8BAwUAKgnvAgMFACoJ7wUD
BQAqCe8HAwUAKgqzhQMFACoLkAEDBQAqDTxCAwUAKg08RDAOAwUAKg2VwQMFACoN
lcIDBQAqDZXFAwUAKg2vwAMFACoNr8YDBQEqDcEEAwUAKg8xAgMFACoPMQUwDQYJ
KoZIhvcNAQELBQADggEBANQB9vDFHBCkO6OMRU/TqUwcw2G51XyuOaWMLvbmlYND
6rmJaCRMR2KdpsB6Krpay8avPTJZIwC5KimO6QZ8jWYSwoJplCHkSHhZQAjWA5gT
NRtft3JAOdwWqbtv5Fb3erScExDoa/qW3bVIPKdaSx8eqYnZNOApWri2JnChF0Lb
L0QMZNJN5t2Pto0kiIR4mDQV7DkGIgwMkLPzq98oQatkdUYFMt1cdk+4AHH2XVJM
p8ELMoRvrqLOj3PIcGUBdhcWyqW8H2rlBkMjqmfxfk2WiTlMdIKMf6DPVXPBvGW+
cpTaEqV4yuNv+l3EYdJ6C7mQNFAk1FG6J2/lULVItCQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:11:44 2025 by rpki-client