Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/DTC8Oo46bo7xxEIcrRLOpu5caDw.roa
File: DTC8Oo46bo7xxEIcrRLOpu5caDw.roa (raw, json)
Hash identifier: UhN2pTMsNahSd7JhwfOJvJg8+9mqp2tJB9rLlZ2qYkY=
Subject key identifier: 0D:30:BC:3A:8E:3A:6E:8E:F1:C4:42:1C:AD:12:CE:A6:EE:5C:68:3C
Certificate issuer: /CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Certificate serial: 0193DA25B26D6E8DAF664CFEA238383109EA
Authority key identifier: 6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/DTC8Oo46bo7xxEIcrRLOpu5caDw.roa
Signing time: Wed 18 Dec 2024 14:22:03 +0000
ROA not before: Wed 18 Dec 2024 14:22:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213708
IP address blocks: 2a14:9400::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:25:b2:6d:6e:8d:af:66:4c:fe:a2:38:38:31:09:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Validity
Not Before: Dec 18 14:22:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d30bc3a8e3a6e8ef1c4421cad12cea6ee5c683c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:64:bb:bb:d7:70:d5:80:3a:d5:e9:87:54:b0:
ed:51:8f:cb:44:fb:47:83:1f:3f:24:a9:b4:9c:cc:
25:78:4c:61:a5:38:03:1d:41:f6:94:aa:39:23:18:
e7:e3:a3:d2:59:a7:4b:b0:4c:db:8e:15:4c:c2:1e:
45:d0:2b:6c:6f:1b:bc:c0:94:0b:f4:9b:05:43:7c:
d5:7e:d8:93:30:db:47:7c:70:7a:1b:b5:95:7c:73:
dd:2a:f8:bf:09:74:bb:9f:d1:b8:87:56:c3:67:50:
a8:8e:24:1f:9a:77:25:bb:40:96:e9:6d:db:32:d5:
ab:42:1c:da:29:aa:88:18:be:f2:ba:58:55:d7:65:
a0:5a:48:8e:b2:5e:7d:c5:de:b5:fc:d9:bb:b4:7b:
0a:27:4b:a2:83:f0:63:55:9a:ab:67:b2:12:aa:25:
fc:84:3c:50:db:61:6a:1a:20:19:2c:38:39:9d:dc:
ea:d4:32:df:51:0f:9f:87:3b:c3:da:5e:bc:2a:62:
d3:25:56:89:51:50:0f:82:ab:1e:a4:90:72:74:be:
fc:32:03:58:b6:58:e0:59:d0:e9:9b:67:d6:a9:59:
eb:0a:fe:0e:81:7d:43:2d:cf:7f:97:c4:11:37:08:
fe:80:d1:a6:60:b8:ee:18:a3:d3:8f:a1:c3:d0:2e:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:30:BC:3A:8E:3A:6E:8E:F1:C4:42:1C:AD:12:CE:A6:EE:5C:68:3C
X509v3 Authority Key Identifier:
keyid:6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/DTC8Oo46bo7xxEIcrRLOpu5caDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9400::/40
Signature Algorithm: sha256WithRSAEncryption
2c:a4:84:8e:80:5e:09:56:32:34:ee:51:b7:20:4b:13:a5:54:
e2:f9:57:94:2f:db:7b:b6:13:ef:a2:d1:83:7c:58:09:a5:db:
6b:5e:3a:5b:5f:bd:39:c9:00:24:6c:cf:ad:48:9d:b0:96:84:
e9:a2:2f:ba:60:3a:49:fa:33:d7:04:4d:e3:a1:c7:38:0e:7e:
3e:e6:b3:f8:a6:fe:e4:5f:bf:18:bd:9c:fe:49:fe:81:3b:ee:
b5:be:d1:8a:0b:4b:e7:5c:e2:d7:73:a8:cd:f1:13:bd:a9:f0:
f3:3a:cf:ff:02:cc:92:06:fe:4a:33:2b:cb:07:2f:03:66:dc:
51:71:e2:20:84:e5:cb:68:9f:43:70:0c:b0:49:3a:4b:28:13:
83:96:c6:7b:e5:94:ad:aa:65:d7:98:0e:76:5e:3c:6e:bb:bd:
7b:1f:41:52:65:5c:0b:8d:57:8c:8b:4e:15:f1:c7:41:fd:92:
71:fc:6d:53:dc:1a:4a:71:39:c2:2c:be:a5:e0:40:92:26:37:
6b:5f:1c:40:1a:02:ed:dc:07:41:58:74:0d:08:6d:ed:ae:df:
b8:b5:c5:83:5a:fc:12:60:e5:28:3d:9d:c0:01:2a:a7:e4:5a:
b7:da:a0:dd:ca:24:bf:11:c0:19:bd:d2:07:64:96:f6:98:f7:
e0:0d:0f:43
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZPaJbJtbo2vZkz+ojg4MQnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTY0YTY0N2JkMmE1NTU3ZjcwZjY3NmFkY2M3NjkwNGZi
ODcyYWIwHhcNMjQxMjE4MTQyMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMwYmMzYThlM2E2ZThlZjFjNDQyMWNhZDEyY2VhNmVlNWM2ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mS7u9dw1YA61emHVLDtUY/LRPtH
gx8/JKm0nMwleExhpTgDHUH2lKo5Ixjn46PSWadLsEzbjhVMwh5F0Ctsbxu8wJQL
9JsFQ3zVftiTMNtHfHB6G7WVfHPdKvi/CXS7n9G4h1bDZ1CojiQfmnclu0CW6W3b
MtWrQhzaKaqIGL7yulhV12WgWkiOsl59xd61/Nm7tHsKJ0uig/BjVZqrZ7ISqiX8
hDxQ22FqGiAZLDg5ndzq1DLfUQ+fhzvD2l68KmLTJVaJUVAPgqsepJBydL78MgNY
tljgWdDpm2fWqVnrCv4OgX1DLc9/l8QRNwj+gNGmYLjuGKPTj6HD0C7/ZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA0wvDqOOm6O8cRCHK0SzqbuXGg8MB8GA1UdIwQY
MBaAFG+mSmR70qVVf3D2dq3MdpBPuHKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQt
ZTkxYjNhYmQxZmU4LzEvRFRDOE9vNDZibzd4eEVJY3JSTE9wdTVjYUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQtZTkxYjNhYmQxZmU4
LzEvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhSUAAAw
DQYJKoZIhvcNAQELBQADggEBACykhI6AXglWMjTuUbcgSxOlVOL5V5Qv23u2E++i
0YN8WAml22teOltfvTnJACRsz61InbCWhOmiL7pgOkn6M9cETeOhxzgOfj7ms/im
/uRfvxi9nP5J/oE77rW+0YoLS+dc4tdzqM3xE72p8PM6z/8CzJIG/kozK8sHLwNm
3FFx4iCE5cton0NwDLBJOksoE4OWxnvllK2qZdeYDnZePG67vXsfQVJlXAuNV4yL
ThXxx0H9knH8bVPcGkpxOcIsvqXgQJImN2tfHEAaAu3cB0FYdA0Ibe2u37i1xYNa
/BJg5Sg9ncABKqfkWrfaoN3KJL8RwBm90gdklvaY9+AND0M=
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:34:05 2025 by rpki-client