Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/saAtotXub9Ufs2-Z34oOwzKVKGg.roa
File: saAtotXub9Ufs2-Z34oOwzKVKGg.roa (raw, json)
Hash identifier: HHWCMweHKI0NB60xeQzMgmuxDBqeUwQr/ZGDxrEZP2s=
Subject key identifier: B1:A0:2D:A2:D5:EE:6F:D5:1F:B3:6F:99:DF:8A:0E:C3:32:95:28:68
Certificate issuer: /CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Certificate serial: 0193979D51E8ED01FFD5667D4C98D82D85DA
Authority key identifier: 6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/saAtotXub9Ufs2-Z34oOwzKVKGg.roa
Signing time: Thu 05 Dec 2024 16:18:09 +0000
ROA not before: Thu 05 Dec 2024 16:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213755
IP address blocks: 2a14:9400:666::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Dec 2024 10:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:9d:51:e8:ed:01:ff:d5:66:7d:4c:98:d8:2d:85:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa64a647bd2a5557f70f676adcc76904fb872ab
Validity
Not Before: Dec 5 16:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1a02da2d5ee6fd51fb36f99df8a0ec332952868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2f:67:37:98:1c:9f:4e:2f:48:c3:c9:34:e4:
a6:1d:f6:9c:99:9a:f1:ad:1d:82:e3:5a:0f:99:72:
a9:3e:7f:26:45:41:38:71:84:81:7a:05:e8:c2:cf:
34:2b:d1:8e:af:22:7f:7e:bd:d4:1d:dd:92:45:0e:
4e:7b:12:54:c1:5c:da:fa:eb:4d:77:dd:db:fa:2a:
07:20:0a:5f:d6:dc:a8:81:a3:ec:ab:e9:74:33:cd:
a7:5c:0f:82:40:fd:32:f6:0f:1e:34:0c:cb:cd:b3:
69:4d:de:a4:90:c1:7c:ad:e8:69:d0:61:be:d7:66:
e5:85:f8:11:7b:b2:21:b5:a1:3f:e7:68:7b:4d:3e:
66:7e:43:45:25:f9:96:ea:88:16:c5:2d:a1:da:8f:
8a:e7:99:a4:6c:9c:97:c0:4f:1a:42:65:25:e0:99:
cc:b4:e4:b7:22:7c:24:50:01:a8:24:4d:1e:b0:d4:
f0:f4:1f:21:6a:cc:fd:e3:a5:4f:ab:d9:7a:5e:4a:
57:79:d3:ee:db:db:28:0d:6a:b6:a5:d2:d1:19:48:
48:a0:11:df:b9:75:b2:36:9d:53:8b:97:4b:fa:9a:
cc:89:5c:6b:86:3e:45:bf:87:ad:ae:27:3e:04:a8:
8a:45:21:da:c6:83:1a:23:7e:b9:b0:ca:d3:fb:db:
e6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A0:2D:A2:D5:EE:6F:D5:1F:B3:6F:99:DF:8A:0E:C3:32:95:28:68
X509v3 Authority Key Identifier:
keyid:6F:A6:4A:64:7B:D2:A5:55:7F:70:F6:76:AD:CC:76:90:4F:B8:72:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/saAtotXub9Ufs2-Z34oOwzKVKGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/258dae-54fa-4a33-a19d-e91b3abd1fe8/1/b6ZKZHvSpVV_cPZ2rcx2kE-4cqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9400:666::/48
Signature Algorithm: sha256WithRSAEncryption
74:99:3d:05:69:50:f4:0b:6e:f3:13:7f:4f:e3:7e:e4:8e:41:
07:52:73:7d:d0:3c:80:97:27:43:12:05:8e:41:86:3a:1b:98:
61:dd:51:c5:0b:02:04:ee:40:0c:9a:a5:4b:c3:b0:fb:f4:d5:
60:39:40:62:e5:1e:42:b0:6e:b1:77:69:3e:e2:57:e5:30:03:
b0:93:5e:7f:6e:cc:04:42:0f:67:be:fd:0a:f3:59:6d:3a:23:
3c:a0:8a:c6:6f:2d:64:cb:09:70:7a:ca:64:12:71:4e:6c:d0:
b7:5e:02:0c:35:a9:d2:77:b1:a5:f2:04:e1:ef:d5:c6:86:23:
95:2a:1f:39:a9:db:6d:88:fc:7a:e8:00:01:eb:4e:a5:a1:84:
57:ae:b8:51:0b:03:af:d1:b5:33:73:48:31:19:a5:ee:cd:02:
b2:a1:5f:89:e8:62:b1:e9:b6:c4:e4:5c:5f:37:f3:f6:76:bd:
b4:86:11:2e:17:c1:b9:d9:5e:7f:ca:6b:b1:39:3d:9c:cb:63:
77:56:22:96:31:10:a4:9d:1b:92:68:e0:c6:70:92:7d:12:7f:
6f:29:cc:05:24:2b:e4:cb:4b:54:31:8d:9a:bf:3c:3d:4b:41:
55:72:8a:44:af:98:2c:20:c9:48:25:b9:58:e6:4a:0c:92:66:
39:a0:77:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOXnVHo7QH/1WZ9TJjYLYXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTY0YTY0N2JkMmE1NTU3ZjcwZjY3NmFkY2M3NjkwNGZi
ODcyYWIwHhcNMjQxMjA1MTYxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEwMmRhMmQ1ZWU2ZmQ1MWZiMzZmOTlkZjhhMGVjMzMyOTUyODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy9nN5gcn04vSMPJNOSmHfacmZrx
rR2C41oPmXKpPn8mRUE4cYSBegXows80K9GOryJ/fr3UHd2SRQ5OexJUwVza+utN
d93b+ioHIApf1tyogaPsq+l0M82nXA+CQP0y9g8eNAzLzbNpTd6kkMF8rehp0GG+
12blhfgRe7IhtaE/52h7TT5mfkNFJfmW6ogWxS2h2o+K55mkbJyXwE8aQmUl4JnM
tOS3InwkUAGoJE0esNTw9B8hasz946VPq9l6XkpXedPu29soDWq2pdLRGUhIoBHf
uXWyNp1Ti5dL+prMiVxrhj5Fv4etric+BKiKRSHaxoMaI365sMrT+9vmzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLGgLaLV7m/VH7Nvmd+KDsMylShoMB8GA1UdIwQY
MBaAFG+mSmR70qVVf3D2dq3MdpBPuHKrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQt
ZTkxYjNhYmQxZmU4LzEvc2FBdG90WHViOVVmczItWjM0b093ektWS0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yNThkYWUtNTRmYS00YTMzLWExOWQtZTkxYjNhYmQxZmU4
LzEvYjZaS1pIdlNwVlZfY1BaMnJjeDJrRS00Y3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhSUAAZm
MA0GCSqGSIb3DQEBCwUAA4IBAQB0mT0FaVD0C27zE39P437kjkEHUnN90DyAlydD
EgWOQYY6G5hh3VHFCwIE7kAMmqVLw7D79NVgOUBi5R5CsG6xd2k+4lflMAOwk15/
bswEQg9nvv0K81ltOiM8oIrGby1kywlwespkEnFObNC3XgIMNanSd7Gl8gTh79XG
hiOVKh85qdttiPx66AAB606loYRXrrhRCwOv0bUzc0gxGaXuzQKyoV+J6GKx6bbE
5FxfN/P2dr20hhEuF8G52V5/ymuxOT2cy2N3ViKWMRCknRuSaODGcJJ9En9vKcwF
JCvky0tUMY2avzw9S0FVcopEr5gsIMlIJblY5koMkmY5oHfG
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:35:29 2025 by rpki-client