Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/TOzemEcFCkS35oZ3uCkznnvvD9I.roa
File: TOzemEcFCkS35oZ3uCkznnvvD9I.roa (raw, json)
Hash identifier: PKglqrXCoqVXcfAP5JqMUAhqsKry6zYx9bEPfsXg6Eg=
Subject key identifier: 4C:EC:DE:98:47:05:0A:44:B7:E6:86:77:B8:29:33:9E:7B:EF:0F:D2
Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial: 0193BD1AFB75C13AE1ED3DF21E485A2EF3E3
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/TOzemEcFCkS35oZ3uCkznnvvD9I.roa
Signing time: Thu 12 Dec 2024 23:01:22 +0000
ROA not before: Thu 12 Dec 2024 23:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214213
IP address blocks: 2001:35c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bd:1a:fb:75:c1:3a:e1:ed:3d:f2:1e:48:5a:2e:f3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Validity
Not Before: Dec 12 23:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cecde9847050a44b7e68677b829339e7bef0fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:33:b1:82:a3:b8:12:a7:f6:85:54:7d:6f:
a9:58:d5:e2:8c:b2:d2:87:91:09:dc:c3:6d:90:5f:
8c:19:e1:5b:a5:d7:93:af:84:c1:a3:23:af:a6:b7:
c1:ac:e7:f6:e1:5d:37:f7:34:ce:8d:46:2c:33:b5:
71:82:ca:29:ef:1f:b6:b8:a8:42:b9:14:6a:71:0f:
52:f1:1b:a7:b9:ed:54:ff:3c:26:64:86:0c:cc:c5:
0d:dc:6d:54:4f:a7:a6:61:1f:4f:da:04:38:f6:c2:
1e:76:f2:cb:dd:9b:3f:fe:80:b5:9f:f7:06:80:c7:
a9:c4:d7:f5:83:fd:a9:6a:ff:2a:fe:9d:59:ff:0a:
04:f7:47:a3:a4:d4:a6:2a:ce:a8:71:31:1d:58:1e:
1d:3f:82:c5:a9:2f:94:95:80:39:96:cb:06:10:94:
c9:52:29:a4:b0:f9:de:3c:db:f5:29:6d:a5:bd:78:
8d:f3:9f:9c:ae:1a:d3:39:ef:b0:3c:35:e0:f8:6d:
10:f8:90:40:87:0b:a1:15:bd:69:71:c0:55:06:dc:
2a:6c:86:7a:70:e4:1a:e4:7d:1c:78:c7:d0:cf:27:
4d:6d:b4:67:a5:3c:71:e5:59:d0:90:4d:bc:9a:41:
b4:1d:8c:1b:6d:33:e4:b5:bd:3f:e6:47:02:f0:01:
6c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EC:DE:98:47:05:0A:44:B7:E6:86:77:B8:29:33:9E:7B:EF:0F:D2
X509v3 Authority Key Identifier:
keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/TOzemEcFCkS35oZ3uCkznnvvD9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:67:c5:5f:1a:de:89:3f:0c:2a:c9:a2:a7:09:69:f2:23:dc:
66:16:7c:c1:23:bb:67:68:ed:02:bb:22:aa:8c:64:6a:4b:b9:
89:84:27:89:14:80:08:b1:ba:48:7e:de:ac:a9:3d:56:34:70:
2b:00:a1:29:36:f2:09:1a:68:f7:1a:c0:83:97:e6:0d:42:f2:
34:ee:a7:2a:6b:f4:65:b0:fb:71:9f:35:82:ad:48:8c:a9:a3:
33:06:57:2d:08:43:31:ea:a5:31:cb:5f:25:b9:e9:cc:30:85:
96:93:8b:fc:9d:dc:e2:bf:c7:55:aa:3c:0e:25:4e:c1:3e:2a:
22:e2:35:d7:ff:f3:21:07:01:60:02:1f:ba:4f:7c:e6:ea:b8:
db:03:8b:92:72:83:29:f3:dd:bd:5e:a2:aa:97:5a:77:2b:65:
be:90:33:08:b5:03:8a:5b:23:4b:e3:c7:d6:fc:48:d4:10:e2:
f8:f4:a7:ee:5a:c2:a3:3a:ae:c9:7b:4d:af:cb:6b:8a:5a:a6:
e9:8e:5f:95:cc:63:1a:ba:ce:2f:8e:9f:33:e5:90:5c:b4:34:
c2:a6:d0:9d:c5:53:3d:50:a1:14:3f:7d:4e:29:a6:2c:98:4f:
7e:de:4b:25:72:39:ee:bf:e5:c2:d7:69:f3:b4:eb:cf:a2:36:
b2:cf:42:58
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZO9Gvt1wTrh7T3yHkhaLvPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjQxMjEyMjMwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2VjZGU5ODQ3MDUwYTQ0YjdlNjg2NzdiODI5MzM5ZTdiZWYwZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGozsYKjuBKn9oVUfW+pWNXijLLS
h5EJ3MNtkF+MGeFbpdeTr4TBoyOvprfBrOf24V039zTOjUYsM7Vxgsop7x+2uKhC
uRRqcQ9S8Runue1U/zwmZIYMzMUN3G1UT6emYR9P2gQ49sIedvLL3Zs//oC1n/cG
gMepxNf1g/2pav8q/p1Z/woE90ejpNSmKs6ocTEdWB4dP4LFqS+UlYA5lssGEJTJ
UimksPnePNv1KW2lvXiN85+crhrTOe+wPDXg+G0Q+JBAhwuhFb1pccBVBtwqbIZ6
cOQa5H0ceMfQzydNbbRnpTxx5VnQkE28mkG0HYwbbTPktb0/5kcC8AFsowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEzs3phHBQpEt+aGd7gpM5577w/SMB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvVE96ZW1FY0ZDa1MzNW9aM3VDa3pubnZ2RDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE1wDAN
BgkqhkiG9w0BAQsFAAOCAQEAEWfFXxreiT8MKsmipwlp8iPcZhZ8wSO7Z2jtArsi
qoxkaku5iYQniRSACLG6SH7erKk9VjRwKwChKTbyCRpo9xrAg5fmDULyNO6nKmv0
ZbD7cZ81gq1IjKmjMwZXLQhDMeqlMctfJbnpzDCFlpOL/J3c4r/HVao8DiVOwT4q
IuI11//zIQcBYAIfuk985uq42wOLknKDKfPdvV6iqpdadytlvpAzCLUDilsjS+PH
1vxI1BDi+PSn7lrCozquyXtNr8trilqm6Y5flcxjGrrOL46fM+WQXLQ0wqbQncVT
PVChFD99TimmLJhPft5LJXI57r/lwtdp87Trz6I2ss9CWA==
-----END CERTIFICATE-----
Generated at Sun May 11 03:49:58 2025 by rpki-client