Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/CO9IrD24rHy0bOVcNlN-p-qRtcc.roa
File: CO9IrD24rHy0bOVcNlN-p-qRtcc.roa (raw, json)
Hash identifier: w2BkP86RiXVuZXpEMOYZTYrUGI4Wih4777K9FIfXwg8=
Subject key identifier: 08:EF:48:AC:3D:B8:AC:7C:B4:6C:E5:5C:36:53:7E:A7:EA:91:B5:C7
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 01940769C2623620CAF5DB585A0F2171661D
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/CO9IrD24rHy0bOVcNlN-p-qRtcc.roa
Signing time: Fri 27 Dec 2024 09:19:18 +0000
ROA not before: Fri 27 Dec 2024 09:19:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35263
IP address blocks: 86.109.64.0/19 maxlen: 19
2a00:1b90::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:69:c2:62:36:20:ca:f5:db:58:5a:0f:21:71:66:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: Dec 27 09:19:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ef48ac3db8ac7cb46ce55c36537ea7ea91b5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9a:8b:1d:4a:3a:2b:ad:58:89:c1:50:04:92:
f6:38:2b:fd:f8:aa:4a:0e:58:9d:f8:da:ff:b6:a2:
a1:7d:d3:07:86:34:05:f5:47:2c:57:c2:69:2b:90:
ec:e5:f7:b9:bd:2a:4c:e8:a4:67:6e:fc:db:a2:d0:
64:12:48:47:a0:94:1e:38:04:00:06:53:9c:b8:c3:
03:ee:cc:75:ad:7b:c5:0f:4f:1f:c5:1e:05:ef:fc:
3d:b7:d5:61:6e:28:e5:b3:bf:43:dd:f2:06:33:b8:
5d:58:71:69:7f:2d:2e:1c:cc:d2:db:26:66:e1:cd:
b2:07:7e:4a:e5:e7:c3:94:c7:a5:b7:22:2a:84:eb:
26:bd:87:c8:14:05:d9:99:5f:65:2c:04:f6:8d:45:
bd:14:06:bf:31:06:3b:68:5d:0a:63:61:4b:bb:db:
9c:f5:52:f1:1d:a4:5f:84:1e:ff:fa:50:e5:6c:1e:
7f:4d:9f:2c:3e:d3:bb:5d:85:5e:68:36:ae:b6:09:
cc:8d:ce:4a:a8:c0:76:eb:a7:24:d2:9c:58:f0:10:
b3:51:91:3d:97:b8:c0:c8:1c:a7:2d:71:84:3e:a8:
85:0f:f7:13:71:a8:a8:25:bc:92:20:1d:a6:c8:6a:
08:87:74:25:0c:ac:21:cb:5a:d6:17:bc:d6:b6:7d:
8a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:48:AC:3D:B8:AC:7C:B4:6C:E5:5C:36:53:7E:A7:EA:91:B5:C7
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/CO9IrD24rHy0bOVcNlN-p-qRtcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.64.0/19
IPv6:
2a00:1b90::/32
Signature Algorithm: sha256WithRSAEncryption
9f:e3:5b:61:1b:af:7c:52:32:a5:c4:01:f5:e1:bf:ba:00:ef:
96:5f:3e:78:da:98:33:66:76:17:ab:36:70:81:23:4d:91:f0:
35:4a:50:ba:4c:5a:a2:ad:49:26:2f:f8:cf:1b:d9:d2:67:e6:
d8:6d:5f:ad:24:c2:da:21:d2:ad:32:51:62:41:bb:a0:54:c1:
97:5b:c6:c1:d6:18:61:27:d5:e1:3d:16:92:38:22:b1:f5:4d:
fc:c8:4a:bb:7b:ee:83:ac:79:8e:b3:b8:d1:ea:c0:46:1d:77:
ac:dd:dc:6e:7b:6d:76:e8:a2:f4:69:9a:04:10:76:de:66:09:
4a:1a:07:7e:cf:bb:a6:82:ee:61:e8:67:7e:67:db:bc:22:f1:
2f:12:68:96:26:23:18:39:03:90:8a:fd:97:65:b6:91:33:b9:
62:4b:3e:cd:3a:da:0e:96:e7:e0:cf:4e:20:62:18:a1:cc:2a:
02:81:f9:69:1a:ca:0f:3a:0c:75:11:20:ab:bd:2b:d9:b8:08:
11:07:fb:3d:25:75:80:c2:f5:19:70:46:db:56:0f:64:06:37:
98:0a:fe:2c:73:28:c5:ab:52:ea:d4:03:b9:e5:1b:90:16:ab:
10:ff:29:b9:b1:37:c5:37:a9:8d:cc:4e:39:d3:f1:89:59:4e:
de:a7:7f:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQHacJiNiDK9dtYWg8hcWYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjQxMjI3MDkxOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmNDhhYzNkYjhhYzdjYjQ2Y2U1NWMzNjUzN2VhN2VhOTFiNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJqLHUo6K61YicFQBJL2OCv9+KpK
Dlid+Nr/tqKhfdMHhjQF9UcsV8JpK5Ds5fe5vSpM6KRnbvzbotBkEkhHoJQeOAQA
BlOcuMMD7sx1rXvFD08fxR4F7/w9t9Vhbijls79D3fIGM7hdWHFpfy0uHMzS2yZm
4c2yB35K5efDlMeltyIqhOsmvYfIFAXZmV9lLAT2jUW9FAa/MQY7aF0KY2FLu9uc
9VLxHaRfhB7/+lDlbB5/TZ8sPtO7XYVeaDautgnMjc5KqMB266ck0pxY8BCzUZE9
l7jAyBynLXGEPqiFD/cTcaioJbySIB2myGoIh3QlDKwhy1rWF7zWtn2K3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjvSKw9uKx8tGzlXDZTfqfqkbXHMB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvQ085SXJEMjRySHkwYk9WY05sTi1wLXFSdGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVm1AMA0E
AgACMAcDBQAqABuQMA0GCSqGSIb3DQEBCwUAA4IBAQCf41thG698UjKlxAH14b+6
AO+WXz542pgzZnYXqzZwgSNNkfA1SlC6TFqirUkmL/jPG9nSZ+bYbV+tJMLaIdKt
MlFiQbugVMGXW8bB1hhhJ9XhPRaSOCKx9U38yEq7e+6DrHmOs7jR6sBGHXes3dxu
e2126KL0aZoEEHbeZglKGgd+z7umgu5h6Gd+Z9u8IvEvEmiWJiMYOQOQiv2XZbaR
M7liSz7NOtoOlufgz04gYhihzCoCgflpGsoPOgx1ESCrvSvZuAgRB/s9JXWAwvUZ
cEbbVg9kBjeYCv4scyjFq1Lq1AO55RuQFqsQ/ym5sTfFN6mNzE450/GJWU7ep3+n
-----END CERTIFICATE-----
Generated at Sun May 11 19:21:07 2025 by rpki-client