Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/A8iRSvS7kxb9d0rYm9GMnq4F3Uk.roa
File: A8iRSvS7kxb9d0rYm9GMnq4F3Uk.roa (raw, json)
Hash identifier: 8Emqi+V4Zw7h+UYKiNdACReTguvMRcBcxuYxLpPtnqA=
Subject key identifier: 03:C8:91:4A:F4:BB:93:16:FD:77:4A:D8:9B:D1:8C:9E:AE:05:DD:49
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A166B29DABAFB00669943C31422E7605
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/A8iRSvS7kxb9d0rYm9GMnq4F3Uk.roa
Signing time: Sat 07 Dec 2024 13:54:42 +0000
ROA not before: Sat 07 Dec 2024 13:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205692
IP address blocks: 2a09:f040::/29 maxlen: 29
2a0b:2fc0::/29 maxlen: 29
2a0d:c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:66:b2:9d:ab:af:b0:06:69:94:3c:31:42:2e:76:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 7 13:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03c8914af4bb9316fd774ad89bd18c9eae05dd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:88:06:34:53:37:95:a5:ee:79:c8:bf:9c:7b:
52:b8:a4:45:46:b7:bb:a6:36:8b:1a:cf:3e:09:b3:
34:93:9e:79:38:28:1a:32:62:9a:f8:07:c4:3b:fb:
4e:16:c6:80:ab:ad:f5:8c:3e:9f:fd:17:bb:94:0f:
7d:f9:4c:61:9d:fd:7d:49:c5:cf:83:44:e8:65:09:
9e:37:78:f9:84:67:c3:f4:d8:33:76:dc:08:6f:f1:
93:b7:1d:fb:83:11:c9:68:34:27:7c:67:e7:51:a6:
0e:2f:9b:70:35:19:f0:2e:1a:e4:e8:8e:9e:71:37:
88:09:ab:3a:77:75:2b:bc:e9:89:95:06:27:0a:27:
4f:6f:5b:e0:18:ed:37:6f:9a:de:7c:3a:f9:66:fd:
ef:aa:7f:59:2f:57:47:b9:e5:44:77:7e:c4:89:8b:
68:d5:b5:d5:66:65:ac:fc:07:70:8f:1b:47:d7:09:
0a:8c:6a:aa:4b:18:7a:dd:27:72:2c:3b:3c:9a:25:
a0:73:3e:29:f6:ef:27:ad:99:fb:f7:b1:62:a8:e5:
d5:8c:a5:c0:ad:ca:f9:0b:bc:d0:86:1e:ed:9d:36:
c3:4d:01:1e:f0:0a:c4:fa:e4:f3:ed:eb:9b:ba:39:
06:b5:61:a4:ef:1a:bf:75:a4:d4:a6:b9:06:84:d7:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C8:91:4A:F4:BB:93:16:FD:77:4A:D8:9B:D1:8C:9E:AE:05:DD:49
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/A8iRSvS7kxb9d0rYm9GMnq4F3Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f040::/29
2a0b:2fc0::/29
2a0d:c00::/29
Signature Algorithm: sha256WithRSAEncryption
72:aa:ea:38:01:cb:4d:c2:ba:2d:b7:ba:34:e9:5b:3c:c6:0e:
bb:2a:81:fb:a2:2b:f8:b4:69:c1:05:59:b8:51:22:67:b6:fc:
a4:53:22:20:3e:33:9c:c0:03:fb:ae:ba:12:83:41:bd:04:36:
7d:9f:4e:25:23:1e:ed:6b:74:a6:26:38:71:31:3a:bd:c5:bb:
95:ec:d3:e0:43:ca:1f:37:dc:9b:e9:d5:3b:b6:8c:61:5f:23:
87:ee:97:9e:ca:1f:0b:3a:37:fa:74:5f:3a:d5:ed:42:4d:41:
df:7c:7d:5b:f2:8d:ac:4f:0a:cd:d3:9c:8c:e6:15:1e:ab:56:
54:98:49:76:fa:13:64:c9:ae:a4:d9:f7:a6:ce:c1:bd:3c:b0:
1f:39:79:21:d3:62:4d:aa:7c:18:f1:1f:f3:c2:e5:4c:01:1d:
f2:e4:10:47:27:29:49:42:75:cb:02:1e:0b:f2:e6:bc:8e:6d:
02:c7:46:7f:c1:b7:9a:a4:78:0d:45:99:05:9c:b7:69:88:38:
92:8a:0d:74:db:96:8d:b6:09:5c:f4:c3:77:8f:4b:40:45:3c:
7d:f7:6d:a8:f5:4c:96:e0:e4:f9:ba:55:6c:70:ac:03:a0:47:
94:32:5b:58:3d:09:fe:ea:17:ae:f6:d8:3c:70:57:bb:24:44:
39:cd:04:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOhZrKdq6+wBmmUPDFCLnYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA3MTM1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M4OTE0YWY0YmI5MzE2ZmQ3NzRhZDg5YmQxOGM5ZWFlMDVkZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYgGNFM3laXueci/nHtSuKRFRre7
pjaLGs8+CbM0k555OCgaMmKa+AfEO/tOFsaAq631jD6f/Re7lA99+Uxhnf19ScXP
g0ToZQmeN3j5hGfD9NgzdtwIb/GTtx37gxHJaDQnfGfnUaYOL5twNRnwLhrk6I6e
cTeICas6d3UrvOmJlQYnCidPb1vgGO03b5refDr5Zv3vqn9ZL1dHueVEd37EiYto
1bXVZmWs/AdwjxtH1wkKjGqqSxh63SdyLDs8miWgcz4p9u8nrZn797FiqOXVjKXA
rcr5C7zQhh7tnTbDTQEe8ArE+uTz7eubujkGtWGk7xq/daTUprkGhNcvAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAPIkUr0u5MW/XdK2JvRjJ6uBd1JMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvQThpUlN2UzdreGI5ZDByWW05R01ucTRGM1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgnwQAMF
AyoLL8ADBQMqDQwAMA0GCSqGSIb3DQEBCwUAA4IBAQByquo4ActNwrott7o06Vs8
xg67KoH7oiv4tGnBBVm4USJntvykUyIgPjOcwAP7rroSg0G9BDZ9n04lIx7ta3Sm
JjhxMTq9xbuV7NPgQ8ofN9yb6dU7toxhXyOH7peeyh8LOjf6dF861e1CTUHffH1b
8o2sTwrN05yM5hUeq1ZUmEl2+hNkya6k2femzsG9PLAfOXkh02JNqnwY8R/zwuVM
AR3y5BBHJylJQnXLAh4L8ua8jm0Cx0Z/wbeapHgNRZkFnLdpiDiSig1025aNtglc
9MN3j0tARTx9922o9UyW4OT5ulVscKwDoEeUMltYPQn+6heu9tg8cFe7JEQ5zQQ0
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:30:09 2025 by rpki-client