Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/8MfZ80s9lVSXl_wOG0ks7ccbqVk.roa
File: 8MfZ80s9lVSXl_wOG0ks7ccbqVk.roa (raw, json)
Hash identifier: oD0Cyqed+CYgNER2PRAuKOWU+IG3acP1Eni8xWOvuRE=
Subject key identifier: F0:C7:D9:F3:4B:3D:95:54:97:97:FC:0E:1B:49:2C:ED:C7:1B:A9:59
Certificate issuer: /CN=b3398b5b1d9a96e4115b7bcf6fca63fbaf639ca7
Certificate serial: 018CC50005AE0386A18D00DF7127CE00D9BE
Authority key identifier: B3:39:8B:5B:1D:9A:96:E4:11:5B:7B:CF:6F:CA:63:FB:AF:63:9C:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/szmLWx2aluQRW3vPb8pj-69jnKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/8MfZ80s9lVSXl_wOG0ks7ccbqVk.roa
Signing time: Mon 01 Jan 2024 12:29:21 +0000
ROA not before: Mon 01 Jan 2024 12:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52192
IP address blocks: 2001:678:f40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:05:ae:03:86:a1:8d:00:df:71:27:ce:00:d9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3398b5b1d9a96e4115b7bcf6fca63fbaf639ca7
Validity
Not Before: Jan 1 12:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c7d9f34b3d95549797fc0e1b492cedc71ba959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:cd:8c:f3:39:e2:c9:ec:35:fb:5a:87:f9:
55:da:bf:b6:74:07:c7:23:a3:ef:db:ce:8f:fb:37:
a5:af:98:57:35:a8:ed:ba:f6:9c:dd:6b:c2:b8:bc:
83:47:cd:9f:73:f6:42:d4:18:cf:ef:b0:82:6b:aa:
08:73:c9:28:e4:e6:44:9e:7e:e0:0c:31:39:0c:28:
41:14:31:6f:9a:08:79:33:fc:89:38:89:54:6e:5a:
16:0a:f1:cf:db:65:da:90:07:e7:f4:d9:d2:73:a1:
26:45:8c:cf:17:56:26:e6:51:66:87:b7:e2:8b:34:
de:08:12:51:39:e0:a6:36:f5:46:38:5e:e1:38:c0:
e1:78:ae:b9:82:dd:79:46:86:27:fa:65:e5:fc:f7:
6f:2f:9c:fb:19:b0:b5:3b:12:be:68:88:0e:ed:d8:
37:ff:be:cc:83:ca:ea:47:1c:1c:15:e3:04:d3:32:
aa:dc:a4:eb:3f:43:c8:51:1c:4b:5e:c6:d4:5a:ac:
5b:b3:da:68:75:07:76:47:7e:e9:20:a3:cb:97:fe:
db:e5:33:08:11:8c:56:53:f4:ed:a5:85:7b:ec:4f:
f6:e3:d9:37:f1:aa:d9:13:86:34:6c:9f:d6:9a:49:
0d:bb:0a:57:cc:a7:b6:47:63:eb:0e:e4:83:f8:8e:
0d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C7:D9:F3:4B:3D:95:54:97:97:FC:0E:1B:49:2C:ED:C7:1B:A9:59
X509v3 Authority Key Identifier:
keyid:B3:39:8B:5B:1D:9A:96:E4:11:5B:7B:CF:6F:CA:63:FB:AF:63:9C:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/szmLWx2aluQRW3vPb8pj-69jnKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/8MfZ80s9lVSXl_wOG0ks7ccbqVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/444437-6843-4ad4-b764-79cc52c06d4f/1/szmLWx2aluQRW3vPb8pj-69jnKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f40::/48
Signature Algorithm: sha256WithRSAEncryption
1a:ad:f8:c4:32:6a:c0:ad:12:d9:b5:a2:af:2d:86:ff:e6:3b:
30:12:aa:a8:85:65:91:b6:e0:b7:d4:6c:91:66:07:94:8b:9f:
95:e2:31:35:07:46:3b:f2:b8:81:c4:0a:bd:cf:00:fb:f6:34:
31:13:12:8f:5a:9d:ec:e3:7c:e6:02:f0:ff:16:ce:76:2b:0f:
71:fb:52:a5:3f:fa:99:e5:89:4c:72:b1:c2:6a:8e:97:49:38:
c3:e7:92:20:98:76:87:e2:ed:68:07:c4:5b:d7:c2:d1:87:2b:
03:35:b5:71:29:12:54:9c:c9:a8:73:75:4b:1f:ba:5d:1e:15:
0b:7e:41:07:06:97:69:cd:4c:50:16:79:cb:d9:ae:e7:51:1f:
0a:e6:0d:0f:e0:97:00:81:fb:f0:6d:8a:54:a8:15:a4:9c:3d:
31:0c:06:c3:c8:ff:21:ac:fd:05:4e:14:fa:6c:51:27:db:e0:
ba:1b:ee:b5:f5:ce:1c:4b:07:3d:47:aa:c4:a6:a9:75:68:b3:
bc:91:78:91:b8:e4:81:7a:9e:65:da:39:ee:0a:a9:5d:72:4d:
44:56:37:76:0e:41:79:ac:a5:e5:e6:61:0b:1f:35:42:c7:7e:
e2:08:82:64:6c:b3:6e:e2:66:72:49:d9:4d:85:c7:c2:bb:d5:
9d:60:91:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAAWuA4ahjQDfcSfOANm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMzk4YjViMWQ5YTk2ZTQxMTViN2JjZjZmY2E2M2ZiYWY2
MzljYTcwHhcNMjQwMTAxMTIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM3ZDlmMzRiM2Q5NTU0OTc5N2ZjMGUxYjQ5MmNlZGM3MWJhOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4jNjPM54snsNftah/lV2r+2dAfH
I6Pv286P+zelr5hXNajtuvac3WvCuLyDR82fc/ZC1BjP77CCa6oIc8ko5OZEnn7g
DDE5DChBFDFvmgh5M/yJOIlUbloWCvHP22XakAfn9NnSc6EmRYzPF1Ym5lFmh7fi
izTeCBJROeCmNvVGOF7hOMDheK65gt15RoYn+mXl/PdvL5z7GbC1OxK+aIgO7dg3
/77Mg8rqRxwcFeME0zKq3KTrP0PIURxLXsbUWqxbs9podQd2R37pIKPLl/7b5TMI
EYxWU/TtpYV77E/249k38arZE4Y0bJ/WmkkNuwpXzKe2R2PrDuSD+I4NRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPDH2fNLPZVUl5f8DhtJLO3HG6lZMB8GA1UdIwQY
MBaAFLM5i1sdmpbkEVt7z2/KY/uvY5ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ptTFd4MmFsdVFSVzN2UGI4cGotNjlqbktjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80NDQ0MzctNjg0My00YWQ0LWI3NjQt
NzljYzUyYzA2ZDRmLzEvOE1mWjgwczlsVlNYbF93T0cwa3M3Y2NicVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80NDQ0MzctNjg0My00YWQ0LWI3NjQtNzljYzUyYzA2ZDRm
LzEvc3ptTFd4MmFsdVFSVzN2UGI4cGotNjlqbktjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9A
MA0GCSqGSIb3DQEBCwUAA4IBAQAarfjEMmrArRLZtaKvLYb/5jswEqqohWWRtuC3
1GyRZgeUi5+V4jE1B0Y78riBxAq9zwD79jQxExKPWp3s43zmAvD/Fs52Kw9x+1Kl
P/qZ5YlMcrHCao6XSTjD55IgmHaH4u1oB8Rb18LRhysDNbVxKRJUnMmoc3VLH7pd
HhULfkEHBpdpzUxQFnnL2a7nUR8K5g0P4JcAgfvwbYpUqBWknD0xDAbDyP8hrP0F
ThT6bFEn2+C6G+619c4cSwc9R6rEpql1aLO8kXiRuOSBep5l2jnuCqldck1EVjd2
DkF5rKXl5mELHzVCx37iCIJkbLNu4mZySdlNhcfCu9WdYJE2
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:12:23 2025 by rpki-client