Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PFgOoISBwvY4uO8Cj7G0pv_90Bc.roa
File: PFgOoISBwvY4uO8Cj7G0pv_90Bc.roa (raw, json)
Hash identifier: BhBdbLGL+FYfdf/MvtOMnrQLjJuYqUog5NehslQaPuA=
Subject key identifier: 3C:58:0E:A0:84:81:C2:F6:38:B8:EF:02:8F:B1:B4:A6:FF:FD:D0:17
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018DD624BD6B1445CD0868BB3BB1F527216F
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PFgOoISBwvY4uO8Cj7G0pv_90Bc.roa
Signing time: Fri 23 Feb 2024 13:25:48 +0000
ROA not before: Fri 23 Feb 2024 13:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a14:640::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Mar 2024 15:47:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:24:bd:6b:14:45:cd:08:68:bb:3b:b1:f5:27:21:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Feb 23 13:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c580ea08481c2f638b8ef028fb1b4a6fffdd017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:f0:8f:97:2f:35:50:98:e2:71:58:11:ea:
48:1f:eb:92:3f:36:8e:f8:e2:31:d4:06:82:3c:6b:
e4:80:b4:b1:2e:00:cc:9c:10:79:59:0c:d4:a5:4b:
c3:80:cd:aa:e5:36:ac:aa:c5:e1:e8:b8:f6:8b:77:
75:72:4b:2c:3d:59:26:9d:28:a0:4b:cb:a9:ed:f5:
51:2b:24:c0:2b:53:42:ac:d6:30:56:22:00:59:12:
34:18:d3:89:58:c5:b8:95:8d:c1:30:e5:db:bd:ef:
a3:82:74:f3:22:71:0e:ba:48:43:8f:47:3c:5c:10:
36:28:d4:09:08:21:7a:f0:11:bb:e0:32:e9:8c:f9:
89:1f:b1:92:8e:50:c5:ad:d0:a1:bf:b6:85:ec:c2:
6d:53:5c:40:0b:08:ac:1a:c2:78:54:2a:cd:31:a9:
e4:91:10:5b:a1:78:71:4a:31:5f:c3:39:8b:2c:61:
16:b4:91:c4:15:22:32:77:28:96:3c:26:f3:44:ce:
4b:de:8a:7e:af:22:d0:b5:fa:69:80:58:5e:53:68:
61:91:4c:32:31:6e:94:56:57:27:02:be:25:a7:10:
42:47:3f:9a:51:98:1f:aa:9c:62:09:c0:5b:f0:82:
ef:aa:dd:fd:f6:65:69:6d:bd:40:32:a0:18:c9:5c:
65:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:58:0E:A0:84:81:C2:F6:38:B8:EF:02:8F:B1:B4:A6:FF:FD:D0:17
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/PFgOoISBwvY4uO8Cj7G0pv_90Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:640::/48
Signature Algorithm: sha256WithRSAEncryption
16:4c:98:89:74:83:06:09:d4:a8:56:ab:1f:c1:7d:6e:93:3e:
77:12:d2:57:db:2a:2b:7c:80:e4:ac:e7:47:1b:23:95:84:ab:
fa:59:b4:ae:0d:91:09:d1:e1:88:e6:f5:97:93:b8:46:aa:b3:
f5:eb:1d:7f:de:04:db:ca:a2:78:e1:70:88:46:79:7c:7e:a6:
4a:aa:6b:62:10:18:c3:71:1c:a9:b8:33:15:96:38:14:a0:ca:
65:69:ca:6e:30:ca:08:66:a9:ea:6e:7f:a4:3b:81:1a:18:dd:
b7:e1:62:40:ff:0e:ed:77:20:3c:7f:ad:f3:29:01:30:11:65:
39:e4:9c:4f:6c:d2:91:7f:a7:02:38:14:92:3f:65:69:62:1c:
d4:9b:94:12:7b:dc:b2:cd:15:2e:15:d9:b6:88:14:71:8a:62:
f4:5f:4c:79:10:15:ff:ec:f1:6c:c0:78:e8:58:83:0c:9e:18:
de:99:13:ae:e2:52:63:4e:1b:a7:25:1d:be:3c:c9:96:e2:76:
68:d9:0b:da:c9:ac:fe:d1:3a:7b:56:8f:31:76:17:bb:d0:c4:
ab:f5:ce:95:fa:10:56:6d:34:81:bd:6e:65:14:e3:ee:30:56:
90:b8:27:c3:22:0d:e9:81:86:09:43:4c:ad:d9:35:62:59:b2:
b9:13:36:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3WJL1rFEXNCGi7O7H1JyFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMjIzMTMyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU4MGVhMDg0ODFjMmY2MzhiOGVmMDI4ZmIxYjRhNmZmZmRkMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKTwj5cvNVCY4nFYEepIH+uSPzaO
+OIx1AaCPGvkgLSxLgDMnBB5WQzUpUvDgM2q5TasqsXh6Lj2i3d1ckssPVkmnSig
S8up7fVRKyTAK1NCrNYwViIAWRI0GNOJWMW4lY3BMOXbve+jgnTzInEOukhDj0c8
XBA2KNQJCCF68BG74DLpjPmJH7GSjlDFrdChv7aF7MJtU1xACwisGsJ4VCrNMank
kRBboXhxSjFfwzmLLGEWtJHEFSIydyiWPCbzRM5L3op+ryLQtfppgFheU2hhkUwy
MW6UVlcnAr4lpxBCRz+aUZgfqpxiCcBb8ILvqt399mVpbb1AMqAYyVxlaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxYDqCEgcL2OLjvAo+xtKb//dAXMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvUEZnT29JU0J3dlk0dU84Q2o3RzBwdl85MEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQGQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWTJiJdIMGCdSoVqsfwX1ukz53EtJX2yorfIDk
rOdHGyOVhKv6WbSuDZEJ0eGI5vWXk7hGqrP16x1/3gTbyqJ44XCIRnl8fqZKqmti
EBjDcRypuDMVljgUoMplacpuMMoIZqnqbn+kO4EaGN234WJA/w7tdyA8f63zKQEw
EWU55JxPbNKRf6cCOBSSP2VpYhzUm5QSe9yyzRUuFdm2iBRximL0X0x5EBX/7PFs
wHjoWIMMnhjemROu4lJjThunJR2+PMmW4nZo2Qvayaz+0Tp7Vo8xdhe70MSr9c6V
+hBWbTSBvW5lFOPuMFaQuCfDIg3pgYYJQ0yt2TViWbK5EzYc
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:51:10 2025 by rpki-client