Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/koobqrcf4TeXCKvdY-shKAgREG8.roa
File: koobqrcf4TeXCKvdY-shKAgREG8.roa (raw, json)
Hash identifier: aVFNvdBm5GQpzEII3PQnmq5P0KZLvI5Kbl4PmXxTkx0=
Subject key identifier: 92:8A:1B:AA:B7:1F:E1:37:97:08:AB:DD:63:EB:21:28:08:11:10:6F
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018F8DC7AE49D01E66241467670FF3F25E7C
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/koobqrcf4TeXCKvdY-shKAgREG8.roa
Signing time: Sat 18 May 2024 22:17:04 +0000
ROA not before: Sat 18 May 2024 22:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0c:9a40:8c40::/48 maxlen: 48
2a0c:9a44:cf::/48 maxlen: 48
2a0e:7d41:8888::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 19:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8d:c7:ae:49:d0:1e:66:24:14:67:67:0f:f3:f2:5e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: May 18 22:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=928a1baab71fe1379708abdd63eb21280811106f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:88:dd:6c:7f:c8:17:74:9d:64:25:e9:01:26:
22:c1:25:73:20:fe:33:89:d4:9f:55:0e:18:3a:7d:
d1:4e:70:b8:fb:3d:66:e1:62:3e:77:85:5a:0e:04:
d1:29:7f:ff:3d:5c:3a:6e:f8:53:14:35:44:fe:bd:
15:df:51:73:71:47:3f:9f:90:12:25:36:5a:b7:c6:
99:da:13:91:03:a7:28:f5:75:77:32:36:e5:94:74:
f2:0c:2c:30:74:a9:cc:e4:62:ed:06:34:ff:d7:b5:
fe:e3:9f:9d:cd:1a:ce:6a:eb:cc:ea:ba:d9:b9:c5:
a1:46:1f:61:98:37:a6:e5:28:41:ca:92:4b:c6:80:
58:30:8c:e9:f9:fd:8e:7a:f4:6e:b2:8f:2d:ed:1b:
f0:c0:ec:82:db:0c:3f:0a:38:3e:9c:13:db:7b:94:
00:cc:6d:00:8d:06:bf:73:6d:79:6a:ea:97:3f:81:
82:a3:75:e4:c9:9e:28:bf:74:53:57:8e:e3:1d:36:
ec:aa:b8:e3:40:ba:27:18:16:db:ff:d2:17:ab:dc:
b9:69:30:3d:b9:cc:8a:9b:5d:83:2d:40:9e:6b:1e:
bf:75:f6:26:a5:f4:46:87:2a:3a:b8:90:73:98:57:
5b:41:81:5c:24:7d:db:d2:21:12:88:d9:fb:75:07:
2d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8A:1B:AA:B7:1F:E1:37:97:08:AB:DD:63:EB:21:28:08:11:10:6F
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/koobqrcf4TeXCKvdY-shKAgREG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8c40::/48
2a0c:9a44:cf::/48
2a0e:7d41:8888::/48
Signature Algorithm: sha256WithRSAEncryption
b7:c9:42:b5:95:1e:50:26:ee:03:75:1f:29:27:e2:e8:a3:25:
7a:e1:9d:db:8a:a2:be:e5:b1:3c:cd:50:01:4b:2f:75:9f:f0:
08:dc:97:a2:80:48:a2:d5:45:c4:8a:33:51:d3:5f:20:5c:2e:
3a:c0:46:42:3d:b2:79:97:e0:79:83:fa:8e:2c:46:a5:5c:70:
97:75:3e:3b:92:81:e9:e9:ae:b6:18:ba:63:86:a5:ee:31:5d:
b4:fb:e8:33:88:19:68:a2:c3:94:c9:bb:dd:64:2e:be:5d:36:
36:3a:0d:77:55:10:6e:96:3f:2b:63:b8:69:9b:0b:59:6f:cc:
a2:a6:a4:d5:a4:3d:d4:c7:a6:d5:3e:ea:9c:6a:d8:39:9c:35:
8e:b2:da:55:ff:56:48:59:54:64:89:1b:f2:be:35:3b:3e:7d:
0b:48:8b:8c:9d:f8:c8:b5:64:bf:ef:72:33:c3:0c:1b:89:3d:
f3:95:14:af:6f:2b:cc:59:22:3b:bb:0a:0c:89:18:42:8e:14:
90:a1:a3:dc:5c:97:a8:4f:9e:6a:9e:35:df:39:3c:df:9b:12:
ae:2b:9d:a1:ae:de:ce:6a:a7:13:86:30:4c:41:97:29:76:89:
21:8f:ed:05:9a:ac:bc:7d:a0:c0:20:d7:4b:5f:a9:cd:ce:3b:
9e:ec:a3:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY+Nx65J0B5mJBRnZw/z8l58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwNTE4MjIxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhhMWJhYWI3MWZlMTM3OTcwOGFiZGQ2M2ViMjEyODA4MTExMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IjdbH/IF3SdZCXpASYiwSVzIP4z
idSfVQ4YOn3RTnC4+z1m4WI+d4VaDgTRKX//PVw6bvhTFDVE/r0V31FzcUc/n5AS
JTZat8aZ2hORA6co9XV3MjbllHTyDCwwdKnM5GLtBjT/17X+45+dzRrOauvM6rrZ
ucWhRh9hmDem5ShBypJLxoBYMIzp+f2OevRuso8t7RvwwOyC2ww/Cjg+nBPbe5QA
zG0AjQa/c215auqXP4GCo3XkyZ4ov3RTV47jHTbsqrjjQLonGBbb/9IXq9y5aTA9
ucyKm12DLUCeax6/dfYmpfRGhyo6uJBzmFdbQYFcJH3b0iESiNn7dQctiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJKKG6q3H+E3lwir3WPrISgIERBvMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEva29vYnFyY2Y0VGVYQ0t2ZFktc2hLQWdSRUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyaQIxA
AwcAKgyaRADPAwcAKg59QYiIMA0GCSqGSIb3DQEBCwUAA4IBAQC3yUK1lR5QJu4D
dR8pJ+LooyV64Z3biqK+5bE8zVABSy91n/AI3JeigEii1UXEijNR018gXC46wEZC
PbJ5l+B5g/qOLEalXHCXdT47koHp6a62GLpjhqXuMV20++gziBloosOUybvdZC6+
XTY2Og13VRBulj8rY7hpmwtZb8yipqTVpD3Ux6bVPuqcatg5nDWOstpV/1ZIWVRk
iRvyvjU7Pn0LSIuMnfjItWS/73IzwwwbiT3zlRSvbyvMWSI7uwoMiRhCjhSQoaPc
XJeoT55qnjXfOTzfmxKuK52hrt7OaqcThjBMQZcpdokhj+0Fmqy8faDAINdLX6nN
zjue7KOe
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:43 2025 by rpki-client