Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/II3FLD-6zt08B6Cgjf6EQ9E4RgQ.roa
File: II3FLD-6zt08B6Cgjf6EQ9E4RgQ.roa (raw, json)
Hash identifier: 2I5OXxcA2ZD5mz1JknSn4kVV1AXxGDAEO3HF/k6ZFHY=
Subject key identifier: 20:8D:C5:2C:3F:BA:CE:DD:3C:07:A0:A0:8D:FE:84:43:D1:38:46:04
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0192B993157BC55C1CFC8479BCEB36FA6BEE
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/II3FLD-6zt08B6Cgjf6EQ9E4RgQ.roa
Signing time: Wed 23 Oct 2024 13:31:17 +0000
ROA not before: Wed 23 Oct 2024 13:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0e:dfc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:93:15:7b:c5:5c:1c:fc:84:79:bc:eb:36:fa:6b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Oct 23 13:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=208dc52c3fbacedd3c07a0a08dfe8443d1384604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:18:ed:93:4e:76:0c:cc:7a:36:7f:d4:1d:16:
f1:d7:b5:fe:74:93:2b:7b:29:d5:d4:83:cc:ee:47:
cb:2d:ff:2c:10:1f:5c:f4:94:f5:35:40:50:03:c5:
e7:4c:bf:ca:b2:3c:bd:d4:fd:80:75:0c:32:67:f5:
a6:cc:54:f6:86:f0:c4:ae:32:08:6d:6e:cc:d2:6a:
3c:10:67:11:05:6a:1a:1a:a7:44:b3:21:e1:b4:d9:
58:0a:e9:14:0f:3f:cb:31:d0:b8:16:85:37:5f:38:
56:05:0f:44:24:24:24:61:50:fe:36:bc:dd:7f:a8:
16:37:e2:99:75:8d:60:c6:3c:0e:85:c1:f1:1e:2b:
60:b2:b1:7a:fa:da:d7:17:a3:71:7c:5b:d8:11:0c:
76:f0:9d:dd:a5:df:9d:51:2c:6d:c8:4b:54:c4:d1:
f2:59:c5:4c:38:fd:41:fe:98:9e:76:ed:7e:f8:61:
fb:c7:b9:22:d6:c7:69:5b:e2:08:cd:a7:df:af:1f:
68:99:82:29:3c:7c:6f:20:f8:04:f2:8c:44:b3:1e:
94:37:b2:cc:9f:48:61:6a:17:d8:d2:d8:f8:01:78:
49:e7:3b:bd:75:aa:a1:f2:6a:7c:99:39:c1:bb:d7:
91:20:99:ae:33:ad:31:18:8f:20:15:b1:21:19:f8:
58:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8D:C5:2C:3F:BA:CE:DD:3C:07:A0:A0:8D:FE:84:43:D1:38:46:04
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/II3FLD-6zt08B6Cgjf6EQ9E4RgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc5::/32
Signature Algorithm: sha256WithRSAEncryption
50:8f:53:7f:d0:aa:41:07:2c:52:8e:44:83:fe:ee:b8:27:ac:
94:1f:be:90:ae:fe:15:b9:57:bf:fd:88:9b:04:35:14:25:2d:
79:b5:d8:d2:55:75:72:3a:24:c6:2a:d4:65:66:b4:d2:9e:2c:
11:e7:92:5c:80:75:2a:5f:c6:bc:a6:52:7f:97:63:37:e7:d7:
37:c3:d3:de:e7:47:89:c6:34:3b:cf:6c:78:6d:0e:cd:3c:d7:
db:bd:f0:cc:f3:65:66:15:e5:38:ca:a2:bd:31:3b:9f:4c:5d:
b1:f0:e9:d2:31:f6:06:0e:d2:d9:70:01:2a:ef:4d:5a:46:55:
b3:bd:a1:a4:9f:37:02:82:81:92:92:ec:a7:cb:eb:29:ea:d1:
54:8d:f7:0a:d3:53:76:fa:16:89:15:1d:8c:b4:6c:34:7f:a8:
30:45:52:fb:f1:b6:fc:c5:4e:04:d0:eb:80:03:f7:ee:21:72:
c5:19:74:99:15:ee:f6:22:21:b9:fc:ad:1d:22:b7:80:92:7f:
0e:5e:f1:c8:8e:4a:74:0c:c8:c4:51:d7:bd:8c:22:18:06:af:
a6:19:c9:7e:bf:41:be:db:56:46:a9:33:8b:ea:e3:d6:cf:7f:
db:37:f5:9f:5e:b0:1b:11:a9:ce:d5:a0:5a:14:88:42:fd:98:
af:a6:59:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZK5kxV7xVwc/IR5vOs2+mvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQxMDIzMTMzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhkYzUyYzNmYmFjZWRkM2MwN2EwYTA4ZGZlODQ0M2QxMzg0NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRjtk052DMx6Nn/UHRbx17X+dJMr
eynV1IPM7kfLLf8sEB9c9JT1NUBQA8XnTL/Ksjy91P2AdQwyZ/WmzFT2hvDErjII
bW7M0mo8EGcRBWoaGqdEsyHhtNlYCukUDz/LMdC4FoU3XzhWBQ9EJCQkYVD+Nrzd
f6gWN+KZdY1gxjwOhcHxHitgsrF6+trXF6NxfFvYEQx28J3dpd+dUSxtyEtUxNHy
WcVMOP1B/piedu1++GH7x7ki1sdpW+IIzaffrx9omYIpPHxvIPgE8oxEsx6UN7LM
n0hhahfY0tj4AXhJ5zu9daqh8mp8mTnBu9eRIJmuM60xGI8gFbEhGfhYNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCCNxSw/us7dPAegoI3+hEPROEYEMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvSUkzRkxELTZ6dDA4QjZDZ2pmNkVROUU0UmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7fxTAN
BgkqhkiG9w0BAQsFAAOCAQEAUI9Tf9CqQQcsUo5Eg/7uuCeslB++kK7+FblXv/2I
mwQ1FCUtebXY0lV1cjokxirUZWa00p4sEeeSXIB1Kl/GvKZSf5djN+fXN8PT3udH
icY0O89seG0OzTzX273wzPNlZhXlOMqivTE7n0xdsfDp0jH2Bg7S2XABKu9NWkZV
s72hpJ83AoKBkpLsp8vrKerRVI33CtNTdvoWiRUdjLRsNH+oMEVS+/G2/MVOBNDr
gAP37iFyxRl0mRXu9iIhufytHSK3gJJ/Dl7xyI5KdAzIxFHXvYwiGAavphnJfr9B
vttWRqkzi+rj1s9/2zf1n16wGxGpztWgWhSIQv2Yr6ZZBw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:27 2025 by rpki-client