Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/o8mQtEbwhhRzrDHxoHVHNlM7fGo.roa
File: o8mQtEbwhhRzrDHxoHVHNlM7fGo.roa (raw, json)
Hash identifier: ej8ZIGrekr+Wodah1wjkcYoa8LSKjjZlJRKjcC5LceE=
Subject key identifier: A3:C9:90:B4:46:F0:86:14:73:AC:31:F1:A0:75:47:36:53:3B:7C:6A
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 018CC86FA82EB0B44CC5F49734A000DF5A7A
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/o8mQtEbwhhRzrDHxoHVHNlM7fGo.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131631
IP address blocks: 2a13:d040:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a8:2e:b0:b4:4c:c5:f4:97:34:a0:00:df:5a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3c990b446f0861473ac31f1a0754736533b7c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:7f:94:7c:75:ac:d6:96:2c:2a:b4:cd:94:
a7:fc:45:c9:27:1a:a5:0d:bb:61:84:de:8e:e6:e9:
75:b5:d8:3a:13:5d:dc:d8:c6:ea:5a:6e:d5:a7:25:
80:42:bf:85:1d:d9:70:be:bc:4f:74:71:31:83:c0:
ea:85:4d:2b:c3:a7:f9:68:6e:6d:d0:18:59:cb:3f:
8c:71:15:cf:7e:c2:7d:cd:c5:9e:ef:2f:74:b4:09:
2c:ef:e8:9d:71:31:1a:38:95:93:f2:a4:31:af:6f:
5b:03:5c:bc:6d:91:61:4f:4a:5e:ef:d3:1e:f9:5c:
82:d2:06:78:3c:0f:17:7c:43:eb:46:c2:40:83:69:
40:50:bf:50:ae:ea:08:23:d4:40:6d:a2:04:f7:82:
39:30:45:e5:f9:22:d9:2b:a0:e9:80:d6:c3:f7:da:
6d:3e:c5:f5:06:34:b3:74:41:2f:84:b9:5d:79:68:
25:fb:28:1c:b2:05:44:61:af:5a:ae:8b:53:43:2f:
22:ce:8d:3b:af:aa:0a:dd:bd:76:f9:fd:13:1e:28:
63:95:40:8a:fc:1b:70:1b:48:3d:0d:9a:ef:d8:1b:
82:ad:36:7d:69:72:e5:a2:68:dd:9e:5f:1b:1d:21:
a3:f1:e8:09:24:4e:21:9d:02:96:24:ce:00:b6:4b:
ba:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C9:90:B4:46:F0:86:14:73:AC:31:F1:A0:75:47:36:53:3B:7C:6A
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/o8mQtEbwhhRzrDHxoHVHNlM7fGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d040:2::/48
Signature Algorithm: sha256WithRSAEncryption
42:a5:1e:54:5e:fc:0e:04:9a:12:ec:db:87:05:fb:b6:67:79:
69:8b:68:07:0b:54:5a:07:66:ac:ec:fe:b0:89:87:e1:a7:cf:
4d:df:78:b4:70:64:ea:71:33:96:af:f0:a0:af:9c:7a:3b:c8:
c2:8e:de:b7:91:fc:db:a7:a3:77:4f:3a:13:43:9a:dd:aa:c5:
b8:71:25:49:5e:a6:98:11:24:1e:e8:c3:85:c9:0f:46:e2:40:
9e:69:de:bd:53:99:a4:3b:c1:c6:af:91:ae:52:20:4d:1c:bb:
0d:55:31:6b:eb:87:52:70:80:1e:ff:ca:7e:16:0b:88:a5:4e:
74:b8:c1:97:6c:98:79:ad:13:99:6c:af:6f:d9:ad:a4:b5:ed:
b4:e1:e9:01:c5:ee:5f:d5:aa:e1:25:ae:7d:fb:c1:f6:f1:1c:
3c:94:f4:c2:5f:bb:ea:2b:c3:1d:e1:0a:88:dd:5d:96:26:59:
0c:35:8a:8e:41:56:c8:8c:af:99:5a:27:93:14:29:92:fa:f7:
26:f7:5b:5e:87:c1:49:04:82:9e:fc:7c:41:b0:95:7a:6a:0c:
4d:af:b5:81:50:aa:85:05:ce:0a:77:2c:1d:8a:79:a5:9e:08:
ee:88:72:13:6b:11:a3:a2:13:f1:8e:2d:2f:10:03:47:dc:12:
f6:36:20:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb6gusLRMxfSXNKAA31p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M5OTBiNDQ2ZjA4NjE0NzNhYzMxZjFhMDc1NDczNjUzM2I3YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhJ/lHx1rNaWLCq0zZSn/EXJJxql
DbthhN6O5ul1tdg6E13c2MbqWm7VpyWAQr+FHdlwvrxPdHExg8DqhU0rw6f5aG5t
0BhZyz+McRXPfsJ9zcWe7y90tAks7+idcTEaOJWT8qQxr29bA1y8bZFhT0pe79Me
+VyC0gZ4PA8XfEPrRsJAg2lAUL9QruoII9RAbaIE94I5MEXl+SLZK6DpgNbD99pt
PsX1BjSzdEEvhLldeWgl+ygcsgVEYa9arotTQy8izo07r6oK3b12+f0THihjlUCK
/BtwG0g9DZrv2BuCrTZ9aXLlomjdnl8bHSGj8egJJE4hnQKWJM4Atku6HQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKPJkLRG8IYUc6wx8aB1RzZTO3xqMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvbzhtUXRFYndoaFJ6ckRIeG9IVkhObE03ZkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPQQAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBCpR5UXvwOBJoS7NuHBfu2Z3lpi2gHC1RaB2as
7P6wiYfhp89N33i0cGTqcTOWr/Cgr5x6O8jCjt63kfzbp6N3TzoTQ5rdqsW4cSVJ
XqaYESQe6MOFyQ9G4kCead69U5mkO8HGr5GuUiBNHLsNVTFr64dScIAe/8p+FguI
pU50uMGXbJh5rROZbK9v2a2kte204ekBxe5f1arhJa59+8H28Rw8lPTCX7vqK8Md
4QqI3V2WJlkMNYqOQVbIjK+ZWieTFCmS+vcm91teh8FJBIKe/HxBsJV6agxNr7WB
UKqFBc4KdywdinmlngjuiHITaxGjohPxji0vEANH3BL2NiCS
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:01:15 2025 by rpki-client