Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8qufUP10tu-Q8SrctqToYsumrC8.roa
File: 8qufUP10tu-Q8SrctqToYsumrC8.roa (raw, json)
Hash identifier: Y2YainNQilyPOvFtcBjHT2K95WldoEOhyiOpwR6ht3o=
Subject key identifier: F2:AB:9F:50:FD:74:B6:EF:90:F1:2A:DC:B6:A4:E8:62:CB:A6:AC:2F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42576C16AC4CD0347818598F8CDAD84
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8qufUP10tu-Q8SrctqToYsumrC8.roa
Signing time: Mon 01 Jan 2024 08:30:38 +0000
ROA not before: Mon 01 Jan 2024 08:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213186
IP address blocks: 2a0b:b87:ffd2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 21:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:76:c1:6a:c4:cd:03:47:81:85:98:f8:cd:ad:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ab9f50fd74b6ef90f12adcb6a4e862cba6ac2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f1:b7:cb:2c:b8:d9:be:6a:e8:7d:7c:d2:7b:
c7:cc:ac:53:b5:69:a4:5b:e9:fb:95:b1:1b:6a:5b:
c2:d5:16:64:0f:67:88:9f:7d:6b:24:59:d0:df:63:
12:22:26:87:fc:bf:9c:d8:a6:69:04:1a:3c:ab:f9:
71:d4:6d:67:98:25:f2:a9:a2:92:15:11:9e:dd:86:
a3:bb:3f:13:32:f9:54:48:6f:e5:9d:49:15:ea:ae:
e7:a0:35:04:06:51:5a:a8:d9:3c:58:98:fd:63:61:
26:52:80:44:a0:56:ab:85:b8:24:98:67:cf:f4:ac:
09:83:d2:01:7f:57:95:09:00:6f:e0:b4:12:1a:e7:
a1:3d:83:6b:28:2a:11:e0:e7:3e:34:a3:0b:8e:b6:
7f:fd:c6:df:ec:6d:24:4c:88:03:81:7e:f4:38:01:
d6:46:c6:bb:c2:87:f5:e9:13:75:00:13:2b:75:2c:
af:85:1b:c9:cb:82:ea:d5:50:be:fc:d8:44:8f:9f:
43:d8:5b:56:51:7e:3b:92:88:cb:19:78:45:fd:a1:
f0:16:8e:bd:23:31:e6:7e:ee:0e:fc:8c:0a:ca:fe:
22:72:8d:9f:20:bc:b3:cb:cb:00:f8:47:64:83:9e:
c6:60:83:57:25:3b:5c:e1:8c:4c:0a:81:b5:04:af:
f7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AB:9F:50:FD:74:B6:EF:90:F1:2A:DC:B6:A4:E8:62:CB:A6:AC:2F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8qufUP10tu-Q8SrctqToYsumrC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffd2::/48
Signature Algorithm: sha256WithRSAEncryption
ac:eb:7f:f5:d5:d0:45:a8:13:bc:c9:d8:ba:5d:f9:d9:6a:03:
5f:74:7c:0e:f4:7d:8e:6d:48:11:c0:92:50:af:aa:53:50:e3:
c1:da:c8:02:0f:ea:82:5b:49:e8:8f:83:f4:e4:17:b8:f7:8e:
1d:8a:5a:01:c0:23:20:22:b9:b9:e0:b1:14:d1:c1:f8:d4:e0:
53:e7:cb:0e:1b:d2:a1:16:87:64:87:85:aa:bf:5a:52:63:21:
54:40:f4:43:dc:ef:bc:f8:1b:4b:f7:5a:1a:01:5d:04:e9:09:
19:b8:d6:db:27:8a:d0:6d:3b:50:58:fc:a7:9f:95:6b:f6:21:
ec:06:0f:53:0b:5a:f6:95:46:72:a7:c3:67:68:f9:71:57:93:
6f:fd:4a:fd:83:04:3c:93:98:35:34:76:db:63:f8:0c:55:26:
ad:d6:9c:34:11:e7:ba:62:08:7b:4b:21:fe:59:d4:4f:02:b5:
c3:5f:1e:aa:49:f6:31:01:ed:55:f5:e5:d8:23:35:a0:65:dc:
91:7f:20:66:3f:af:c8:f7:c7:a1:18:bf:99:98:f2:66:cc:92:
af:d5:ae:93:58:c8:42:d2:5f:66:b0:66:f5:f7:56:25:f9:27:
c1:f6:0d:6e:2d:92:bd:66:08:77:89:84:2c:c2:f5:bb:37:ac:
86:47:0f:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJXbBasTNA0eBhZj4za2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFiOWY1MGZkNzRiNmVmOTBmMTJhZGNiNmE0ZTg2MmNiYTZhYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/G3yyy42b5q6H180nvHzKxTtWmk
W+n7lbEbalvC1RZkD2eIn31rJFnQ32MSIiaH/L+c2KZpBBo8q/lx1G1nmCXyqaKS
FRGe3Yajuz8TMvlUSG/lnUkV6q7noDUEBlFaqNk8WJj9Y2EmUoBEoFarhbgkmGfP
9KwJg9IBf1eVCQBv4LQSGuehPYNrKCoR4Oc+NKMLjrZ//cbf7G0kTIgDgX70OAHW
Rsa7wof16RN1ABMrdSyvhRvJy4Lq1VC+/NhEj59D2FtWUX47kojLGXhF/aHwFo69
IzHmfu4O/IwKyv4ico2fILyzy8sA+Edkg57GYINXJTtc4YxMCoG1BK/3YQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPKrn1D9dLbvkPEq3Lak6GLLpqwvMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvOHF1ZlVQMTB0dS1ROFNyY3RxVG9Zc3VtckM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//S
MA0GCSqGSIb3DQEBCwUAA4IBAQCs63/11dBFqBO8ydi6XfnZagNfdHwO9H2ObUgR
wJJQr6pTUOPB2sgCD+qCW0noj4P05Be4944diloBwCMgIrm54LEU0cH41OBT58sO
G9KhFodkh4Wqv1pSYyFUQPRD3O+8+BtL91oaAV0E6QkZuNbbJ4rQbTtQWPynn5Vr
9iHsBg9TC1r2lUZyp8NnaPlxV5Nv/Ur9gwQ8k5g1NHbbY/gMVSat1pw0Eee6Ygh7
SyH+WdRPArXDXx6qSfYxAe1V9eXYIzWgZdyRfyBmP6/I98ehGL+ZmPJmzJKv1a6T
WMhC0l9msGb191Yl+SfB9g1uLZK9Zgh3iYQswvW7N6yGRw+W
-----END CERTIFICATE-----
Generated at Wed Sep 25 23:37:07 2024 by rpki-client on console-fra.rpki-client.org