Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/8NHOGgHNsJmHZHCAlVvqMcFo4c0.roa
File: 8NHOGgHNsJmHZHCAlVvqMcFo4c0.roa (raw, json)
Hash identifier: U8UGwz7iNlhwaZeuNqHRspv6PxzaAVDjwfe4zfaz9zE=
Subject key identifier: F0:D1:CE:1A:01:CD:B0:99:87:64:70:80:95:5B:EA:31:C1:68:E1:CD
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 01942445994830141C391B11F5DED7DEEB0E
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/8NHOGgHNsJmHZHCAlVvqMcFo4c0.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215146
IP address blocks: 2a05:4140:58::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:99:48:30:14:1c:39:1b:11:f5:de:d7:de:eb:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0d1ce1a01cdb09987647080955bea31c168e1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:2d:6b:b6:58:eb:e6:a3:64:a5:01:ab:f0:
05:9e:a5:74:b2:66:7e:58:e7:d6:1a:0a:e8:2c:76:
e6:5f:bb:59:24:35:db:d5:91:aa:c9:ec:8a:37:67:
d3:75:89:9d:6b:87:a6:00:68:72:32:47:86:4d:43:
b7:e5:23:2a:1f:14:4c:d9:04:1e:4d:d3:72:11:7e:
a3:7f:9d:b0:0c:8f:72:7d:78:19:3d:de:24:a2:44:
33:d4:35:60:b3:c8:2a:50:ba:75:60:32:34:06:3d:
92:26:ab:5f:50:db:a2:b3:48:f5:d8:dc:e4:77:d7:
b7:84:cc:09:6f:0b:e6:52:73:b8:d8:a4:71:67:37:
27:67:72:26:65:ac:7d:99:60:3e:96:3b:82:08:10:
44:37:de:71:79:67:28:08:37:30:3d:0c:8a:af:f8:
cc:e8:3b:78:56:52:18:2c:ff:ef:90:4d:d7:e7:c5:
25:22:60:04:ee:14:90:36:db:d9:19:a7:40:5b:d4:
80:65:21:15:f6:47:01:ff:25:51:b0:24:21:42:1d:
51:c3:82:69:a7:5e:4f:90:74:46:47:10:7a:9e:02:
db:29:6e:fd:24:d7:39:5e:b8:c2:7f:c8:1c:07:9e:
cd:17:c0:28:de:4b:4f:61:04:6a:d8:e7:ed:da:d6:
4c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D1:CE:1A:01:CD:B0:99:87:64:70:80:95:5B:EA:31:C1:68:E1:CD
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/8NHOGgHNsJmHZHCAlVvqMcFo4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:58::/48
Signature Algorithm: sha256WithRSAEncryption
5d:55:fa:a0:32:61:55:38:be:2d:60:ae:c8:89:c4:af:61:d1:
82:25:ff:23:d8:5e:a8:65:65:c3:35:c9:a1:1f:0f:48:52:7a:
d2:1f:77:62:41:9f:26:b7:dc:6d:2b:d8:3a:87:fe:72:62:f2:
11:d6:da:7f:82:9b:ed:aa:5d:c3:e9:d3:de:1a:14:f2:6d:39:
5f:c4:5a:7b:61:44:9a:84:42:f6:a5:71:9b:5d:30:50:33:3f:
c6:6d:00:b5:4b:06:05:d8:32:72:05:2d:0f:1b:0f:62:04:91:
2c:13:75:f6:09:df:43:25:05:bd:4a:14:40:ca:ff:71:a3:41:
93:33:a3:d7:0f:f1:55:88:aa:aa:4a:9e:e2:25:3b:6c:13:7c:
52:3f:68:b7:5d:86:db:5f:4e:bc:c8:40:7b:07:d4:90:ac:0f:
9b:3d:92:a0:cd:f0:fc:da:97:74:d5:a1:3f:43:b0:94:39:a5:
b8:40:e1:9a:8a:9e:25:45:75:89:45:8f:2a:8e:19:6f:42:fb:
98:36:3c:d5:ab:4a:5b:36:da:4a:6f:df:61:6c:b6:be:bc:4b:
4f:45:e9:78:20:fa:19:86:42:d8:86:05:be:61:bc:6a:68:6d:
56:9d:d1:92:8b:28:8c:c4:8b:29:7b:c3:51:54:a1:56:1a:d8:
5a:39:17:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRZlIMBQcORsR9d7X3usOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQxY2UxYTAxY2RiMDk5ODc2NDcwODA5NTViZWEzMWMxNjhlMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpUta7ZY6+ajZKUBq/AFnqV0smZ+
WOfWGgroLHbmX7tZJDXb1ZGqyeyKN2fTdYmda4emAGhyMkeGTUO35SMqHxRM2QQe
TdNyEX6jf52wDI9yfXgZPd4kokQz1DVgs8gqULp1YDI0Bj2SJqtfUNuis0j12Nzk
d9e3hMwJbwvmUnO42KRxZzcnZ3ImZax9mWA+ljuCCBBEN95xeWcoCDcwPQyKr/jM
6Dt4VlIYLP/vkE3X58UlImAE7hSQNtvZGadAW9SAZSEV9kcB/yVRsCQhQh1Rw4Jp
p15PkHRGRxB6ngLbKW79JNc5XrjCf8gcB57NF8Ao3ktPYQRq2Oft2tZMXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPDRzhoBzbCZh2RwgJVb6jHBaOHNMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvOE5IT0dnSE5zSm1IWkhDQWxWdnFNY0ZvNGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVBQABY
MA0GCSqGSIb3DQEBCwUAA4IBAQBdVfqgMmFVOL4tYK7IicSvYdGCJf8j2F6oZWXD
NcmhHw9IUnrSH3diQZ8mt9xtK9g6h/5yYvIR1tp/gpvtql3D6dPeGhTybTlfxFp7
YUSahEL2pXGbXTBQMz/GbQC1SwYF2DJyBS0PGw9iBJEsE3X2Cd9DJQW9ShRAyv9x
o0GTM6PXD/FViKqqSp7iJTtsE3xSP2i3XYbbX068yEB7B9SQrA+bPZKgzfD82pd0
1aE/Q7CUOaW4QOGaip4lRXWJRY8qjhlvQvuYNjzVq0pbNtpKb99hbLa+vEtPRel4
IPoZhkLYhgW+YbxqaG1WndGSiyiMxIspe8NRVKFWGthaORf1
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:28 2025 by rpki-client