Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/H_wqu7WdKGNY6syXPSObO72PUm0.roa
File: H_wqu7WdKGNY6syXPSObO72PUm0.roa (raw, json)
Hash identifier: c6drQqgCHC5mAJxoYHoAXJUf9w+BNVPCISpYPAsl5rw=
Subject key identifier: 1F:FC:2A:BB:B5:9D:28:63:58:EA:CC:97:3D:23:9B:3B:BD:8F:52:6D
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 0192CEB6C34A7DC2913EC05C4430E5C82953
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/H_wqu7WdKGNY6syXPSObO72PUm0.roa
Signing time: Sun 27 Oct 2024 16:02:16 +0000
ROA not before: Sun 27 Oct 2024 16:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204508
IP address blocks: 2a05:4140:300::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ce:b6:c3:4a:7d:c2:91:3e:c0:5c:44:30:e5:c8:29:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Oct 27 16:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ffc2abbb59d286358eacc973d239b3bbd8f526d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:53:90:07:6b:8d:78:b1:d4:5a:ea:20:ea:
ad:0c:0c:fb:82:c5:f4:ac:a0:23:49:72:69:50:ff:
af:37:2b:e2:ae:d3:86:71:bd:9b:f5:bd:d2:4e:cd:
f7:04:49:00:32:78:e2:0e:1c:f9:c3:d4:fd:f6:c9:
91:e7:d3:b4:43:73:ff:03:37:10:1d:b0:91:a7:8f:
f4:52:fa:cc:8e:83:c5:69:ac:47:4a:6f:e9:cb:8e:
36:da:2b:67:05:1a:75:03:7e:89:b1:9f:27:6a:c9:
c7:30:37:fb:c0:11:11:ea:8a:db:44:d2:4a:8a:4c:
ea:0c:a3:bd:59:36:17:c4:89:e3:6d:f9:4d:bb:4c:
d5:b0:21:3c:c9:fd:d5:ae:af:8d:a5:0f:49:8e:2c:
b0:00:81:e5:19:3c:60:af:55:c4:f7:0e:f7:ff:8e:
59:fb:59:b7:32:7c:1c:f8:2c:e2:8a:54:c0:c6:c1:
ed:06:e0:14:06:88:c2:20:7c:d3:bb:14:74:bd:30:
08:1f:49:62:9d:33:7c:5c:8c:8a:6a:0c:b5:4d:5e:
1a:85:a3:c4:da:3c:ca:75:14:c0:97:8f:c3:28:c7:
c1:98:23:84:0c:72:28:a4:b1:16:7e:43:7e:70:21:
d5:83:f7:10:7d:18:9e:71:84:eb:b3:ac:b3:62:9a:
69:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FC:2A:BB:B5:9D:28:63:58:EA:CC:97:3D:23:9B:3B:BD:8F:52:6D
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/H_wqu7WdKGNY6syXPSObO72PUm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:300::/40
Signature Algorithm: sha256WithRSAEncryption
78:71:b9:98:90:cd:a8:36:4b:93:67:8c:ff:41:88:bc:19:a9:
4a:d4:9a:54:e9:22:9d:a2:b0:40:bf:d6:fa:5c:23:9b:14:d5:
1b:c9:80:db:2f:ec:ba:cd:25:f2:2f:68:b1:a8:c5:60:a1:4a:
7a:8e:5f:c3:96:01:a0:96:0b:74:01:0d:6e:c1:2c:2c:8a:c2:
a1:99:7b:ae:20:9e:aa:25:f0:7c:5c:43:50:8a:c1:2a:3d:45:
b3:8c:d0:0a:ad:85:62:7f:f7:30:67:2c:59:b6:a9:b1:38:8d:
95:f8:b7:62:33:71:3f:da:6d:c2:c6:8d:e0:63:73:38:d3:0f:
c3:76:79:ef:14:92:28:01:53:06:32:46:03:fe:59:2f:79:cf:
6f:ea:97:27:9b:82:97:f3:62:8a:c5:ea:d5:eb:f3:06:e3:31:
c9:7e:24:58:77:f5:09:30:7e:4d:42:b0:ed:b4:cf:59:70:ac:
bd:da:4a:97:42:82:a3:11:bc:d5:07:d4:18:7a:ad:0e:1c:a9:
c9:b1:09:27:67:1a:e9:8d:f4:65:5c:41:dc:e7:cb:9a:3c:dd:
65:d9:3c:6e:c0:5f:94:8d:14:c2:a7:58:ec:5a:a8:a3:e7:4d:
4e:31:5c:5f:16:6f:53:37:c7:a9:0c:af:6c:df:43:50:06:8b:
e4:9c:42:f6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZLOtsNKfcKRPsBcRDDlyClTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQxMDI3MTYwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZjMmFiYmI1OWQyODYzNThlYWNjOTczZDIzOWIzYmJkOGY1MjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHRTkAdrjXix1FrqIOqtDAz7gsX0
rKAjSXJpUP+vNyvirtOGcb2b9b3STs33BEkAMnjiDhz5w9T99smR59O0Q3P/AzcQ
HbCRp4/0UvrMjoPFaaxHSm/py4422itnBRp1A36JsZ8nasnHMDf7wBER6orbRNJK
ikzqDKO9WTYXxInjbflNu0zVsCE8yf3Vrq+NpQ9JjiywAIHlGTxgr1XE9w73/45Z
+1m3Mnwc+CziilTAxsHtBuAUBojCIHzTuxR0vTAIH0linTN8XIyKagy1TV4ahaPE
2jzKdRTAl4/DKMfBmCOEDHIopLEWfkN+cCHVg/cQfRiecYTrs6yzYpppQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB/8Kru1nShjWOrMlz0jmzu9j1JtMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvSF93cXU3V2RLR05ZNnN5WFBTT2JPNzJQVW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgVBQAMw
DQYJKoZIhvcNAQELBQADggEBAHhxuZiQzag2S5NnjP9BiLwZqUrUmlTpIp2isEC/
1vpcI5sU1RvJgNsv7LrNJfIvaLGoxWChSnqOX8OWAaCWC3QBDW7BLCyKwqGZe64g
nqol8HxcQ1CKwSo9RbOM0AqthWJ/9zBnLFm2qbE4jZX4t2IzcT/abcLGjeBjczjT
D8N2ee8UkigBUwYyRgP+WS95z2/qlyebgpfzYorF6tXr8wbjMcl+JFh39Qkwfk1C
sO20z1lwrL3aSpdCgqMRvNUH1Bh6rQ4cqcmxCSdnGumN9GVcQdzny5o83WXZPG7A
X5SNFMKnWOxaqKPnTU4xXF8Wb1M3x6kMr2zfQ1AGi+ScQvY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:48:08 2025 by rpki-client