Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_8i7z4-W0EjU6-NT0dnOCo_iKFk.roa
File: _8i7z4-W0EjU6-NT0dnOCo_iKFk.roa (raw, json)
Hash identifier: FLETkvIn/z0D8+DfuA7jgTERJaBj3ut2mjA8TTbyoSg=
Subject key identifier: FF:C8:BB:CF:8F:96:D0:48:D4:EB:E3:53:D1:D9:CE:0A:8F:E2:28:59
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521DE902A6D42B2E1D8A56BB8B79B21
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_8i7z4-W0EjU6-NT0dnOCo_iKFk.roa
Signing time: Thu 02 Jan 2025 03:49:24 +0000
ROA not before: Thu 02 Jan 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199762
IP address blocks: 2a0a:280:1200::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:de:90:2a:6d:42:b2:e1:d8:a5:6b:b8:b7:9b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffc8bbcf8f96d048d4ebe353d1d9ce0a8fe22859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:4b:33:c5:3b:a0:a1:1d:b7:de:ec:fc:51:
0c:65:ab:e7:15:52:8b:5f:03:77:ff:0f:a4:e5:a7:
a0:41:47:c1:bc:89:6d:48:c5:c5:67:03:69:44:b8:
f7:cb:12:c2:b4:1d:e4:a9:72:5e:a4:a3:e8:19:bf:
a9:27:03:07:94:9c:39:d0:da:af:97:f1:45:11:6e:
73:26:9e:8c:c5:cc:35:e7:e0:90:e5:bb:80:a3:07:
1b:21:26:5f:21:a4:31:6a:2c:b9:c4:23:73:9d:fa:
71:d6:f8:6d:12:b1:a8:43:7e:a2:42:23:48:82:bb:
04:f5:c9:5e:bf:7d:3e:c5:bb:49:4f:28:4b:ea:ac:
97:55:7a:b0:4c:8b:56:14:8d:f9:98:ee:b1:e0:00:
3e:6c:d4:4b:24:11:a7:70:6f:69:75:45:0f:1f:31:
9a:a3:4e:5c:a9:a8:34:0d:3f:42:41:c3:cf:f1:74:
ee:78:8e:4f:3a:65:41:cc:0f:18:fc:c7:32:4d:a7:
43:d2:ea:66:ea:f0:53:87:fd:d8:fb:1a:65:fa:4f:
3d:5a:f1:89:e3:1e:13:00:27:5b:d8:6e:7f:30:f4:
50:3a:fa:47:73:dc:a4:ae:9f:78:e9:b8:6c:d2:0d:
14:f2:9b:cd:b3:2c:1c:bf:80:4d:62:b0:88:4a:fc:
ec:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C8:BB:CF:8F:96:D0:48:D4:EB:E3:53:D1:D9:CE:0A:8F:E2:28:59
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_8i7z4-W0EjU6-NT0dnOCo_iKFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1200::/40
Signature Algorithm: sha256WithRSAEncryption
31:5e:0f:eb:93:92:e9:ee:84:1a:f4:e5:1c:59:bd:bd:3a:1f:
d0:14:11:33:51:19:e4:a6:02:f8:de:b1:c7:cd:63:04:46:8e:
ef:01:a9:79:a2:6d:9e:f4:80:81:7d:7f:84:be:34:84:be:9f:
12:2e:05:55:b5:38:36:e6:33:ff:a1:d2:58:56:f6:79:ea:de:
ef:a8:92:94:0e:5c:49:2f:5f:e9:f2:a1:49:89:3c:a4:95:f6:
b4:b5:0c:7a:f7:de:8f:50:c7:65:21:a7:5a:04:43:9c:72:57:
d5:d0:16:86:93:bf:dc:b4:b6:b2:02:8f:62:d0:b4:4f:4f:72:
2c:26:05:27:7b:f4:1d:3d:98:c4:3c:23:90:30:f4:40:ba:4b:
aa:6a:15:14:2f:06:34:c0:03:ff:54:ae:18:e3:26:01:ae:80:
9b:ef:73:34:69:b6:80:8c:15:95:8a:3a:3d:a2:69:63:8b:e7:
eb:4f:e3:ca:a2:4f:38:3e:b1:2b:6b:39:35:3e:20:0c:f3:d3:
d5:62:ae:81:83:29:71:9b:e2:c7:2c:a0:6f:b1:85:6a:57:51:
a1:b6:10:21:4f:bc:85:e0:ce:fd:46:00:4f:ef:11:8f:f1:fe:
c4:17:00:d1:22:0b:69:a8:cc:0c:29:7d:16:23:3a:8a:ce:79:
0f:9d:82:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlId6QKm1CsuHYpWu4t5shMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM4YmJjZjhmOTZkMDQ4ZDRlYmUzNTNkMWQ5Y2UwYThmZTIyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslNLM8U7oKEdt97s/FEMZavnFVKL
XwN3/w+k5aegQUfBvIltSMXFZwNpRLj3yxLCtB3kqXJepKPoGb+pJwMHlJw50Nqv
l/FFEW5zJp6Mxcw15+CQ5buAowcbISZfIaQxaiy5xCNznfpx1vhtErGoQ36iQiNI
grsE9clev30+xbtJTyhL6qyXVXqwTItWFI35mO6x4AA+bNRLJBGncG9pdUUPHzGa
o05cqag0DT9CQcPP8XTueI5POmVBzA8Y/McyTadD0upm6vBTh/3Y+xpl+k89WvGJ
4x4TACdb2G5/MPRQOvpHc9ykrp946bhs0g0U8pvNsywcv4BNYrCISvzsSwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP/Iu8+PltBI1OvjU9HZzgqP4ihZMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvXzhpN3o0LVcwRWpVNi1OVDBkbk9Db19pS0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBIw
DQYJKoZIhvcNAQELBQADggEBADFeD+uTkunuhBr05RxZvb06H9AUETNRGeSmAvje
scfNYwRGju8BqXmibZ70gIF9f4S+NIS+nxIuBVW1ODbmM/+h0lhW9nnq3u+okpQO
XEkvX+nyoUmJPKSV9rS1DHr33o9Qx2Uhp1oEQ5xyV9XQFoaTv9y0trICj2LQtE9P
ciwmBSd79B09mMQ8I5Aw9EC6S6pqFRQvBjTAA/9UrhjjJgGugJvvczRptoCMFZWK
Oj2iaWOL5+tP48qiTzg+sStrOTU+IAzz09ViroGDKXGb4scsoG+xhWpXUaG2ECFP
vIXgzv1GAE/vEY/x/sQXANEiC2mozAwpfRYjOorOeQ+dgnE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:09 2025 by rpki-client