Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/8rjElDPOCdOmg1q6A6-8NcXsDQ8.roa
File: 8rjElDPOCdOmg1q6A6-8NcXsDQ8.roa (raw, json)
Hash identifier: NG6U4/oHUc5qke4l3K+oCPt9ldDNxn9yc/0tG4uCh8E=
Subject key identifier: F2:B8:C4:94:33:CE:09:D3:A6:83:5A:BA:03:AF:BC:35:C5:EC:0D:0F
Certificate issuer: /CN=9c72e84c52e5c4909dbc702aa1d212d478875fad
Certificate serial: 018FBB30B582A3FFA25CBA0EFA50AD68C0BB
Authority key identifier: 9C:72:E8:4C:52:E5:C4:90:9D:BC:70:2A:A1:D2:12:D4:78:87:5F:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHLoTFLlxJCdvHAqodIS1HiHX60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/8rjElDPOCdOmg1q6A6-8NcXsDQ8.roa
Signing time: Mon 27 May 2024 17:54:42 +0000
ROA not before: Mon 27 May 2024 17:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49924
IP address blocks: 2a06:be40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 04 Dec 2024 11:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bb:30:b5:82:a3:ff:a2:5c:ba:0e:fa:50:ad:68:c0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c72e84c52e5c4909dbc702aa1d212d478875fad
Validity
Not Before: May 27 17:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2b8c49433ce09d3a6835aba03afbc35c5ec0d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5d:db:78:08:e3:16:27:38:0e:34:8b:d9:dc:
30:f7:b0:7c:dc:11:23:cb:2c:9a:f4:e0:96:9d:0c:
8d:31:3a:11:7b:8e:32:85:a2:54:63:83:3a:44:4f:
9c:38:4a:1b:d6:0f:9f:ae:d7:19:65:6f:b3:d3:72:
5e:b8:46:c0:eb:41:7e:3c:06:da:28:ee:ec:00:b8:
bb:65:87:0b:61:d4:99:d7:19:ca:3b:ef:ab:c1:7f:
f7:43:1b:ee:60:0c:e8:71:cf:94:4c:9c:9e:25:ee:
7b:02:d0:6b:a9:ae:8f:ce:6e:24:c1:96:51:8b:c7:
31:cc:90:2a:6e:03:f2:b9:4c:ee:58:bd:05:57:a4:
b7:e6:03:ce:2d:4a:aa:51:f2:9f:b9:b3:82:d2:6c:
81:6f:8d:e4:a3:0f:68:ed:5d:af:b3:51:4f:7c:40:
c1:80:0c:ae:e7:87:7f:d1:c4:3b:11:08:16:00:15:
8c:74:8f:f5:66:6f:ad:91:0d:93:b3:ef:2b:ad:c4:
b0:e6:37:10:5f:28:48:4d:a1:9a:67:c6:21:95:b0:
d8:f2:ab:3b:74:32:60:79:db:97:59:7b:04:62:85:
88:78:4c:c9:32:6c:19:34:7c:93:1a:3d:4b:d6:8d:
99:01:b0:b6:36:1c:0e:a3:55:f3:11:7b:5d:43:2f:
c9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B8:C4:94:33:CE:09:D3:A6:83:5A:BA:03:AF:BC:35:C5:EC:0D:0F
X509v3 Authority Key Identifier:
keyid:9C:72:E8:4C:52:E5:C4:90:9D:BC:70:2A:A1:D2:12:D4:78:87:5F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHLoTFLlxJCdvHAqodIS1HiHX60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/8rjElDPOCdOmg1q6A6-8NcXsDQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/nHLoTFLlxJCdvHAqodIS1HiHX60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:be40::/29
Signature Algorithm: sha256WithRSAEncryption
00:95:fa:5c:a8:95:9b:31:54:df:83:e7:e6:1d:18:19:dc:ce:
fc:24:83:1c:9a:25:96:e8:05:88:7a:6f:ed:e8:58:18:a9:f8:
e7:c1:0e:da:06:98:fd:fa:1f:da:2e:54:c1:67:51:ab:af:d7:
ff:05:1a:46:9d:37:c3:8b:c1:da:d9:46:e1:9d:80:bb:5d:4a:
c8:6a:3d:a0:8b:a9:ed:83:e4:df:1e:3b:54:c7:50:69:b6:c5:
01:d9:2b:a6:2f:9f:26:f8:15:13:51:b6:a9:ce:56:a7:83:1c:
b3:c1:c0:c5:7b:8d:eb:f4:c9:3a:b4:11:68:85:73:0b:31:39:
e7:e1:ca:2e:fa:4d:0a:52:04:e6:64:3e:b2:5b:e8:fa:45:8e:
5d:58:75:02:59:0f:05:06:38:05:d9:9d:fe:93:25:48:a1:78:
22:79:d7:dc:8d:db:2f:d6:4c:c7:ed:ae:6b:fd:4f:65:b9:12:
17:fc:37:d3:19:3e:d2:a3:e7:f5:09:c1:94:e8:49:cc:91:8f:
d0:7e:2f:1e:76:0a:d8:92:46:9f:a2:7a:9a:9a:8c:3b:76:0d:
8b:d4:ec:e8:32:33:63:34:30:5a:da:a5:c5:28:79:86:f9:01:
08:00:ff:f7:df:65:aa:de:e0:02:7b:69:09:41:81:53:3d:5e:
6f:38:f2:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+7MLWCo/+iXLoO+lCtaMC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzJlODRjNTJlNWM0OTA5ZGJjNzAyYWExZDIxMmQ0Nzg4
NzVmYWQwHhcNMjQwNTI3MTc1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI4YzQ5NDMzY2UwOWQzYTY4MzVhYmEwM2FmYmMzNWM1ZWMwZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkV3beAjjFic4DjSL2dww97B83BEj
yyya9OCWnQyNMToRe44yhaJUY4M6RE+cOEob1g+frtcZZW+z03JeuEbA60F+PAba
KO7sALi7ZYcLYdSZ1xnKO++rwX/3QxvuYAzocc+UTJyeJe57AtBrqa6Pzm4kwZZR
i8cxzJAqbgPyuUzuWL0FV6S35gPOLUqqUfKfubOC0myBb43kow9o7V2vs1FPfEDB
gAyu54d/0cQ7EQgWABWMdI/1Zm+tkQ2Ts+8rrcSw5jcQXyhITaGaZ8YhlbDY8qs7
dDJgeduXWXsEYoWIeEzJMmwZNHyTGj1L1o2ZAbC2NhwOo1XzEXtdQy/JowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPK4xJQzzgnTpoNaugOvvDXF7A0PMB8GA1UdIwQY
MBaAFJxy6ExS5cSQnbxwKqHSEtR4h1+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhMb1RGTGx4SkNkdkhBcW9kSVMxSGlIWDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kYWNjYzQtMzZjOC00ZDRjLThjNGUt
NTc2MGI1ZDU0ZGY5LzEvOHJqRWxEUE9DZE9tZzFxNkE2LThOY1hzRFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kYWNjYzQtMzZjOC00ZDRjLThjNGUtNTc2MGI1ZDU0ZGY5
LzEvbkhMb1RGTGx4SkNkdkhBcW9kSVMxSGlIWDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKga+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAAJX6XKiVmzFU34Pn5h0YGdzO/CSDHJollugFiHpv
7ehYGKn458EO2gaY/fof2i5UwWdRq6/X/wUaRp03w4vB2tlG4Z2Au11KyGo9oIup
7YPk3x47VMdQabbFAdkrpi+fJvgVE1G2qc5Wp4Mcs8HAxXuN6/TJOrQRaIVzCzE5
5+HKLvpNClIE5mQ+slvo+kWOXVh1AlkPBQY4Bdmd/pMlSKF4InnX3I3bL9ZMx+2u
a/1PZbkSF/w30xk+0qPn9QnBlOhJzJGP0H4vHnYK2JJGn6J6mpqMO3YNi9Ts6DIz
YzQwWtqlxSh5hvkBCAD/999lqt7gAntpCUGBUz1ebzjyWQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:37:58 2025 by rpki-client