Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/4_HFlOqEQKj6veTYcwIAYMOjX90.roa
File: 4_HFlOqEQKj6veTYcwIAYMOjX90.roa (raw, json)
Hash identifier: 8nF9aNm7lMFqr7lEzzZagLqb+ZARittpALy3nAGg4w4=
Subject key identifier: E3:F1:C5:94:EA:84:40:A8:FA:BD:E4:D8:73:02:00:60:C3:A3:5F:DD
Certificate issuer: /CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Certificate serial: 018CC72750F43454CEC470876310E5ACA793
Authority key identifier: CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/4_HFlOqEQKj6veTYcwIAYMOjX90.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:fa8:c800::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:50:f4:34:54:ce:c4:70:87:63:10:e5:ac:a7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f1c594ea8440a8fabde4d873020060c3a35fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e1:c6:6e:7c:19:5d:05:50:c2:7c:73:99:5c:
a3:14:52:e4:46:69:1e:0d:91:b2:e1:6b:3c:4e:9d:
ea:a5:bb:bd:dd:d2:16:a1:46:2b:06:0d:81:76:d0:
ae:35:ab:97:3b:54:d3:e4:14:27:13:e5:26:6e:53:
aa:1e:96:17:40:19:a3:d2:d5:51:33:69:17:f3:46:
7b:67:41:3c:76:ee:26:db:89:e5:3a:ad:bf:aa:de:
d6:f5:b9:7c:2a:82:9b:b1:fb:cf:89:3b:4a:c6:ce:
7f:c3:fb:89:c2:5d:e3:cb:95:d6:90:bf:f8:53:ce:
f6:32:8d:fc:82:52:1e:67:19:6b:48:73:e7:2d:3b:
b9:3b:12:b9:bf:93:85:3c:d5:f2:9f:3a:21:5e:0d:
40:2f:1e:4e:58:ff:02:49:7f:ab:72:dc:c6:4c:6e:
c7:55:64:65:26:aa:e1:aa:60:9a:87:d0:5d:62:87:
90:c4:e3:f6:ff:da:08:dc:10:bc:45:65:09:96:0d:
15:fa:b5:56:0a:1c:97:37:eb:8a:2f:f5:eb:0e:da:
3b:42:19:69:6c:f5:3c:fa:66:58:1f:d2:97:9a:85:
09:03:b1:17:96:18:7d:fa:b9:2f:66:7b:bb:ef:18:
ef:f3:c2:31:13:fd:f5:7a:e0:80:a2:a3:29:a3:21:
5e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F1:C5:94:EA:84:40:A8:FA:BD:E4:D8:73:02:00:60:C3:A3:5F:DD
X509v3 Authority Key Identifier:
keyid:CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/4_HFlOqEQKj6veTYcwIAYMOjX90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/zO__wVqDo4vdqM_hIMM1Jn3OUPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:fa8:c800::/40
Signature Algorithm: sha256WithRSAEncryption
33:3a:94:b0:94:f8:6c:5a:3e:9a:cd:a3:a5:8d:3b:08:c4:e0:
8d:e3:8a:dd:1e:d5:47:51:a8:28:80:0d:c5:16:cd:ff:d5:3c:
58:81:67:a8:f7:a1:8e:6e:6e:0f:4f:e5:84:80:00:4b:30:b0:
d2:9b:40:3c:ae:23:80:8b:7b:90:c9:b0:a7:7c:02:17:3e:24:
8c:1c:09:7e:7e:bc:81:fb:4c:f2:dd:ed:f0:b4:04:37:ee:d7:
4b:b1:f2:2d:35:2f:5e:44:f5:05:21:73:4d:d3:47:ae:c1:a6:
a2:63:9e:18:d2:99:ff:02:73:eb:a6:2b:21:00:04:ed:b7:86:
4f:9e:17:e7:59:4c:7a:f3:f2:bc:a0:89:c5:d4:72:f6:c7:29:
95:e0:74:99:40:3e:de:3e:1b:ee:d3:1f:75:c4:82:45:14:a1:
64:d2:e3:64:f6:74:b9:50:5c:ce:fb:e6:62:bc:e3:68:48:27:
88:ba:95:32:f5:98:77:ac:8d:3b:50:14:d4:ab:09:c1:8c:93:
db:a9:d3:2f:e5:15:66:cc:72:4d:a2:d3:ad:9a:bb:2f:f4:07:
aa:b5:04:5f:9a:94:59:2b:14:4c:df:7d:08:3b:db:5b:58:ff:
40:cd:87:04:d5:f0:bb:e6:ed:0c:8b:f4:d2:f1:22:03:55:4d:
ab:6d:3a:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHJ1D0NFTOxHCHYxDlrKeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWZmZmMxNWE4M2EzOGJkZGE4Y2ZlMTIwYzMzNTI2N2Rj
ZTUwZjMwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YxYzU5NGVhODQ0MGE4ZmFiZGU0ZDg3MzAyMDA2MGMzYTM1ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uHGbnwZXQVQwnxzmVyjFFLkRmke
DZGy4Ws8Tp3qpbu93dIWoUYrBg2BdtCuNauXO1TT5BQnE+UmblOqHpYXQBmj0tVR
M2kX80Z7Z0E8du4m24nlOq2/qt7W9bl8KoKbsfvPiTtKxs5/w/uJwl3jy5XWkL/4
U872Mo38glIeZxlrSHPnLTu5OxK5v5OFPNXynzohXg1ALx5OWP8CSX+rctzGTG7H
VWRlJqrhqmCah9BdYoeQxOP2/9oI3BC8RWUJlg0V+rVWChyXN+uKL/XrDto7Qhlp
bPU8+mZYH9KXmoUJA7EXlhh9+rkvZnu77xjv88IxE/31euCAoqMpoyFeEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOPxxZTqhECo+r3k2HMCAGDDo1/dMB8GA1UdIwQY
MBaAFMzv/8Fag6OL3ajP4SDDNSZ9zlDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTct
NGJlYjVkZmYxNzAxLzEvNF9IRmxPcUVRS2o2dmVUWWN3SUFZTU9qWDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTctNGJlYjVkZmYxNzAx
LzEvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIPqMgw
DQYJKoZIhvcNAQELBQADggEBADM6lLCU+GxaPprNo6WNOwjE4I3jit0e1UdRqCiA
DcUWzf/VPFiBZ6j3oY5ubg9P5YSAAEswsNKbQDyuI4CLe5DJsKd8Ahc+JIwcCX5+
vIH7TPLd7fC0BDfu10ux8i01L15E9QUhc03TR67BpqJjnhjSmf8Cc+umKyEABO23
hk+eF+dZTHrz8rygicXUcvbHKZXgdJlAPt4+G+7TH3XEgkUUoWTS42T2dLlQXM77
5mK842hIJ4i6lTL1mHesjTtQFNSrCcGMk9up0y/lFWbMck2i062auy/0B6q1BF+a
lFkrFEzffQg721tY/0DNhwTV8Lvm7QyL9NLxIgNVTattOnE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:13 2025 by rpki-client