Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/IbO9gfukyVAZ_D_FfQcrSHKh9pA.roa
File: IbO9gfukyVAZ_D_FfQcrSHKh9pA.roa (raw, json)
Hash identifier: Yjzq5cx/RRgQDpqBVcMbDHC9/rK0YZGwcjPLyWpVzSc=
Subject key identifier: 21:B3:BD:81:FB:A4:C9:50:19:FC:3F:C5:7D:07:2B:48:72:A1:F6:90
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018CC7948E9D293C918CD872DF66F0C9A240
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/IbO9gfukyVAZ_D_FfQcrSHKh9pA.roa
Signing time: Tue 02 Jan 2024 00:30:51 +0000
ROA not before: Tue 02 Jan 2024 00:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 2a0e:4203::/32 maxlen: 32
2a0e:4204::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 11:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:8e:9d:29:3c:91:8c:d8:72:df:66:f0:c9:a2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 2 00:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21b3bd81fba4c95019fc3fc57d072b4872a1f690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:6d:6c:8e:a2:55:1d:99:b1:53:56:f4:6c:
25:8f:3e:de:e2:87:ba:7b:9b:90:f7:63:a8:14:a4:
7c:bb:f6:11:8b:c3:29:01:a4:bc:73:f5:dc:ed:d5:
b0:c3:02:6a:5c:4f:51:a2:15:2d:e9:5a:13:f1:e6:
17:d1:1c:04:4a:5e:b4:e5:c5:54:44:65:10:a2:1c:
78:a0:2f:22:a7:c3:ea:c6:41:f7:7b:b4:9b:ad:8a:
34:9e:2c:d8:b5:87:64:39:d8:80:77:52:c8:c1:d7:
63:b3:f4:97:ea:38:27:dd:3c:76:e7:d6:f7:77:44:
38:4b:f5:93:11:32:8e:b1:0f:2f:3d:8f:fe:23:0e:
48:31:d0:81:f5:19:f2:32:d2:57:dd:b8:2a:8d:f1:
ee:1d:d4:99:8f:99:bd:82:7a:d2:c8:bf:60:b9:03:
e9:d3:98:9c:57:a0:0f:91:4d:ca:04:0e:e0:d2:f5:
f7:12:8a:23:c5:4c:26:2e:f1:3b:24:a2:ce:ae:23:
12:de:43:b5:63:3f:9e:80:2e:fb:43:e9:a5:15:d6:
fb:15:05:eb:bd:39:72:27:9b:c3:ad:db:a0:af:fe:
85:94:eb:20:66:3c:2f:e6:0e:d1:7d:d4:a6:cd:9d:
8d:d4:90:cc:26:ea:47:4e:3f:1b:0a:d0:25:65:a1:
df:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B3:BD:81:FB:A4:C9:50:19:FC:3F:C5:7D:07:2B:48:72:A1:F6:90
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/IbO9gfukyVAZ_D_FfQcrSHKh9pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4203::-2a0e:4204:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:ae:12:87:a6:0a:1c:45:e6:d8:4e:ba:de:3a:90:62:99:10:
ee:5d:5b:ed:05:6e:5d:6c:fc:7f:24:4e:4f:7b:92:fe:78:24:
9c:37:b9:a9:dc:a7:64:bd:e5:d5:27:00:ed:9d:3f:bc:17:5c:
9d:d3:44:15:3f:23:fe:1d:6f:54:89:c1:9a:8b:95:8f:84:87:
16:9d:34:54:02:ea:56:0c:b0:b6:4b:01:27:48:38:e3:e5:2b:
82:2c:c8:cd:98:5c:fb:c1:a6:29:75:30:be:15:b0:52:b4:94:
20:82:e8:7e:e8:98:6e:b7:50:91:e1:03:c1:10:78:f4:e3:13:
22:7d:b4:49:09:75:a7:e9:da:6e:3b:19:f5:f0:97:5e:06:f7:
af:0b:45:48:c6:ac:10:48:dd:67:99:eb:75:d3:16:8f:10:72:
78:03:f2:68:d8:22:9e:99:8d:61:12:b4:5a:34:39:4a:03:44:
f5:43:fb:e0:98:30:49:2c:86:88:b7:bf:65:de:09:34:c2:fa:
3d:c1:f8:75:b7:27:13:ef:da:6a:8a:43:6e:16:26:24:9d:b7:
47:8b:a5:ea:cf:16:b5:99:a9:60:be:f5:95:52:e2:a9:1a:d7:
01:b3:92:31:94:d6:7c:e0:06:40:00:f9:1d:c1:4f:0a:1f:d0:
c5:36:b5:7f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzHlI6dKTyRjNhy32bwyaJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMTAyMDAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIzYmQ4MWZiYTRjOTUwMTlmYzNmYzU3ZDA3MmI0ODcyYTFmNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1FtbI6iVR2ZsVNW9Gwljz7e4oe6
e5uQ92OoFKR8u/YRi8MpAaS8c/Xc7dWwwwJqXE9RohUt6VoT8eYX0RwESl605cVU
RGUQohx4oC8ip8PqxkH3e7SbrYo0nizYtYdkOdiAd1LIwddjs/SX6jgn3Tx259b3
d0Q4S/WTETKOsQ8vPY/+Iw5IMdCB9RnyMtJX3bgqjfHuHdSZj5m9gnrSyL9guQPp
05icV6APkU3KBA7g0vX3EoojxUwmLvE7JKLOriMS3kO1Yz+egC77Q+mlFdb7FQXr
vTlyJ5vDrdugr/6FlOsgZjwv5g7RfdSmzZ2N1JDMJupHTj8bCtAlZaHfCwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCGzvYH7pMlQGfw/xX0HK0hyofaQMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvSWJPOWdmdWt5VkFaX0RfRmZRY3JTSEtoOXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDkID
AwUAKg5CBDANBgkqhkiG9w0BAQsFAAOCAQEAX64Sh6YKHEXm2E663jqQYpkQ7l1b
7QVuXWz8fyROT3uS/ngknDe5qdynZL3l1ScA7Z0/vBdcndNEFT8j/h1vVInBmouV
j4SHFp00VALqVgywtksBJ0g44+UrgizIzZhc+8GmKXUwvhWwUrSUIILofuiYbrdQ
keEDwRB49OMTIn20SQl1p+nabjsZ9fCXXgb3rwtFSMasEEjdZ5nrddMWjxByeAPy
aNginpmNYRK0WjQ5SgNE9UP74JgwSSyGiLe/Zd4JNML6PcH4dbcnE+/aaopDbhYm
JJ23R4ul6s8WtZmpYL71lVLiqRrXAbOSMZTWfOAGQAD5HcFPCh/QxTa1fw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:14 2025 by rpki-client