Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/eKb8vlPCNvUGjevzpmABzQuEhD8.roa
File: eKb8vlPCNvUGjevzpmABzQuEhD8.roa (raw, json)
Hash identifier: LYoYI8IwoZgNsaUyjZA/wG9ubHR7iJcEb5DACAEriMo=
Subject key identifier: 78:A6:FC:BE:53:C2:36:F5:06:8D:EB:F3:A6:60:01:CD:0B:84:84:3F
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194221F4EDA403D746C3A2BC6B6074CD45B
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/eKb8vlPCNvUGjevzpmABzQuEhD8.roa
Signing time: Wed 01 Jan 2025 13:47:44 +0000
ROA not before: Wed 01 Jan 2025 13:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 2a0e:4203::/32 maxlen: 48
2a0e:4204::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:4e:da:40:3d:74:6c:3a:2b:c6:b6:07:4c:d4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 13:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78a6fcbe53c236f5068debf3a66001cd0b84843f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0d:87:a2:22:8e:c8:09:ab:2d:fc:ab:06:04:
ad:39:1f:d2:bb:7f:a8:2f:fe:1a:05:9a:5e:f7:4a:
1a:1e:2c:b0:65:9c:21:85:cb:fd:82:f3:ff:eb:69:
75:5c:c2:dc:d8:5d:22:b9:c1:2f:ad:3c:6c:04:09:
a4:df:4c:59:8a:18:90:3e:60:c1:37:e7:47:c4:45:
2a:94:ed:5b:2d:dd:3b:3b:0b:0e:c5:15:08:65:5d:
d2:85:08:77:35:3b:6e:b9:04:f9:52:c8:b1:e1:ca:
48:fe:fe:66:62:50:f8:6a:db:7f:13:40:b8:f0:84:
0b:84:fe:b1:08:68:a6:27:40:c2:d2:ac:db:27:5e:
1a:a0:a2:1f:59:ba:4f:0e:2d:8f:6d:b9:7c:02:7a:
60:f0:8a:50:c2:0a:02:ed:d3:0c:d5:29:e4:66:2f:
16:cb:60:70:57:51:9c:10:bd:7a:e0:08:51:2e:e6:
cd:d9:68:00:db:56:94:91:30:e6:12:74:0c:f5:fa:
d2:d9:26:ad:9f:bf:c2:c2:00:a6:e0:b2:53:bb:ac:
18:fb:fc:60:18:0e:97:1f:d8:cf:75:fd:af:ba:28:
3f:d6:61:49:66:db:4c:84:55:0b:4e:16:24:95:4e:
b6:ca:8a:7e:45:56:6d:f1:fa:b4:d6:34:aa:b3:ef:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A6:FC:BE:53:C2:36:F5:06:8D:EB:F3:A6:60:01:CD:0B:84:84:3F
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/eKb8vlPCNvUGjevzpmABzQuEhD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4203::-2a0e:4204:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:b9:b1:39:35:c8:ce:6e:28:ca:8f:1a:89:01:fb:c3:ea:46:
14:20:5c:94:b4:c4:f5:c7:7a:c1:c2:9a:6d:73:14:55:d8:50:
fc:6d:f7:3c:d7:6a:1c:42:28:cd:85:71:62:ae:3d:d2:5f:4d:
ec:38:e2:d2:56:c2:1b:90:24:34:1b:d6:9d:aa:79:57:c5:0b:
5c:74:58:53:13:39:4a:a9:40:88:78:d5:99:a2:12:bd:6a:6f:
7e:06:7c:f0:68:c1:f0:ce:99:ff:cf:11:51:17:12:67:2f:06:
49:d0:99:98:d1:4c:22:1c:f3:22:6c:09:3a:4c:24:cf:4c:22:
ad:ed:76:d0:4a:f6:25:1e:6f:b7:50:a2:01:fc:d0:ca:30:f2:
19:32:26:22:e0:1e:c7:6c:29:37:01:80:c7:23:f3:c0:f8:f5:
c4:73:b5:2e:7b:a3:6b:78:c4:23:0f:6c:d1:96:88:5f:18:bb:
97:4b:ff:c4:5a:74:dc:39:3a:d1:ef:40:ba:26:22:b6:d9:44:
a6:7d:af:69:89:95:05:bf:1f:4a:98:c5:8d:da:21:df:09:d0:
b1:26:26:1f:10:79:0a:2f:89:b5:5c:5a:b3:41:78:9a:50:1d:
82:e3:8b:cd:a4:c9:51:82:a3:d6:8b:42:f4:66:b6:0c:a6:34:
75:11:f6:a4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQiH07aQD10bDorxrYHTNRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTAxMTM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE2ZmNiZTUzYzIzNmY1MDY4ZGViZjNhNjYwMDFjZDBiODQ4NDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g2HoiKOyAmrLfyrBgStOR/Su3+o
L/4aBZpe90oaHiywZZwhhcv9gvP/62l1XMLc2F0iucEvrTxsBAmk30xZihiQPmDB
N+dHxEUqlO1bLd07OwsOxRUIZV3ShQh3NTtuuQT5Usix4cpI/v5mYlD4att/E0C4
8IQLhP6xCGimJ0DC0qzbJ14aoKIfWbpPDi2Pbbl8Anpg8IpQwgoC7dMM1SnkZi8W
y2BwV1GcEL164AhRLubN2WgA21aUkTDmEnQM9frS2Satn7/CwgCm4LJTu6wY+/xg
GA6XH9jPdf2vuig/1mFJZttMhFULThYklU62yop+RVZt8fq01jSqs+9onwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFHim/L5Twjb1Bo3r86ZgAc0LhIQ/MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvZUtiOHZsUENOdlVHamV2enBtQUJ6UXVFaEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDkID
AwUAKg5CBDANBgkqhkiG9w0BAQsFAAOCAQEAR7mxOTXIzm4oyo8aiQH7w+pGFCBc
lLTE9cd6wcKabXMUVdhQ/G33PNdqHEIozYVxYq490l9N7Dji0lbCG5AkNBvWnap5
V8ULXHRYUxM5SqlAiHjVmaISvWpvfgZ88GjB8M6Z/88RURcSZy8GSdCZmNFMIhzz
ImwJOkwkz0wire120Er2JR5vt1CiAfzQyjDyGTImIuAex2wpNwGAxyPzwPj1xHO1
Lnuja3jEIw9s0ZaIXxi7l0v/xFp03Dk60e9AuiYittlEpn2vaYmVBb8fSpjFjdoh
3wnQsSYmHxB5Ci+JtVxas0F4mlAdguOLzaTJUYKj1otC9Ga2DKY0dRH2pA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:38 2025 by rpki-client