Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4bd70c-094a-43d0-adda-04fbd681896a/1/h88JcF-KqAqfjo6n1wBdQpzvZls.roa
File: h88JcF-KqAqfjo6n1wBdQpzvZls.roa (raw, json)
Hash identifier: +mWVy/V5Wce2e1yUOVCJZg5Kbqc/9pxLl2u6WAP18jw=
Subject key identifier: 87:CF:09:70:5F:8A:A8:0A:9F:8E:8E:A7:D7:00:5D:42:9C:EF:66:5B
Certificate issuer: /CN=f1b9aecaa37dedc0f2c04f51bc963fcd2e4aaccc
Certificate serial: 019387798B8AA2C1280CB4DD3E48AF3F3D1A
Authority key identifier: F1:B9:AE:CA:A3:7D:ED:C0:F2:C0:4F:51:BC:96:3F:CD:2E:4A:AC:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bmuyqN97cDywE9RvJY_zS5KrMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/4bd70c-094a-43d0-adda-04fbd681896a/1/h88JcF-KqAqfjo6n1wBdQpzvZls.roa
Signing time: Mon 02 Dec 2024 13:05:09 +0000
ROA not before: Mon 02 Dec 2024 13:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214567
IP address blocks: 2a14:11c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:79:8b:8a:a2:c1:28:0c:b4:dd:3e:48:af:3f:3d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b9aecaa37dedc0f2c04f51bc963fcd2e4aaccc
Validity
Not Before: Dec 2 13:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87cf09705f8aa80a9f8e8ea7d7005d429cef665b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:78:d1:8f:30:15:9f:e0:e1:f8:45:39:71:
36:d7:a8:37:46:a2:50:0c:53:60:ec:d3:e2:44:da:
40:8a:a8:19:41:f1:60:21:f0:32:93:cc:a7:29:f0:
77:0e:7c:72:c3:05:e0:7c:82:dd:c8:b9:0f:f9:00:
c1:bb:d4:0d:75:d9:44:3c:2c:d0:a7:cf:11:24:35:
30:cf:80:25:67:e8:f7:89:cc:54:ae:9a:11:10:a1:
db:3b:7c:9f:4b:53:8f:d5:07:da:99:fb:c6:73:be:
04:f8:0c:97:af:6b:cd:72:2c:57:4a:fa:6f:02:50:
60:a2:77:b5:6d:bd:db:66:c8:c2:68:00:9d:0d:ad:
38:67:ce:a0:07:96:4c:81:a0:45:f3:be:64:b2:df:
f9:eb:8d:dd:92:9b:f9:a0:08:82:06:65:da:00:60:
d3:62:8f:35:4d:56:16:1c:99:fe:90:1b:3d:e7:67:
fa:46:ec:41:9b:91:66:3b:c0:7e:13:bb:dc:4c:5f:
51:54:b8:74:c4:ea:21:bf:6e:eb:68:4e:89:66:f1:
bc:b8:1e:c6:1a:0f:42:03:ae:b3:86:4b:81:35:9f:
eb:b9:67:95:26:31:e1:1f:cc:e2:88:bf:1b:36:67:
62:10:dc:82:6e:73:54:48:ce:8f:4f:16:2a:fc:5c:
e9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CF:09:70:5F:8A:A8:0A:9F:8E:8E:A7:D7:00:5D:42:9C:EF:66:5B
X509v3 Authority Key Identifier:
keyid:F1:B9:AE:CA:A3:7D:ED:C0:F2:C0:4F:51:BC:96:3F:CD:2E:4A:AC:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bmuyqN97cDywE9RvJY_zS5KrMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4bd70c-094a-43d0-adda-04fbd681896a/1/h88JcF-KqAqfjo6n1wBdQpzvZls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4bd70c-094a-43d0-adda-04fbd681896a/1/8bmuyqN97cDywE9RvJY_zS5KrMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:11c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:be:1e:68:35:cd:e3:3a:a6:18:2b:d1:4f:60:6b:46:17:59:
13:69:8b:1f:5a:1a:70:2a:3f:35:22:dd:34:09:f4:51:18:8a:
0c:55:04:02:e5:81:9f:30:7b:1e:0d:af:22:02:54:da:cf:fe:
b9:68:aa:50:88:9a:64:fa:47:6e:03:10:7e:b8:1c:ab:ad:61:
2d:0e:72:f2:90:85:73:dc:f5:1d:ee:de:79:09:f8:a1:80:20:
2b:ea:7a:a4:a4:66:06:a6:ba:aa:a8:ac:21:5e:41:13:c4:ed:
c2:d8:5c:34:b1:ab:a6:d9:1a:88:d5:56:86:18:46:54:d8:f6:
ed:c2:f1:a0:f6:5c:0a:f4:99:dc:b0:3e:49:e7:4b:c9:96:4f:
d6:a5:e3:5b:9b:6f:59:87:1f:f2:08:e4:cd:a2:8e:b6:04:9c:
90:b8:30:66:d3:51:6b:e7:fd:90:fd:0f:8a:07:05:0c:68:21:
00:3f:53:a3:0d:55:cf:e8:67:02:1f:c1:17:7d:a0:8e:ff:cb:
7d:50:9e:9e:b2:4a:59:dd:9b:f1:9b:c7:e2:36:19:58:51:18:
0f:68:ad:be:67:73:b5:bb:69:f5:3d:72:3d:98:88:92:6c:4a:
a1:2b:b2:9a:58:96:cb:a1:36:3f:bf:33:3d:25:76:e9:ee:2b:
4e:d2:1e:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOHeYuKosEoDLTdPkivPz0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjlhZWNhYTM3ZGVkYzBmMmMwNGY1MWJjOTYzZmNkMmU0
YWFjY2MwHhcNMjQxMjAyMTMwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NmMDk3MDVmOGFhODBhOWY4ZThlYTdkNzAwNWQ0MjljZWY2NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/h40Y8wFZ/g4fhFOXE216g3RqJQ
DFNg7NPiRNpAiqgZQfFgIfAyk8ynKfB3DnxywwXgfILdyLkP+QDBu9QNddlEPCzQ
p88RJDUwz4AlZ+j3icxUrpoREKHbO3yfS1OP1QfamfvGc74E+AyXr2vNcixXSvpv
AlBgone1bb3bZsjCaACdDa04Z86gB5ZMgaBF875kst/5643dkpv5oAiCBmXaAGDT
Yo81TVYWHJn+kBs952f6RuxBm5FmO8B+E7vcTF9RVLh0xOohv27raE6JZvG8uB7G
Gg9CA66zhkuBNZ/ruWeVJjHhH8ziiL8bNmdiENyCbnNUSM6PTxYq/FzpgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIfPCXBfiqgKn46Op9cAXUKc72ZbMB8GA1UdIwQY
MBaAFPG5rsqjfe3A8sBPUbyWP80uSqzMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJtdXlxTjk3Y0R5d0U5UnZKWV96UzVLck13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80YmQ3MGMtMDk0YS00M2QwLWFkZGEt
MDRmYmQ2ODE4OTZhLzEvaDg4SmNGLUtxQXFmam82bjF3QmRRcHp2WmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80YmQ3MGMtMDk0YS00M2QwLWFkZGEtMDRmYmQ2ODE4OTZh
LzEvOGJtdXlxTjk3Y0R5d0U5UnZKWV96UzVLck13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAn74eaDXN4zqmGCvRT2BrRhdZE2mLH1oacCo/NSLd
NAn0URiKDFUEAuWBnzB7Hg2vIgJU2s/+uWiqUIiaZPpHbgMQfrgcq61hLQ5y8pCF
c9z1He7eeQn4oYAgK+p6pKRmBqa6qqisIV5BE8TtwthcNLGrptkaiNVWhhhGVNj2
7cLxoPZcCvSZ3LA+SedLyZZP1qXjW5tvWYcf8gjkzaKOtgSckLgwZtNRa+f9kP0P
igcFDGghAD9Tow1Vz+hnAh/BF32gjv/LfVCenrJKWd2b8ZvH4jYZWFEYD2itvmdz
tbtp9T1yPZiIkmxKoSuymliWy6E2P78zPSV26e4rTtIePw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:37:00 2025 by rpki-client