Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/8JFSWNUlc5-Yhqzi_opWwXjwi24.roa
File: 8JFSWNUlc5-Yhqzi_opWwXjwi24.roa (raw, json)
Hash identifier: ifH46JfhtTBprN50YtfklTPDKeIK/YTBngoNBJvYdas=
Subject key identifier: F0:91:52:58:D5:25:73:9F:98:86:AC:E2:FE:8A:56:C1:78:F0:8B:6E
Certificate issuer: /CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Certificate serial: 018CC94E48316FCAAB89E6B2BD4BAB381F31
Authority key identifier: 42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/8JFSWNUlc5-Yhqzi_opWwXjwi24.roa
Signing time: Tue 02 Jan 2024 08:33:19 +0000
ROA not before: Tue 02 Jan 2024 08:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43595
IP address blocks: 2a06:4180:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:48:31:6f:ca:ab:89:e6:b2:bd:4b:ab:38:1f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Validity
Not Before: Jan 2 08:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0915258d525739f9886ace2fe8a56c178f08b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:f9:09:4c:3b:38:0b:10:38:49:a5:d8:41:51:
0f:bf:12:e3:d4:ae:0a:27:a5:e8:0b:b6:00:eb:45:
8f:85:5e:90:45:1d:97:74:18:2a:3f:b9:d8:92:d5:
27:f2:e2:82:60:44:38:5c:13:5c:af:f2:2f:35:06:
09:6c:d6:10:8a:e0:c7:23:be:96:15:17:7b:ec:64:
14:1d:5a:c8:a5:8d:5c:00:1c:d2:22:5b:27:94:49:
92:03:30:62:f3:3a:e8:ee:15:b3:9d:28:77:bb:6d:
7f:85:e3:46:1e:49:46:6d:8f:bc:bf:9a:88:84:4c:
af:c4:4c:ff:ac:58:d8:00:f0:ac:25:d7:20:f8:49:
25:1b:98:a6:4c:95:de:7c:4d:21:e0:a1:a7:9e:50:
34:e4:b4:a6:fe:fd:15:c3:c4:5b:72:85:97:08:f4:
02:82:93:cc:65:04:66:7d:40:32:06:a7:70:c6:bb:
b0:ae:d2:e1:05:82:e8:bc:54:2b:ad:3a:2f:25:82:
82:80:36:e9:9f:e0:61:c7:df:c3:c9:1a:de:69:f0:
7c:1c:e9:cb:00:68:0d:8c:fd:58:d3:3f:a4:d0:3a:
92:94:5d:bf:10:85:c2:dd:3b:e9:28:43:a4:e9:bc:
43:1d:20:09:75:8b:f3:ee:e8:08:dc:9c:63:9e:b3:
09:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:91:52:58:D5:25:73:9F:98:86:AC:E2:FE:8A:56:C1:78:F0:8B:6E
X509v3 Authority Key Identifier:
keyid:42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/8JFSWNUlc5-Yhqzi_opWwXjwi24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/QrTHmiKj_ph-8xkIzUT_gemxrPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4180:1::/48
Signature Algorithm: sha256WithRSAEncryption
86:06:44:e6:5d:a6:22:e0:07:7d:1a:63:e3:87:d4:4e:36:16:
e1:5f:89:73:da:c5:b3:ca:e5:59:1a:ba:b7:67:33:cf:aa:fb:
7b:9c:e2:1f:ac:a3:1d:7d:2c:14:1a:3a:ca:42:97:74:f6:ca:
9c:68:61:4b:5d:09:c4:c4:ed:91:ba:47:00:e8:e7:ae:c8:08:
11:09:f5:70:88:84:cd:56:85:f6:0d:60:d3:d2:bb:e9:40:fe:
f4:01:e4:30:90:98:a1:24:0f:1c:05:74:1a:83:b1:07:76:4f:
14:b0:2c:ec:4c:de:5f:05:10:f6:57:30:d0:9b:0f:f5:a4:8b:
ce:39:14:e9:df:7d:3e:52:f4:49:2d:cd:f5:c5:46:24:b2:6f:
e0:8e:87:cb:b0:0e:ea:40:fe:a6:2f:89:d4:40:4c:02:e4:06:
84:43:38:aa:87:6a:65:8b:dc:d4:49:38:2c:a3:7c:84:19:42:
61:bf:e9:9f:70:0e:df:a5:c6:0c:f5:ee:d3:37:ce:bc:e5:68:
9e:e1:46:57:7a:80:a5:78:f9:2c:6f:89:34:bd:10:3b:66:57:
e4:08:8d:2f:88:85:ae:c8:52:ca:87:22:31:b3:0d:2e:85:11:
ea:c5:9e:8c:90:35:0b:61:4d:07:8c:cb:2e:6e:55:7d:49:72:
61:71:86:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTkgxb8qrieayvUurOB8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYjRjNzlhMjJhM2ZlOTg3ZWYzMTkwOGNkNDRmZjgxZTli
MWFjZjQwHhcNMjQwMTAyMDgzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDkxNTI1OGQ1MjU3MzlmOTg4NmFjZTJmZThhNTZjMTc4ZjA4YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PkJTDs4CxA4SaXYQVEPvxLj1K4K
J6XoC7YA60WPhV6QRR2XdBgqP7nYktUn8uKCYEQ4XBNcr/IvNQYJbNYQiuDHI76W
FRd77GQUHVrIpY1cABzSIlsnlEmSAzBi8zro7hWznSh3u21/heNGHklGbY+8v5qI
hEyvxEz/rFjYAPCsJdcg+EklG5imTJXefE0h4KGnnlA05LSm/v0Vw8RbcoWXCPQC
gpPMZQRmfUAyBqdwxruwrtLhBYLovFQrrTovJYKCgDbpn+Bhx9/DyRreafB8HOnL
AGgNjP1Y0z+k0DqSlF2/EIXC3TvpKEOk6bxDHSAJdYvz7ugI3JxjnrMJ9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPCRUljVJXOfmIas4v6KVsF48ItuMB8GA1UdIwQY
MBaAFEK0x5oio/6YfvMZCM1E/4Hpsaz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQt
ZjI4ODEzN2NiNTAwLzEvOEpGU1dOVWxjNS1ZaHF6aV9vcFd3WGp3aTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQtZjI4ODEzN2NiNTAw
LzEvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgZBgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCGBkTmXaYi4Ad9GmPjh9RONhbhX4lz2sWzyuVZ
Grq3ZzPPqvt7nOIfrKMdfSwUGjrKQpd09sqcaGFLXQnExO2RukcA6OeuyAgRCfVw
iITNVoX2DWDT0rvpQP70AeQwkJihJA8cBXQag7EHdk8UsCzsTN5fBRD2VzDQmw/1
pIvOORTp330+UvRJLc31xUYksm/gjofLsA7qQP6mL4nUQEwC5AaEQziqh2pli9zU
STgso3yEGUJhv+mfcA7fpcYM9e7TN8685Wie4UZXeoClePksb4k0vRA7ZlfkCI0v
iIWuyFLKhyIxsw0uhRHqxZ6MkDULYU0HjMsublV9SXJhcYYz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:57 2025 by rpki-client