Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/j4FNp9mow_ZjqOF5umWdqgSCTHc.roa
File: j4FNp9mow_ZjqOF5umWdqgSCTHc.roa (raw, json)
Hash identifier: w+BRbMDUWElK/bEyUHCE4QRc+KrvMh823ajVhDy/3g0=
Subject key identifier: 8F:81:4D:A7:D9:A8:C3:F6:63:A8:E1:79:BA:65:9D:AA:04:82:4C:77
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 0190DFC6B0F48AB8659B4964D98ECB3E4063
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/j4FNp9mow_ZjqOF5umWdqgSCTHc.roa
Signing time: Tue 23 Jul 2024 13:27:38 +0000
ROA not before: Tue 23 Jul 2024 13:27:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sun 27 Oct 2024 08:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:c6:b0:f4:8a:b8:65:9b:49:64:d9:8e:cb:3e:40:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Jul 23 13:27:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f814da7d9a8c3f663a8e179ba659daa04824c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e0:fd:02:d9:0c:62:44:5e:ab:f8:55:4f:c4:
f8:a8:e2:36:c6:d5:31:6a:a3:02:04:a8:33:ff:7e:
8e:2e:a8:d6:88:e4:76:c5:f4:42:f8:3a:cf:21:c6:
2e:ba:62:13:87:88:93:f0:28:36:82:3f:68:45:db:
9a:50:d9:c8:da:dd:1d:5d:0f:ac:44:2c:87:23:2e:
39:0e:f4:e9:0a:92:fa:d0:63:02:eb:25:2d:af:c0:
32:95:85:2b:e4:da:a6:a3:70:99:23:51:6c:4c:fb:
6d:99:65:b4:3b:41:ac:39:d2:c2:a3:48:87:ee:21:
48:3a:46:37:54:d3:ef:00:96:9b:28:f5:c9:c0:f2:
4b:f0:90:f9:01:df:4a:da:a4:42:5b:39:f5:7e:54:
e4:9d:6f:fc:07:54:98:b6:19:79:02:16:79:58:ce:
cb:8b:85:7d:96:89:a4:f9:cd:15:66:25:fa:b7:3e:
ec:a5:26:be:ca:e9:27:27:2f:ef:cc:f2:73:85:f4:
d0:2c:7e:d8:26:85:83:95:c0:f4:fa:40:f9:de:1a:
ff:eb:f6:41:3a:a4:58:3c:49:4b:64:26:df:70:f8:
f1:52:a3:97:d1:eb:ae:e8:7d:c3:6a:a0:2d:b5:4b:
fc:e7:d0:65:ce:9c:71:5e:e4:a6:81:5f:3d:e0:b7:
e3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:81:4D:A7:D9:A8:C3:F6:63:A8:E1:79:BA:65:9D:AA:04:82:4C:77
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/j4FNp9mow_ZjqOF5umWdqgSCTHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
3f:9a:04:04:42:18:d8:e5:7c:f8:30:be:46:b5:73:02:44:45:
62:bf:40:0e:98:71:10:48:ed:1c:8c:5b:8a:a1:53:67:81:28:
fa:e1:6f:0c:f1:53:93:4a:0c:b3:d3:98:22:d0:70:bb:56:e3:
83:52:be:46:7f:83:c4:8f:e2:86:28:ee:c0:6f:58:84:2c:26:
6a:62:80:ce:d7:e6:fd:4d:75:cd:7f:4f:77:14:40:c9:a3:e1:
0f:a5:e0:ad:e4:e5:a3:b1:85:9d:cb:32:ad:39:99:6b:6d:4f:
66:ea:05:5e:fb:32:7b:e6:b8:f9:36:3e:dc:e9:1c:27:93:42:
e6:4b:3c:8f:32:e6:ed:b6:8e:69:0b:93:0f:b2:22:3d:3c:67:
f9:99:53:3f:51:74:81:f3:e2:b0:22:e6:80:c2:35:9c:52:8a:
63:28:9f:41:23:4f:32:76:f3:b6:e6:e1:f0:f3:17:01:ba:94:
62:d5:d5:77:a3:14:21:29:91:04:cf:47:bb:80:76:4a:fb:3f:
4f:1a:13:34:81:ab:ee:a4:28:f5:98:d3:d1:56:80:9d:18:a3:
3e:ab:32:4f:f2:62:10:14:4e:ba:05:0b:f1:5d:b4:47:98:66:
7b:c0:8e:27:65:2f:bb:c5:92:29:c0:ba:f5:d0:48:d7:f4:bf:
64:10:49:86
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZDfxrD0irhlm0lk2Y7LPkBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjQwNzIzMTMyNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjgxNGRhN2Q5YThjM2Y2NjNhOGUxNzliYTY1OWRhYTA0ODI0Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOD9AtkMYkReq/hVT8T4qOI2xtUx
aqMCBKgz/36OLqjWiOR2xfRC+DrPIcYuumITh4iT8Cg2gj9oRduaUNnI2t0dXQ+s
RCyHIy45DvTpCpL60GMC6yUtr8AylYUr5Nqmo3CZI1FsTPttmWW0O0GsOdLCo0iH
7iFIOkY3VNPvAJabKPXJwPJL8JD5Ad9K2qRCWzn1flTknW/8B1SYthl5AhZ5WM7L
i4V9lomk+c0VZiX6tz7spSa+yuknJy/vzPJzhfTQLH7YJoWDlcD0+kD53hr/6/ZB
OqRYPElLZCbfcPjxUqOX0euu6H3DaqAttUv859BlzpxxXuSmgV894Lfj0wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI+BTafZqMP2Y6jhebplnaoEgkx3MB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvajRGTnA5bW93X1pqcU9GNXVtV2RxZ1NDVEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBAD+aBARCGNjlfPgwvka1cwJERWK/QA6YcRBI7RyM
W4qhU2eBKPrhbwzxU5NKDLPTmCLQcLtW44NSvkZ/g8SP4oYo7sBvWIQsJmpigM7X
5v1Ndc1/T3cUQMmj4Q+l4K3k5aOxhZ3LMq05mWttT2bqBV77MnvmuPk2PtzpHCeT
QuZLPI8y5u22jmkLkw+yIj08Z/mZUz9RdIHz4rAi5oDCNZxSimMon0EjTzJ287bm
4fDzFwG6lGLV1XejFCEpkQTPR7uAdkr7P08aEzSBq+6kKPWY09FWgJ0Yoz6rMk/y
YhAUTroFC/FdtEeYZnvAjidlL7vFkinAuvXQSNf0v2QQSYY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:29:25 2025 by rpki-client