Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/a8G3o3bAVrVRcJgAMKlcODQe0rs.roa
File: a8G3o3bAVrVRcJgAMKlcODQe0rs.roa (raw, json)
Hash identifier: R3YrGeDrqwvzC2zVXffgw60Iio6CIv6U6xQZnQQW4KA=
Subject key identifier: 6B:C1:B7:A3:76:C0:56:B5:51:70:98:00:30:A9:5C:38:34:1E:D2:BB
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 01942444B36F892365F43F286C40852689AA
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/a8G3o3bAVrVRcJgAMKlcODQe0rs.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208626
IP address blocks: 2a11:7e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 Jan 2025 14:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b3:6f:89:23:65:f4:3f:28:6c:40:85:26:89:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bc1b7a376c056b55170980030a95c38341ed2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f0:1a:63:ee:db:10:fc:de:91:a6:7b:7e:4b:
57:85:1b:ed:dc:d3:49:4b:75:18:70:ab:a0:47:5a:
48:13:6d:63:96:ae:e6:19:d4:cb:75:82:e4:70:51:
50:37:d2:2c:be:46:2a:46:e4:db:03:97:4a:18:41:
84:76:29:61:5c:13:2c:e4:7a:a3:40:cf:05:9c:72:
ee:1e:70:17:75:47:7f:01:4f:ce:4f:dd:1b:de:3b:
f5:ae:26:0d:16:9e:3f:1c:a1:d1:be:3a:33:6b:22:
ae:91:6c:80:cd:2d:a6:bd:84:77:00:4c:d7:cf:14:
08:b4:7a:a6:e8:57:6b:70:58:7b:15:1b:f3:f8:13:
30:d7:4d:49:b6:c9:ca:0b:9e:79:88:1c:e4:89:71:
39:82:6e:2c:4c:6a:4e:87:c8:80:f6:29:72:ec:38:
58:6a:b9:93:c5:d3:6f:17:c9:d5:17:11:5b:f6:b3:
64:df:f4:4e:16:80:33:c8:ab:fe:47:2b:4f:a2:ef:
7c:d2:2b:a9:33:f2:bc:19:82:10:05:70:02:1c:a2:
a8:bf:85:bf:ad:cc:9b:67:0d:ce:8e:19:3c:37:a0:
5c:67:49:fe:f7:03:a7:ca:05:cb:98:5f:64:70:27:
ad:b5:1a:8b:00:f1:a1:a6:de:e2:90:43:67:58:c6:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C1:B7:A3:76:C0:56:B5:51:70:98:00:30:A9:5C:38:34:1E:D2:BB
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/a8G3o3bAVrVRcJgAMKlcODQe0rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
28:f2:c9:72:69:21:eb:d2:ac:91:a2:6e:67:bf:a2:b8:ac:f3:
39:52:ee:39:18:0e:18:91:ac:31:ca:94:db:d2:0b:2b:39:43:
41:aa:ab:c0:09:2d:60:be:7a:5c:20:b1:13:d6:f3:c1:81:a7:
22:db:ac:cf:1b:dc:2d:2d:d1:e6:b3:e3:a6:fa:ca:9f:c8:49:
c3:10:77:a9:76:69:92:b4:72:76:d4:dc:14:32:ba:e3:8f:01:
6a:ae:06:cc:a0:9b:77:bf:b3:bb:ae:96:88:a8:e8:08:19:e7:
30:6d:b4:b8:e1:d5:d0:dc:28:e6:12:50:5a:a6:af:9d:ba:6a:
83:b2:00:c6:54:22:96:ef:89:19:64:b7:cd:ff:59:0b:52:81:
92:32:f5:93:e6:62:10:2c:aa:55:75:fb:e3:41:1d:3c:dd:ee:
26:a3:44:d8:d0:89:62:12:4e:5d:5c:8f:40:30:96:b6:f8:f1:
df:22:24:c8:5b:68:d5:b6:f1:4a:ff:4a:1e:24:37:f1:a3:e0:
98:0b:fc:b8:63:a6:aa:ad:71:36:ae:8c:1f:78:6f:80:de:98:
8d:4f:7b:27:46:4a:d9:1d:5b:e2:51:a3:5f:ef:d9:a6:28:b7:
d2:75:37:5f:36:13:2f:4a:b4:d4:4c:67:fa:a6:f5:9c:fc:41:
2e:42:47:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRLNviSNl9D8obECFJomqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMxYjdhMzc2YzA1NmI1NTE3MDk4MDAzMGE5NWMzODM0MWVkMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fAaY+7bEPzekaZ7fktXhRvt3NNJ
S3UYcKugR1pIE21jlq7mGdTLdYLkcFFQN9IsvkYqRuTbA5dKGEGEdilhXBMs5Hqj
QM8FnHLuHnAXdUd/AU/OT90b3jv1riYNFp4/HKHRvjozayKukWyAzS2mvYR3AEzX
zxQItHqm6FdrcFh7FRvz+BMw101JtsnKC555iBzkiXE5gm4sTGpOh8iA9ily7DhY
armTxdNvF8nVFxFb9rNk3/ROFoAzyKv+RytPou980iupM/K8GYIQBXACHKKov4W/
rcybZw3Ojhk8N6BcZ0n+9wOnygXLmF9kcCettRqLAPGhpt7ikENnWMakAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGvBt6N2wFa1UXCYADCpXDg0HtK7MB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvYThHM28zYkFWclZSY0pnQU1LbGNPRFFlMHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhF+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAKPLJcmkh69KskaJuZ7+iuKzzOVLuORgOGJGsMcqU
29ILKzlDQaqrwAktYL56XCCxE9bzwYGnItuszxvcLS3R5rPjpvrKn8hJwxB3qXZp
krRydtTcFDK6448Baq4GzKCbd7+zu66WiKjoCBnnMG20uOHV0Nwo5hJQWqavnbpq
g7IAxlQilu+JGWS3zf9ZC1KBkjL1k+ZiECyqVXX740EdPN3uJqNE2NCJYhJOXVyP
QDCWtvjx3yIkyFto1bbxSv9KHiQ38aPgmAv8uGOmqq1xNq6MH3hvgN6YjU97J0ZK
2R1b4lGjX+/Zpii30nU3XzYTL0q01Exn+qb1nPxBLkJHcQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:52:37 2025 by rpki-client