Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/8mOU_Hxk-RFJXUw4R-PLHmbSxbQ.roa
File: 8mOU_Hxk-RFJXUw4R-PLHmbSxbQ.roa (raw, json)
Hash identifier: NvSx4jDCWvzYBk2BUkffN/50PKp7T4QHXZCNEeSq6JI=
Subject key identifier: F2:63:94:FC:7C:64:F9:11:49:5D:4C:38:47:E3:CB:1E:66:D2:C5:B4
Certificate issuer: /CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Certificate serial: 019131B4E6671C279473BCF89D4E5BE04DB3
Authority key identifier: 4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/8mOU_Hxk-RFJXUw4R-PLHmbSxbQ.roa
Signing time: Thu 08 Aug 2024 11:17:04 +0000
ROA not before: Thu 08 Aug 2024 11:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203038
IP address blocks: 2a0d:bbc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Aug 2024 08:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:b4:e6:67:1c:27:94:73:bc:f8:9d:4e:5b:e0:4d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Validity
Not Before: Aug 8 11:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f26394fc7c64f911495d4c3847e3cb1e66d2c5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e1:9e:d5:0a:27:67:53:b5:7b:e6:47:10:5f:
0f:30:85:3f:5f:7d:7d:d5:87:42:df:7f:99:79:fb:
0d:46:2b:a0:e6:03:d9:73:f0:4b:05:cc:4f:f9:6b:
5a:a3:33:e0:d2:12:b2:5d:7f:58:6e:77:76:94:f1:
23:5b:45:7a:48:8e:42:4c:fa:ba:86:73:c8:bb:2c:
b3:79:23:ac:f0:13:c8:b2:65:0d:fb:d4:e2:01:59:
de:bb:5c:ee:94:39:cb:8b:73:50:25:20:1d:43:7d:
bd:89:d1:b4:b1:31:05:de:1f:b8:6e:ec:a0:5d:2b:
47:f1:56:95:26:1a:c4:f2:77:15:c5:2c:29:4c:b8:
5d:73:0f:0f:5d:03:c8:b3:4b:15:33:a3:32:a5:7d:
8e:24:4d:67:86:ff:ae:f2:9c:55:52:ce:f1:18:8e:
f7:86:ee:20:dc:1e:e1:e7:a7:88:b0:30:f7:b9:c6:
0f:88:5b:3b:c4:a6:02:dc:b1:ef:40:63:bb:7f:42:
f8:0d:bf:e0:e7:b3:b5:4b:ba:a9:d1:40:16:16:05:
66:d2:e2:0d:83:df:ce:ef:bd:58:45:07:7c:82:f2:
ca:05:f5:99:8c:bb:01:33:b3:e2:bc:05:b9:d1:ab:
c2:b9:39:33:2a:30:a5:81:42:db:25:c6:75:5a:f6:
45:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:63:94:FC:7C:64:F9:11:49:5D:4C:38:47:E3:CB:1E:66:D2:C5:B4
X509v3 Authority Key Identifier:
keyid:4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/8mOU_Hxk-RFJXUw4R-PLHmbSxbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:bbc0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:7f:49:13:ae:2e:5f:c1:91:a0:ef:fc:e5:4a:54:4f:19:e1:
d1:bb:c7:0f:55:b0:34:72:80:77:64:c9:75:a1:73:14:d3:11:
66:71:04:f4:79:2c:34:8e:9f:68:01:7b:0e:45:83:81:9b:5f:
c5:38:c7:7f:e7:04:c2:6f:48:c6:74:c7:22:ac:ff:b6:9b:66:
7d:e7:e9:fb:00:9a:fb:39:6d:44:b4:65:83:fc:9c:f1:34:77:
fd:96:b9:59:75:12:70:fa:e0:51:97:b4:16:46:c7:25:b7:57:
08:f4:ec:cc:e6:bc:eb:18:31:30:a4:53:db:3c:d7:98:c9:8f:
fd:6d:a7:a6:20:39:dd:28:ec:9f:c4:a7:89:4d:fd:8b:f6:17:
6a:ab:15:60:47:19:d8:54:61:9f:33:bd:43:f3:8f:56:c1:2f:
95:16:bf:32:9e:e8:34:6e:f9:cd:92:a5:9c:8a:09:5a:72:25:
3a:e6:09:e9:93:ab:b3:45:ce:3b:e2:99:01:0b:b2:44:0f:58:
10:f2:72:e2:55:28:51:d0:81:76:28:7d:b2:1e:58:12:18:03:
67:20:55:69:99:c7:15:82:20:a4:8b:c5:73:54:50:11:b8:5f:
ae:90:42:91:30:7a:f1:79:9e:3f:fb:32:20:bf:1b:49:b3:75:
1e:e6:a5:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZExtOZnHCeUc7z4nU5b4E2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjgwODAyYzY1NzlhNGQ0YTEwNjA4ZGNmOTJlOWFjZTk5
MDViMTYwHhcNMjQwODA4MTExNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYzOTRmYzdjNjRmOTExNDk1ZDRjMzg0N2UzY2IxZTY2ZDJjNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OGe1QonZ1O1e+ZHEF8PMIU/X319
1YdC33+ZefsNRiug5gPZc/BLBcxP+WtaozPg0hKyXX9Ybnd2lPEjW0V6SI5CTPq6
hnPIuyyzeSOs8BPIsmUN+9TiAVneu1zulDnLi3NQJSAdQ329idG0sTEF3h+4buyg
XStH8VaVJhrE8ncVxSwpTLhdcw8PXQPIs0sVM6MypX2OJE1nhv+u8pxVUs7xGI73
hu4g3B7h56eIsDD3ucYPiFs7xKYC3LHvQGO7f0L4Db/g57O1S7qp0UAWFgVm0uIN
g9/O771YRQd8gvLKBfWZjLsBM7PivAW50avCuTkzKjClgULbJcZ1WvZF9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPJjlPx8ZPkRSV1MOEfjyx5m0sW0MB8GA1UdIwQY
MBaAFEz4CALGV5pNShBgjc+S6azpkFsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAt
OTFmNDlkOGQxMTVkLzEvOG1PVV9IeGstUkZKWFV3NFItUExIbWJTeGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAtOTFmNDlkOGQxMTVk
LzEvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg27wDAN
BgkqhkiG9w0BAQsFAAOCAQEACn9JE64uX8GRoO/85UpUTxnh0bvHD1WwNHKAd2TJ
daFzFNMRZnEE9HksNI6faAF7DkWDgZtfxTjHf+cEwm9IxnTHIqz/tptmfefp+wCa
+zltRLRlg/yc8TR3/Za5WXUScPrgUZe0FkbHJbdXCPTszOa86xgxMKRT2zzXmMmP
/W2npiA53Sjsn8SniU39i/YXaqsVYEcZ2FRhnzO9Q/OPVsEvlRa/Mp7oNG75zZKl
nIoJWnIlOuYJ6ZOrs0XOO+KZAQuyRA9YEPJy4lUoUdCBdih9sh5YEhgDZyBVaZnH
FYIgpIvFc1RQEbhfrpBCkTB68XmeP/syIL8bSbN1Hualkw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:46 2025 by rpki-client