Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/H0IuFgyxgbimYuYa_qbTwce5lFk.roa
File: H0IuFgyxgbimYuYa_qbTwce5lFk.roa (raw, json)
Hash identifier: qgQyaY5p2TSHHwRjKERyjpV9uUwuZhSQScnVi1qfsas=
Subject key identifier: 1F:42:2E:16:0C:B1:81:B8:A6:62:E6:1A:FE:A6:D3:C1:C7:B9:94:59
Certificate issuer: /CN=3fa136d7643fdc0d3fb1d53467d8abb299b79171
Certificate serial: 018CDF9CDBF0170BF64D4AF6A94A8F2546BC
Authority key identifier: 3F:A1:36:D7:64:3F:DC:0D:3F:B1:D5:34:67:D8:AB:B2:99:B7:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6E212Q_3A0_sdU0Z9irspm3kXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/H0IuFgyxgbimYuYa_qbTwce5lFk.roa
Signing time: Sat 06 Jan 2024 16:30:48 +0000
ROA not before: Sat 06 Jan 2024 16:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215777
IP address blocks: 2001:67c:d74::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:df:9c:db:f0:17:0b:f6:4d:4a:f6:a9:4a:8f:25:46:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fa136d7643fdc0d3fb1d53467d8abb299b79171
Validity
Not Before: Jan 6 16:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f422e160cb181b8a662e61afea6d3c1c7b99459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f9:66:cb:32:02:a9:05:17:86:de:9c:27:df:
a8:9e:4a:b6:39:e5:6b:86:c9:3a:c4:99:c6:0f:23:
c9:94:97:76:d6:90:31:9f:d3:27:ae:c8:1d:7e:9d:
e5:ac:67:cc:41:80:eb:56:d5:5a:d8:ef:16:e3:34:
72:25:ae:2e:5c:e4:18:fa:6c:78:df:58:2f:94:3a:
c7:c3:ee:ab:7f:62:79:5f:c0:da:a4:9a:f0:c9:c7:
98:aa:0d:8c:9e:cf:a8:cd:60:49:b6:78:7b:3b:a5:
e6:15:ea:6a:30:75:03:e0:ee:38:e3:63:08:ec:7f:
d5:02:a9:8f:f5:09:1d:49:2d:a8:73:0f:87:21:9f:
69:66:29:e9:57:90:a4:69:3c:c1:d3:24:ff:52:fd:
6e:80:04:0d:b7:0c:e8:ef:82:b7:c1:28:2b:57:fd:
59:ec:4d:48:cb:a9:24:e9:ac:23:e6:23:26:51:5a:
a5:af:3a:06:ef:e5:c6:16:d9:de:35:69:da:07:65:
07:a3:1f:d2:fe:44:84:80:df:6d:86:51:6f:fe:e3:
ce:f1:19:4e:ce:1a:bb:2e:f6:ce:2b:a8:bc:f2:9d:
6b:78:8e:1b:4b:de:15:f6:aa:a6:95:4b:fa:9e:3c:
53:11:c4:16:8e:69:d4:20:a1:c6:e8:a3:96:94:3b:
3e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:42:2E:16:0C:B1:81:B8:A6:62:E6:1A:FE:A6:D3:C1:C7:B9:94:59
X509v3 Authority Key Identifier:
keyid:3F:A1:36:D7:64:3F:DC:0D:3F:B1:D5:34:67:D8:AB:B2:99:B7:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6E212Q_3A0_sdU0Z9irspm3kXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/H0IuFgyxgbimYuYa_qbTwce5lFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/P6E212Q_3A0_sdU0Z9irspm3kXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d74::/48
Signature Algorithm: sha256WithRSAEncryption
00:c2:a9:c1:16:05:60:77:89:27:06:51:07:43:07:69:bc:1c:
01:cc:9b:ab:2d:8f:68:47:e2:a2:31:d9:45:92:25:17:d0:2f:
c2:61:fd:17:b1:92:d2:3f:da:b3:21:6c:c0:36:17:d2:6e:e7:
9a:01:25:19:5c:19:8b:73:62:df:3f:7c:df:e0:8a:9e:a1:7b:
c4:dc:de:4c:72:d6:7c:a4:67:1e:94:63:3f:d3:1e:24:d3:86:
6e:6e:20:52:00:35:46:08:80:6c:3d:30:ce:86:63:8e:c5:fe:
12:4c:4a:da:83:1c:c2:23:3c:35:30:c2:01:e8:7f:f6:1b:ab:
8e:0a:25:76:24:57:24:41:6a:0d:02:17:76:46:73:b6:f0:ec:
ba:d1:f2:11:79:c1:08:63:06:83:b7:cd:01:ba:0b:fe:db:ef:
79:84:e1:d5:96:b4:27:20:d0:6c:03:a8:60:27:53:78:5c:89:
72:59:09:36:5a:00:21:c6:59:8e:9a:b7:e7:db:ef:2c:a1:1b:
81:0d:84:77:47:56:c3:00:73:97:d3:e7:f9:b4:99:af:ec:57:
40:ad:e7:ac:20:95:c3:38:f2:a5:38:e8:ad:03:79:c5:f6:80:
07:c1:c9:60:0b:02:69:8b:06:7f:c0:c4:a0:59:6b:fb:9d:a6:
1a:4e:5c:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzfnNvwFwv2TUr2qUqPJUa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYTEzNmQ3NjQzZmRjMGQzZmIxZDUzNDY3ZDhhYmIyOTli
NzkxNzEwHhcNMjQwMTA2MTYzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQyMmUxNjBjYjE4MWI4YTY2MmU2MWFmZWE2ZDNjMWM3Yjk5NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vlmyzICqQUXht6cJ9+onkq2OeVr
hsk6xJnGDyPJlJd21pAxn9Mnrsgdfp3lrGfMQYDrVtVa2O8W4zRyJa4uXOQY+mx4
31gvlDrHw+6rf2J5X8DapJrwyceYqg2Mns+ozWBJtnh7O6XmFepqMHUD4O4442MI
7H/VAqmP9QkdSS2ocw+HIZ9pZinpV5CkaTzB0yT/Uv1ugAQNtwzo74K3wSgrV/1Z
7E1Iy6kk6awj5iMmUVqlrzoG7+XGFtneNWnaB2UHox/S/kSEgN9thlFv/uPO8RlO
zhq7LvbOK6i88p1reI4bS94V9qqmlUv6njxTEcQWjmnUIKHG6KOWlDs+TwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB9CLhYMsYG4pmLmGv6m08HHuZRZMB8GA1UdIwQY
MBaAFD+hNtdkP9wNP7HVNGfYq7KZt5FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZFMjEyUV8zQTBfc2RVMFo5aXJzcG0za1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82NTVkNTMtOTRjNS00YTk3LTg4YTEt
ZDI3N2E1ZjNiOWUwLzEvSDBJdUZneXhnYmltWXVZYV9xYlR3Y2U1bEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82NTVkNTMtOTRjNS00YTk3LTg4YTEtZDI3N2E1ZjNiOWUw
LzEvUDZFMjEyUV8zQTBfc2RVMFo5aXJzcG0za1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA10
MA0GCSqGSIb3DQEBCwUAA4IBAQAAwqnBFgVgd4knBlEHQwdpvBwBzJurLY9oR+Ki
MdlFkiUX0C/CYf0XsZLSP9qzIWzANhfSbueaASUZXBmLc2LfP3zf4IqeoXvE3N5M
ctZ8pGcelGM/0x4k04ZubiBSADVGCIBsPTDOhmOOxf4STEragxzCIzw1MMIB6H/2
G6uOCiV2JFckQWoNAhd2RnO28Oy60fIRecEIYwaDt80Bugv+2+95hOHVlrQnINBs
A6hgJ1N4XIlyWQk2WgAhxlmOmrfn2+8soRuBDYR3R1bDAHOX0+f5tJmv7FdArees
IJXDOPKlOOitA3nF9oAHwclgCwJpiwZ/wMSgWWv7naYaTlwN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:29 2025 by rpki-client