Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/8ApQZDMdtFxBTaYrM5TULQtJZ0g.roa
File: 8ApQZDMdtFxBTaYrM5TULQtJZ0g.roa (raw, json)
Hash identifier: TsmvULY4N/hxVMA7fXd/fsafpz3QsGezNU+SV5KDfDo=
Subject key identifier: F0:0A:50:64:33:1D:B4:5C:41:4D:A6:2B:33:94:D4:2D:0B:49:67:48
Certificate issuer: /CN=aa734ef5ae21c0e897fa186447184ec9ad4ae29d
Certificate serial: 018DFAA8AB19E5134CBC9B49C8C433F932F2
Authority key identifier: AA:73:4E:F5:AE:21:C0:E8:97:FA:18:64:47:18:4E:C9:AD:4A:E2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnNO9a4hwOiX-hhkRxhOya1K4p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/8ApQZDMdtFxBTaYrM5TULQtJZ0g.roa
Signing time: Fri 01 Mar 2024 15:36:14 +0000
ROA not before: Fri 01 Mar 2024 15:36:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208853
IP address blocks: 2a0e:6ac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:a8:ab:19:e5:13:4c:bc:9b:49:c8:c4:33:f9:32:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa734ef5ae21c0e897fa186447184ec9ad4ae29d
Validity
Not Before: Mar 1 15:36:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f00a5064331db45c414da62b3394d42d0b496748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:8e:6f:05:4d:94:34:7c:31:1c:89:b3:60:
8f:9a:c6:61:7a:b1:17:39:32:ba:8f:c7:33:a4:6c:
63:f5:95:05:42:a1:cb:d9:12:35:b5:30:3f:01:92:
bf:5e:99:7b:ff:05:27:5a:c1:6c:3a:29:e9:a5:db:
2c:b9:8e:19:f1:fe:b7:17:48:62:c6:4c:2a:4e:5e:
70:cc:77:a7:38:2a:90:85:60:6c:0f:5a:ff:39:b0:
58:79:4a:04:a1:78:44:77:7a:2f:9f:26:ac:35:a7:
a7:5f:19:bc:ff:2d:dc:67:48:ab:42:5c:be:09:27:
8b:57:90:d0:7e:0d:63:ba:3c:b1:e2:2d:bf:1e:43:
c8:7c:8a:e4:91:8d:91:33:dc:ff:b2:80:d5:bf:3d:
7c:88:ff:d3:bc:c8:da:0e:00:85:93:45:e1:42:cb:
c6:2d:e4:ac:8b:8f:e9:7d:bb:bc:85:b5:5d:65:06:
e2:2a:75:85:21:68:4a:92:2f:ee:c7:cd:43:11:df:
8f:fe:b4:65:68:87:ec:39:10:09:5d:37:4a:fc:06:
6e:c4:fa:ae:fa:87:7f:39:2d:4e:80:da:f3:77:51:
06:92:f1:1c:9b:15:fb:ae:52:a0:fe:26:9c:55:6c:
ae:e3:7a:66:c2:83:26:77:be:f1:2f:e0:4d:22:4d:
6d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:0A:50:64:33:1D:B4:5C:41:4D:A6:2B:33:94:D4:2D:0B:49:67:48
X509v3 Authority Key Identifier:
keyid:AA:73:4E:F5:AE:21:C0:E8:97:FA:18:64:47:18:4E:C9:AD:4A:E2:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnNO9a4hwOiX-hhkRxhOya1K4p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/8ApQZDMdtFxBTaYrM5TULQtJZ0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/qnNO9a4hwOiX-hhkRxhOya1K4p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:6ac0:1::/48
Signature Algorithm: sha256WithRSAEncryption
5f:d2:29:24:b0:91:f5:d4:ea:22:93:c7:34:37:3d:93:04:b8:
c6:fd:02:99:aa:1c:97:30:1a:01:38:5e:ce:72:b3:97:4a:13:
d3:bd:4d:70:fb:c5:a7:96:b9:44:89:f1:cf:2f:80:85:68:0d:
e8:24:45:f9:85:2c:27:78:45:74:c3:a6:97:7d:59:b8:06:fd:
8f:fb:e8:cd:c5:9c:cb:c3:07:18:18:a9:73:d8:8a:a3:64:a9:
2c:49:cd:91:b6:e3:d5:96:0f:80:f6:58:3b:a2:d8:60:e7:ba:
ff:13:81:de:a5:ae:a5:03:ed:58:f4:73:df:10:86:fb:a5:b4:
bc:04:0c:6b:cb:17:f1:e3:a5:d5:83:9e:f8:db:63:c7:7d:15:
e9:53:de:b2:9d:ac:f2:09:7c:c9:3a:48:30:61:a7:43:b4:54:
60:12:bb:59:21:93:05:34:fb:a5:3e:87:69:4e:9d:2b:98:69:
94:6b:47:1a:dd:ee:51:33:69:0b:29:ba:a0:cc:88:86:dd:3e:
bf:6e:b8:ca:c6:21:91:a6:26:5c:b8:f3:c8:ff:79:fb:39:73:
66:a2:94:37:16:87:6e:5c:fc:c6:19:c9:bd:50:4a:2c:b6:59:
07:47:da:72:59:97:74:d7:0a:8e:d5:21:c8:b5:95:76:75:ce:
a0:d9:a7:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY36qKsZ5RNMvJtJyMQz+TLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzM0ZWY1YWUyMWMwZTg5N2ZhMTg2NDQ3MTg0ZWM5YWQ0
YWUyOWQwHhcNMjQwMzAxMTUzNjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDBhNTA2NDMzMWRiNDVjNDE0ZGE2MmIzMzk0ZDQyZDBiNDk2NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7mObwVNlDR8MRyJs2CPmsZherEX
OTK6j8czpGxj9ZUFQqHL2RI1tTA/AZK/Xpl7/wUnWsFsOinppdssuY4Z8f63F0hi
xkwqTl5wzHenOCqQhWBsD1r/ObBYeUoEoXhEd3ovnyasNaenXxm8/y3cZ0irQly+
CSeLV5DQfg1jujyx4i2/HkPIfIrkkY2RM9z/soDVvz18iP/TvMjaDgCFk0XhQsvG
LeSsi4/pfbu8hbVdZQbiKnWFIWhKki/ux81DEd+P/rRlaIfsORAJXTdK/AZuxPqu
+od/OS1OgNrzd1EGkvEcmxX7rlKg/iacVWyu43pmwoMmd77xL+BNIk1t4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPAKUGQzHbRcQU2mKzOU1C0LSWdIMB8GA1UdIwQY
MBaAFKpzTvWuIcDol/oYZEcYTsmtSuKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5OTzlhNGh3T2lYLWhoa1J4aE95YTFLNHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83NDgxMTEtMGUxMC00NzkyLTliMWIt
ZGE3ODBjZmI5OWE0LzEvOEFwUVpETWR0RnhCVGFZck01VFVMUXRKWjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83NDgxMTEtMGUxMC00NzkyLTliMWItZGE3ODBjZmI5OWE0
LzEvcW5OTzlhNGh3T2lYLWhoa1J4aE95YTFLNHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg5qwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBf0ikksJH11Ooik8c0Nz2TBLjG/QKZqhyXMBoB
OF7OcrOXShPTvU1w+8WnlrlEifHPL4CFaA3oJEX5hSwneEV0w6aXfVm4Bv2P++jN
xZzLwwcYGKlz2IqjZKksSc2RtuPVlg+A9lg7othg57r/E4Hepa6lA+1Y9HPfEIb7
pbS8BAxryxfx46XVg57422PHfRXpU96ynazyCXzJOkgwYadDtFRgErtZIZMFNPul
PodpTp0rmGmUa0ca3e5RM2kLKbqgzIiG3T6/brjKxiGRpiZcuPPI/3n7OXNmopQ3
FoduXPzGGcm9UEostlkHR9pyWZd01wqO1SHItZV2dc6g2aek
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:34 2025 by rpki-client