Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/f3ZeD7EhogwgemNEee2zKsOUNo0.roa
File: f3ZeD7EhogwgemNEee2zKsOUNo0.roa (raw, json)
Hash identifier: oGGLrJx1vlTbHjPX9OXV9yW2nMf1cwcVWE5q5STK/Ek=
Subject key identifier: 7F:76:5E:0F:B1:21:A2:0C:20:7A:63:44:79:ED:B3:2A:C3:94:36:8D
Certificate issuer: /CN=320e7c0ceb4ba2a6f4b96fc4bae1abb853035aba
Certificate serial: 018CC2DB1A2E8820B22E07CC9171B1282689
Authority key identifier: 32:0E:7C:0C:EB:4B:A2:A6:F4:B9:6F:C4:BA:E1:AB:B8:53:03:5A:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mg58DOtLoqb0uW_EuuGruFMDWro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/f3ZeD7EhogwgemNEee2zKsOUNo0.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51942
IP address blocks: 2001:67c:648::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1a:2e:88:20:b2:2e:07:cc:91:71:b1:28:26:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320e7c0ceb4ba2a6f4b96fc4bae1abb853035aba
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f765e0fb121a20c207a634479edb32ac394368d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:15:3f:34:c0:29:e7:cc:28:52:22:7f:c2:14:
99:1f:b6:30:f1:2d:46:76:c7:e0:a7:0d:4f:b4:a8:
eb:7e:f3:26:14:f4:50:ad:c7:0b:c6:de:bf:fd:58:
f7:d3:ac:1e:b7:b5:bc:ab:40:63:7c:1c:b1:a9:01:
0b:5b:33:f7:ce:52:4c:46:d7:0c:9e:eb:89:46:fc:
b6:03:9d:ac:05:1b:cb:18:ec:24:49:85:94:c8:aa:
61:8d:d5:77:8b:3c:0e:90:72:1e:8e:9a:50:25:13:
7b:ce:4f:2d:e7:9c:41:f4:92:3c:dc:7c:6d:10:20:
7e:5f:77:8a:43:a2:c6:e3:7b:4c:d4:6b:1c:a2:72:
a7:ee:89:a2:40:8a:49:a4:b7:ab:f4:b8:24:71:73:
f7:5a:cf:60:e8:5f:9e:a6:95:02:d2:8e:75:78:9b:
5e:02:da:7e:60:0f:5c:4f:52:69:d1:08:4a:7c:c9:
20:fd:fe:9d:68:1e:5e:8f:e4:9e:7c:7e:48:fe:fb:
19:26:ab:08:7f:8f:db:0c:f4:30:68:93:8e:75:37:
dd:8a:0c:57:b0:22:61:44:77:91:e6:ef:3f:0f:50:
3b:a8:6f:6e:e7:fd:cf:2d:ba:b6:8a:fe:f7:63:99:
d1:f4:29:94:ad:49:c4:fa:cd:dd:96:53:b2:4a:bc:
93:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:76:5E:0F:B1:21:A2:0C:20:7A:63:44:79:ED:B3:2A:C3:94:36:8D
X509v3 Authority Key Identifier:
keyid:32:0E:7C:0C:EB:4B:A2:A6:F4:B9:6F:C4:BA:E1:AB:B8:53:03:5A:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mg58DOtLoqb0uW_EuuGruFMDWro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/f3ZeD7EhogwgemNEee2zKsOUNo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/c66bc8-f206-43d0-94be-18aadd659566/1/Mg58DOtLoqb0uW_EuuGruFMDWro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:648::/48
Signature Algorithm: sha256WithRSAEncryption
af:e7:a7:d9:35:c0:61:5e:25:06:d9:26:b1:3c:7b:c0:13:b3:
c4:df:9d:d4:eb:9c:d9:ac:e4:a5:ba:a8:8a:ea:9c:93:1f:62:
64:09:73:1f:e1:55:d0:87:a3:78:70:65:70:2c:0f:7d:3c:89:
5b:b0:b2:92:63:5b:0c:3f:80:b3:59:63:c8:9f:d7:a7:05:71:
a7:67:65:ac:dc:de:74:4c:a8:51:66:c9:53:5e:78:e3:ab:f7:
73:8a:94:08:47:8b:20:f8:6d:38:8b:47:bb:c0:a4:1d:43:5c:
b5:92:f8:2b:d0:9c:ca:71:d3:6c:73:ed:bf:70:c6:02:c3:de:
10:f2:61:b0:fe:54:b0:cc:04:c6:a5:9b:70:6c:5f:86:6b:cc:
a7:18:5f:e7:d5:98:46:e6:8d:9e:91:50:e7:d3:6e:01:f8:b6:
22:0b:58:c2:b3:d9:5c:22:ff:30:2c:4d:d9:35:98:14:a6:4a:
58:e8:7e:e5:b7:6f:ae:ee:37:09:07:86:9d:4d:80:97:cf:8c:
37:97:66:f0:cc:c1:6e:46:3d:02:24:75:cd:70:25:66:11:80:
0b:cf:ab:b0:af:b7:a3:5b:56:62:56:70:c9:25:dd:c1:f8:1e:
84:e0:34:8f:88:06:35:54:63:8e:5d:c7:e2:50:b1:fe:ca:b2:
fc:24:41:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2xouiCCyLgfMkXGxKCaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGU3YzBjZWI0YmEyYTZmNGI5NmZjNGJhZTFhYmI4NTMw
MzVhYmEwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc2NWUwZmIxMjFhMjBjMjA3YTYzNDQ3OWVkYjMyYWMzOTQzNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixU/NMAp58woUiJ/whSZH7Yw8S1G
dsfgpw1PtKjrfvMmFPRQrccLxt6//Vj306wet7W8q0BjfByxqQELWzP3zlJMRtcM
nuuJRvy2A52sBRvLGOwkSYWUyKphjdV3izwOkHIejppQJRN7zk8t55xB9JI83Hxt
ECB+X3eKQ6LG43tM1GsconKn7omiQIpJpLer9LgkcXP3Ws9g6F+eppUC0o51eJte
Atp+YA9cT1Jp0QhKfMkg/f6daB5ej+SefH5I/vsZJqsIf4/bDPQwaJOOdTfdigxX
sCJhRHeR5u8/D1A7qG9u5/3PLbq2iv73Y5nR9CmUrUnE+s3dllOySryTJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH92Xg+xIaIMIHpjRHntsyrDlDaNMB8GA1UdIwQY
MBaAFDIOfAzrS6Km9LlvxLrhq7hTA1q6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWc1OERPdExvcWIwdVdfRXV1R3J1Rk1EV3JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9jNjZiYzgtZjIwNi00M2QwLTk0YmUt
MThhYWRkNjU5NTY2LzEvZjNaZUQ3RWhvZ3dnZW1ORWVlMnpLc09VTm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9jNjZiYzgtZjIwNi00M2QwLTk0YmUtMThhYWRkNjU5NTY2
LzEvTWc1OERPdExvcWIwdVdfRXV1R3J1Rk1EV3JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAZI
MA0GCSqGSIb3DQEBCwUAA4IBAQCv56fZNcBhXiUG2SaxPHvAE7PE353U65zZrOSl
uqiK6pyTH2JkCXMf4VXQh6N4cGVwLA99PIlbsLKSY1sMP4CzWWPIn9enBXGnZ2Ws
3N50TKhRZslTXnjjq/dzipQIR4sg+G04i0e7wKQdQ1y1kvgr0JzKcdNsc+2/cMYC
w94Q8mGw/lSwzATGpZtwbF+Ga8ynGF/n1ZhG5o2ekVDn024B+LYiC1jCs9lcIv8w
LE3ZNZgUpkpY6H7lt2+u7jcJB4adTYCXz4w3l2bwzMFuRj0CJHXNcCVmEYALz6uw
r7ejW1ZiVnDJJd3B+B6E4DSPiAY1VGOOXcfiULH+yrL8JEEr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:06 2025 by rpki-client