Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/8C_TY4XLzLvmWneW_S8HjxKcTGQ.roa
File: 8C_TY4XLzLvmWneW_S8HjxKcTGQ.roa (raw, json)
Hash identifier: DJcy6kPBXoZFG0afzGci5IR2oGESenmmigN1Qm11G0w=
Subject key identifier: F0:2F:D3:63:85:CB:CC:BB:E6:5A:77:96:FD:2F:07:8F:12:9C:4C:64
Certificate issuer: /CN=abc1918c1f45e6ec17daca67a7ad193caf04b7b2
Certificate serial: 019371BFB7995ABCCC4588A7DDC6A54E0E29
Authority key identifier: AB:C1:91:8C:1F:45:E6:EC:17:DA:CA:67:A7:AD:19:3C:AF:04:B7:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8GRjB9F5uwX2spnp60ZPK8Et7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/8C_TY4XLzLvmWneW_S8HjxKcTGQ.roa
Signing time: Thu 28 Nov 2024 07:50:09 +0000
ROA not before: Thu 28 Nov 2024 07:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215938
IP address blocks: 2a14:52c0:4042::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:bf:b7:99:5a:bc:cc:45:88:a7:dd:c6:a5:4e:0e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc1918c1f45e6ec17daca67a7ad193caf04b7b2
Validity
Not Before: Nov 28 07:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f02fd36385cbccbbe65a7796fd2f078f129c4c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:80:01:cd:07:7f:9b:6f:79:00:db:5b:16:23:
e5:c4:65:9f:3b:65:58:98:a4:f2:66:4e:ea:f7:7f:
8d:70:37:0d:ed:88:f4:cc:60:b2:bf:9c:67:a5:c1:
a0:48:b0:9a:e0:14:63:e4:c3:53:67:36:90:69:d7:
01:77:c8:29:f9:59:76:7d:bf:3f:4b:05:9a:c7:71:
60:20:27:7c:27:a5:4a:00:87:09:df:03:40:bf:2d:
75:ce:16:f2:80:5d:65:08:8c:96:66:f7:d7:ca:7e:
3e:37:76:25:23:78:42:b0:66:16:55:16:b6:e2:05:
35:51:55:54:21:b1:c1:3c:7a:54:2f:d1:99:31:49:
11:dd:9b:b6:8a:58:6f:a3:13:86:70:e4:f3:a5:d5:
f5:18:4e:6a:0a:0d:ff:02:eb:41:a1:1a:91:6c:41:
82:14:52:b8:4e:3b:d3:af:a6:82:98:bd:8f:5c:a5:
2e:e2:7f:f7:09:e3:51:ec:bf:a9:9b:a4:0b:fe:fe:
f3:33:00:ea:dd:5b:55:2d:63:57:b1:02:04:5f:c8:
a2:d9:75:af:f3:05:3d:27:ca:3a:4d:6e:dd:55:a3:
94:d0:ff:ac:18:ca:d2:bd:cc:3b:11:1a:6e:fb:20:
da:40:15:b0:68:68:f0:4b:f4:06:db:aa:90:7c:f1:
12:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2F:D3:63:85:CB:CC:BB:E6:5A:77:96:FD:2F:07:8F:12:9C:4C:64
X509v3 Authority Key Identifier:
keyid:AB:C1:91:8C:1F:45:E6:EC:17:DA:CA:67:A7:AD:19:3C:AF:04:B7:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8GRjB9F5uwX2spnp60ZPK8Et7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/8C_TY4XLzLvmWneW_S8HjxKcTGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8f88de-daed-48d2-b701-6bb5fe665750/1/q8GRjB9F5uwX2spnp60ZPK8Et7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:52c0:4042::/48
Signature Algorithm: sha256WithRSAEncryption
06:62:71:bb:1d:93:35:8a:10:80:a6:a0:49:3d:8a:1e:8d:ab:
48:ea:6b:1e:3e:5e:c9:be:f0:9c:d2:bd:e3:43:9d:0c:bd:8e:
e3:ac:f9:d3:ed:7d:c6:b7:dc:9b:aa:70:b7:9c:c3:f0:83:a9:
5d:66:71:4e:1a:04:1c:39:d7:88:74:e4:9e:ca:84:4f:73:72:
b2:34:02:f8:99:e5:d0:ba:e9:30:f2:32:33:6b:ca:12:de:08:
1e:3b:8b:4a:57:42:b1:ad:b9:44:c4:5c:2f:65:20:97:d0:ea:
8b:ef:ab:05:ac:db:4b:a7:d5:bb:8e:38:7a:ad:5d:80:6e:0a:
b9:5a:7f:3a:e5:ea:51:3d:ee:5f:43:6d:38:0d:a6:8d:93:4c:
99:2c:de:f2:48:42:74:e3:27:b8:24:d3:ea:df:b3:9b:32:12:
a1:19:c7:4d:7e:f5:3d:3e:81:bb:72:ae:55:c6:61:41:0c:4e:
26:42:90:46:fd:4e:2f:33:db:67:b7:9f:74:0e:8f:8f:a3:63:
66:9d:51:b7:ea:5f:e7:6a:e6:6f:62:2b:cc:68:03:1f:d7:41:
cb:a4:df:63:7e:cb:5d:4a:e2:ee:4e:4f:47:67:35:49:fd:1d:
c1:3d:eb:94:1e:ef:a0:36:b3:43:81:f9:ae:b9:b8:ae:9d:d1:
b2:94:81:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNxv7eZWrzMRYin3calTg4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzE5MThjMWY0NWU2ZWMxN2RhY2E2N2E3YWQxOTNjYWYw
NGI3YjIwHhcNMjQxMTI4MDc1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJmZDM2Mzg1Y2JjY2JiZTY1YTc3OTZmZDJmMDc4ZjEyOWM0YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIABzQd/m295ANtbFiPlxGWfO2VY
mKTyZk7q93+NcDcN7Yj0zGCyv5xnpcGgSLCa4BRj5MNTZzaQadcBd8gp+Vl2fb8/
SwWax3FgICd8J6VKAIcJ3wNAvy11zhbygF1lCIyWZvfXyn4+N3YlI3hCsGYWVRa2
4gU1UVVUIbHBPHpUL9GZMUkR3Zu2ilhvoxOGcOTzpdX1GE5qCg3/AutBoRqRbEGC
FFK4TjvTr6aCmL2PXKUu4n/3CeNR7L+pm6QL/v7zMwDq3VtVLWNXsQIEX8ii2XWv
8wU9J8o6TW7dVaOU0P+sGMrSvcw7ERpu+yDaQBWwaGjwS/QG26qQfPESwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPAv02OFy8y75lp3lv0vB48SnExkMB8GA1UdIwQY
MBaAFKvBkYwfRebsF9rKZ6etGTyvBLeyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThHUmpCOUY1dXdYMnNwbnA2MFpQSzhFdDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84Zjg4ZGUtZGFlZC00OGQyLWI3MDEt
NmJiNWZlNjY1NzUwLzEvOENfVFk0WEx6THZtV25lV19TOEhqeEtjVEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84Zjg4ZGUtZGFlZC00OGQyLWI3MDEtNmJiNWZlNjY1NzUw
LzEvcThHUmpCOUY1dXdYMnNwbnA2MFpQSzhFdDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRSwEBC
MA0GCSqGSIb3DQEBCwUAA4IBAQAGYnG7HZM1ihCApqBJPYoejatI6msePl7JvvCc
0r3jQ50MvY7jrPnT7X3Gt9ybqnC3nMPwg6ldZnFOGgQcOdeIdOSeyoRPc3KyNAL4
meXQuukw8jIza8oS3ggeO4tKV0KxrblExFwvZSCX0OqL76sFrNtLp9W7jjh6rV2A
bgq5Wn865epRPe5fQ204DaaNk0yZLN7ySEJ04ye4JNPq37ObMhKhGcdNfvU9PoG7
cq5VxmFBDE4mQpBG/U4vM9tnt590Do+Po2NmnVG36l/nauZvYivMaAMf10HLpN9j
fstdSuLuTk9HZzVJ/R3BPeuUHu+gNrNDgfmuubiundGylIGS
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:44 2025 by rpki-client