Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/gNFMPkgWSGnOjHYE2YEpCmVyM7w.roa
File: gNFMPkgWSGnOjHYE2YEpCmVyM7w.roa (raw, json)
Hash identifier: klqvWs9LBFLmv3785G/yxSqyRKIVwRBSw3BxhbpRvrk=
Subject key identifier: 80:D1:4C:3E:48:16:48:69:CE:8C:76:04:D9:81:29:0A:65:72:33:BC
Certificate issuer: /CN=cfc7ef2b766594892d78928cbe781779fdce67d0
Certificate serial: 018CC2DABC0479B9A5412C89CDCF16872962
Authority key identifier: CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/gNFMPkgWSGnOjHYE2YEpCmVyM7w.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3096
IP address blocks: 2a02:6a0:8ffe::/48 maxlen: 48
2a02:6a0:8fff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:04:79:b9:a5:41:2c:89:cd:cf:16:87:29:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc7ef2b766594892d78928cbe781779fdce67d0
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80d14c3e48164869ce8c7604d981290a657233bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:03:e9:ae:d0:43:44:57:72:5c:1a:69:c6:b4:
5e:6a:26:01:19:e4:04:80:66:21:02:17:80:c7:09:
8a:61:92:18:6b:ec:e0:03:66:50:28:56:a4:4d:c8:
be:3a:a9:7c:40:5c:1f:1b:a0:55:64:b0:da:bf:09:
3b:91:7c:93:d2:aa:ef:02:4e:63:ad:02:66:ed:7f:
91:51:43:6d:61:b9:35:a8:3a:50:98:7c:df:be:ff:
f7:e0:a5:31:41:b0:3b:be:08:08:bb:e6:e1:84:9a:
3a:92:0e:d7:34:6f:ff:96:25:7e:1e:0f:4f:32:1f:
3f:2e:84:f0:fd:8e:36:00:15:fe:22:01:61:e4:e6:
61:12:50:95:32:50:46:63:ef:1f:18:87:4d:39:cd:
dc:e9:28:78:8c:e3:2c:24:44:f6:cc:f4:42:eb:94:
5c:6b:51:36:b8:3e:a4:8b:20:3e:d4:f7:51:32:ca:
d7:b6:e9:23:73:5a:f0:d4:ab:58:6f:72:7e:c7:c0:
dc:45:86:16:68:fa:a7:03:97:a5:6e:c6:61:a4:55:
ce:8b:95:65:30:6c:3a:9a:71:7e:bb:41:06:23:fe:
fe:45:7e:e6:f4:40:82:be:92:66:da:4b:d6:d6:e5:
1b:bf:89:1f:6f:68:14:da:e8:57:28:0b:f7:a0:a3:
88:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D1:4C:3E:48:16:48:69:CE:8C:76:04:D9:81:29:0A:65:72:33:BC
X509v3 Authority Key Identifier:
keyid:CF:C7:EF:2B:76:65:94:89:2D:78:92:8C:BE:78:17:79:FD:CE:67:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8fvK3ZllIkteJKMvngXef3OZ9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/gNFMPkgWSGnOjHYE2YEpCmVyM7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd0b2c-29e2-4737-9eb7-8cd55b03d22d/1/z8fvK3ZllIkteJKMvngXef3OZ9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:6a0:8ffe::/47
Signature Algorithm: sha256WithRSAEncryption
61:ff:8c:81:12:ca:b9:0e:db:9a:8d:73:66:2c:6f:60:6f:eb:
08:f5:ce:23:5b:cd:e5:99:55:c7:0f:77:b9:1f:52:b2:0f:bb:
54:f9:4a:81:38:af:94:eb:10:50:1f:2e:de:a1:b5:82:77:85:
df:54:b1:83:10:05:ba:1d:0d:a1:68:9c:c0:21:44:17:9f:9d:
8f:a1:09:75:44:bc:22:9c:f3:1c:9c:1f:11:41:d1:bc:39:1a:
de:0c:43:9b:db:c9:30:06:c7:2e:06:d7:a8:70:c7:41:b9:95:
b4:80:98:59:5f:4b:6d:9a:bb:39:9e:ba:16:0f:29:b8:8b:5f:
dd:cb:f4:b6:05:98:11:7c:00:b2:82:78:bd:11:36:72:c2:42:
6c:e1:95:c9:42:cd:32:af:10:c3:52:4d:4a:34:04:05:02:20:
b7:69:b7:6b:4f:2c:1d:40:fc:bd:4d:3e:f2:40:90:d4:a2:a2:
96:85:0f:c0:04:c3:8c:56:d5:2c:07:a7:2b:ba:90:e7:ff:85:
44:5f:1d:a7:e8:1b:90:94:bb:d0:e4:43:97:e7:9b:47:a3:22:
91:e4:bd:c0:2d:c6:90:27:b8:d1:6b:92:c8:a8:ec:9a:38:db:
34:d0:e5:61:e5:8b:35:1e:35:3e:48:b3:2d:7c:03:ee:fa:4e:
77:dd:35:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2rwEebmlQSyJzc8WhyliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzdlZjJiNzY2NTk0ODkyZDc4OTI4Y2JlNzgxNzc5ZmRj
ZTY3ZDAwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQxNGMzZTQ4MTY0ODY5Y2U4Yzc2MDRkOTgxMjkwYTY1NzIzM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggPprtBDRFdyXBppxrReaiYBGeQE
gGYhAheAxwmKYZIYa+zgA2ZQKFakTci+Oql8QFwfG6BVZLDavwk7kXyT0qrvAk5j
rQJm7X+RUUNtYbk1qDpQmHzfvv/34KUxQbA7vggIu+bhhJo6kg7XNG//liV+Hg9P
Mh8/LoTw/Y42ABX+IgFh5OZhElCVMlBGY+8fGIdNOc3c6Sh4jOMsJET2zPRC65Rc
a1E2uD6kiyA+1PdRMsrXtukjc1rw1KtYb3J+x8DcRYYWaPqnA5elbsZhpFXOi5Vl
MGw6mnF+u0EGI/7+RX7m9ECCvpJm2kvW1uUbv4kfb2gU2uhXKAv3oKOISwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIDRTD5IFkhpzox2BNmBKQplcjO8MB8GA1UdIwQY
MBaAFM/H7yt2ZZSJLXiSjL54F3n9zmfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjct
OGNkNTViMDNkMjJkLzEvZ05GTVBrZ1dTR25PakhZRTJZRXBDbVZ5TTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9jZDBiMmMtMjllMi00NzM3LTllYjctOGNkNTViMDNkMjJk
LzEvejhmdkszWmxsSWt0ZUpLTXZuZ1hlZjNPWjlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgIGoI/+
MA0GCSqGSIb3DQEBCwUAA4IBAQBh/4yBEsq5DtuajXNmLG9gb+sI9c4jW83lmVXH
D3e5H1KyD7tU+UqBOK+U6xBQHy7eobWCd4XfVLGDEAW6HQ2haJzAIUQXn52PoQl1
RLwinPMcnB8RQdG8ORreDEOb28kwBscuBteocMdBuZW0gJhZX0ttmrs5nroWDym4
i1/dy/S2BZgRfACygni9ETZywkJs4ZXJQs0yrxDDUk1KNAQFAiC3abdrTywdQPy9
TT7yQJDUoqKWhQ/ABMOMVtUsB6crupDn/4VEXx2n6BuQlLvQ5EOX55tHoyKR5L3A
LcaQJ7jRa5LIqOyaONs00OVh5Ys1HjU+SLMtfAPu+k533TXS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:24 2025 by rpki-client