Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/g8SIvE2oQDdkop_mNJEiiLVNS-c.roa
File: g8SIvE2oQDdkop_mNJEiiLVNS-c.roa (raw, json)
Hash identifier: rr7W/7kwc2dLwIe9Zj1W6KZmokPqdKO+a1s0Leyn6BU=
Subject key identifier: 83:C4:88:BC:4D:A8:40:37:64:A2:9F:E6:34:91:22:88:B5:4D:4B:E7
Certificate issuer: /CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Certificate serial: 0191D0013150A347AD041B1A2C53F1EBDC0C
Authority key identifier: 99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/g8SIvE2oQDdkop_mNJEiiLVNS-c.roa
Signing time: Sun 08 Sep 2024 05:00:24 +0000
ROA not before: Sun 08 Sep 2024 05:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214998
IP address blocks: 2a07:5900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Oct 2024 17:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d0:01:31:50:a3:47:ad:04:1b:1a:2c:53:f1:eb:dc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Validity
Not Before: Sep 8 05:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83c488bc4da8403764a29fe634912288b54d4be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1c:38:f3:af:6a:e7:c6:bc:dd:66:57:00:45:
32:0f:ba:2d:30:5d:a6:8e:2a:97:99:a8:5e:76:ae:
7c:c9:86:ca:a6:fe:2d:6a:6e:a9:c5:af:3a:0d:ba:
5f:2e:53:59:2b:37:ee:60:52:e0:1c:32:4b:37:e8:
74:e6:2e:c2:10:35:5a:af:3e:07:0b:49:09:ab:98:
22:9e:15:f6:5c:8c:f6:cc:50:33:b5:e6:ed:56:dd:
08:1f:91:65:46:f5:d2:ca:58:80:ab:9c:00:4b:55:
0c:65:c5:98:1d:a3:bd:d5:5e:63:89:1e:bc:e5:40:
6e:43:f7:87:15:54:ab:ed:c2:9a:83:d8:aa:dc:c2:
a8:b5:57:a6:74:41:b7:21:cd:bd:ab:7e:b7:dc:67:
f0:eb:09:97:cc:f2:c2:53:f5:ac:42:75:08:eb:c8:
67:be:51:c0:a5:56:f1:c5:db:88:b4:68:e6:cb:0d:
b9:1d:6e:ed:1d:92:41:92:64:7e:38:ce:66:a7:94:
1e:6f:a5:53:57:d2:ad:ca:e5:4f:2a:53:e8:89:c5:
03:41:07:cb:ca:c9:49:44:a0:1c:0a:29:24:7b:fa:
2e:ee:0c:cf:b4:f0:b3:9e:47:16:5a:f3:f5:3f:ae:
41:1a:1d:8b:5d:5f:f2:93:0d:4c:92:e8:15:88:14:
1d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C4:88:BC:4D:A8:40:37:64:A2:9F:E6:34:91:22:88:B5:4D:4B:E7
X509v3 Authority Key Identifier:
keyid:99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/g8SIvE2oQDdkop_mNJEiiLVNS-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5900::/29
Signature Algorithm: sha256WithRSAEncryption
89:9d:e9:03:5e:bf:96:d0:96:0b:15:7d:2a:72:d3:73:9f:77:
f1:fe:85:69:9c:60:5c:e5:8a:cf:f8:ba:06:8b:7e:38:55:7a:
0e:20:05:9f:da:6a:ff:64:63:8c:20:e9:e3:44:5f:8d:5c:18:
33:a3:2e:ef:dc:aa:20:fd:1a:5d:c4:87:50:b6:6d:22:32:70:
ba:cd:81:bb:ae:23:84:d1:f6:61:e6:95:f8:a0:27:2e:a8:19:
86:39:7f:04:54:b5:20:c2:be:a2:a8:b0:47:69:4d:82:e2:e4:
33:ce:cc:39:05:4f:67:74:c6:eb:1f:64:be:c0:5e:e5:29:c1:
26:15:dd:9b:c5:bb:3d:a7:32:b7:f5:d8:fa:4b:4f:ec:34:03:
66:fb:1b:58:77:a7:3b:ae:f1:53:32:82:a9:f7:eb:2f:16:15:
f6:c5:b3:16:9c:07:77:75:56:c0:3a:7d:92:10:0f:e4:8f:a4:
c3:63:b8:e9:5f:ee:35:57:d6:1d:35:f2:09:5a:56:ac:56:c5:
90:b0:bf:f3:fb:69:c6:5a:45:fb:7f:a5:03:b1:b5:27:8e:8f:
4f:4a:45:07:26:be:52:16:60:25:77:58:d5:f0:61:8b:21:d7:
80:ed:ee:19:06:e3:d7:87:04:0a:86:73:bf:1b:2c:f5:5a:f4:
b6:56:74:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZHQATFQo0etBBsaLFPx69wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjhmZDI5MmM4YTFiODk2Yjg3NTIzNDRhM2RhOTIzNzhm
MmFlNWEwHhcNMjQwOTA4MDUwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M0ODhiYzRkYTg0MDM3NjRhMjlmZTYzNDkxMjI4OGI1NGQ0YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhw4869q58a83WZXAEUyD7otMF2m
jiqXmahedq58yYbKpv4tam6pxa86DbpfLlNZKzfuYFLgHDJLN+h05i7CEDVarz4H
C0kJq5ginhX2XIz2zFAztebtVt0IH5FlRvXSyliAq5wAS1UMZcWYHaO91V5jiR68
5UBuQ/eHFVSr7cKag9iq3MKotVemdEG3Ic29q3633Gfw6wmXzPLCU/WsQnUI68hn
vlHApVbxxduItGjmyw25HW7tHZJBkmR+OM5mp5Qeb6VTV9KtyuVPKlPoicUDQQfL
yslJRKAcCikke/ou7gzPtPCznkcWWvP1P65BGh2LXV/ykw1MkugViBQd0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIPEiLxNqEA3ZKKf5jSRIoi1TUvnMB8GA1UdIwQY
MBaAFJm4/SksihuJa4dSNEo9qSN48q5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDkt
N2VlYWQxNDYxYTU0LzEvZzhTSXZFMm9RRGRrb3BfbU5KRWlpTFZOUy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDktN2VlYWQxNDYxYTU0
LzEvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdZADAN
BgkqhkiG9w0BAQsFAAOCAQEAiZ3pA16/ltCWCxV9KnLTc5938f6FaZxgXOWKz/i6
Bot+OFV6DiAFn9pq/2RjjCDp40RfjVwYM6Mu79yqIP0aXcSHULZtIjJwus2Bu64j
hNH2YeaV+KAnLqgZhjl/BFS1IMK+oqiwR2lNguLkM87MOQVPZ3TG6x9kvsBe5SnB
JhXdm8W7Pacyt/XY+ktP7DQDZvsbWHenO67xUzKCqffrLxYV9sWzFpwHd3VWwDp9
khAP5I+kw2O46V/uNVfWHTXyCVpWrFbFkLC/8/tpxlpF+3+lA7G1J46PT0pFBya+
UhZgJXdY1fBhiyHXgO3uGQbj14cECoZzvxss9Vr0tlZ06Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:40:32 2025 by rpki-client