Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/fAhEGn-vd-HRQRLyyF0xYKoddB0.roa
File: fAhEGn-vd-HRQRLyyF0xYKoddB0.roa (raw, json)
Hash identifier: XVuVMRQgIqjOGGXKmnkdaSaLSN+fGBYCWcjGaNttZ0o=
Subject key identifier: 7C:08:44:1A:7F:AF:77:E1:D1:41:12:F2:C8:5D:31:60:AA:1D:74:1D
Certificate issuer: /CN=24b660a611980c68273139e32affb74b454a9d32
Certificate serial: 018CC3B6C7C937C44CA0EFA247952DED87A5
Authority key identifier: 24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/fAhEGn-vd-HRQRLyyF0xYKoddB0.roa
Signing time: Mon 01 Jan 2024 06:29:44 +0000
ROA not before: Mon 01 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:d10::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c7:c9:37:c4:4c:a0:ef:a2:47:95:2d:ed:87:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b660a611980c68273139e32affb74b454a9d32
Validity
Not Before: Jan 1 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c08441a7faf77e1d14112f2c85d3160aa1d741d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:1f:45:2c:fe:12:af:6f:9d:2f:29:34:1c:
f3:ac:6c:2c:ee:c0:a1:35:24:38:76:75:9a:a6:b0:
a7:1c:d8:f8:f2:89:f8:2e:0d:60:46:f5:00:66:11:
cc:d8:c7:25:02:0d:cd:68:08:c3:1d:41:ac:3b:b3:
27:a5:fb:c0:1b:25:58:b0:b8:73:c3:ae:1d:a5:7b:
c7:fb:f0:ff:dc:85:2d:3a:e9:d9:5d:73:db:c0:b3:
75:15:6a:b6:a9:cb:8f:4d:8b:78:43:b1:69:55:34:
c9:7b:b9:7f:e0:07:c7:f1:51:37:81:c7:c6:a3:0c:
c5:4a:76:11:03:1b:68:82:db:c7:74:41:19:f9:b5:
e0:9c:ad:d6:3f:1f:24:f2:71:fc:ac:2a:d0:e4:7c:
32:1d:07:87:0d:55:60:c5:6c:69:46:aa:8c:50:b9:
c9:bb:37:53:02:7c:4a:91:d7:d2:8c:d5:cc:1b:39:
b7:40:59:61:c9:6a:6c:16:83:c9:10:eb:73:53:73:
60:c1:01:54:0d:5f:66:85:80:53:aa:4f:4f:35:0d:
83:fb:07:4e:5f:1e:2d:f2:d3:9c:53:32:41:a4:ff:
55:13:46:be:05:77:3c:1d:82:47:21:d0:3b:68:09:
13:79:e1:00:d9:98:a0:58:eb:a4:34:6f:8e:3d:76:
dd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:08:44:1A:7F:AF:77:E1:D1:41:12:F2:C8:5D:31:60:AA:1D:74:1D
X509v3 Authority Key Identifier:
keyid:24:B6:60:A6:11:98:0C:68:27:31:39:E3:2A:FF:B7:4B:45:4A:9D:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLZgphGYDGgnMTnjKv-3S0VKnTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/fAhEGn-vd-HRQRLyyF0xYKoddB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/16d4b5-76bb-4324-9a86-705197507a59/1/JLZgphGYDGgnMTnjKv-3S0VKnTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d10::/48
Signature Algorithm: sha256WithRSAEncryption
2d:cf:e7:12:55:dd:af:9e:17:ca:65:44:25:5f:48:00:88:84:
96:52:7c:96:0d:b4:b4:c2:0d:41:98:41:bb:c9:98:a2:8d:1d:
08:a5:d1:e5:61:b5:1a:11:65:85:1d:44:07:6f:16:9d:75:ba:
61:43:6c:b6:fe:cd:22:a9:f5:5c:ae:85:49:ce:0c:d1:9d:98:
05:63:e7:84:70:c0:59:68:e5:da:6e:03:ed:43:91:ae:06:d8:
5b:8b:d9:b0:fd:3b:3f:85:2e:51:d8:0c:af:76:fb:49:c9:6f:
1b:f8:a5:d4:b2:bb:47:e4:e3:5e:51:a9:e2:0c:d1:f8:d6:31:
93:cd:bd:de:a4:52:3b:95:49:c4:a3:c6:f4:9d:d2:b1:52:3c:
48:f1:7a:2d:e9:8b:9d:40:83:ec:b5:29:12:34:c3:0f:73:a5:
d0:bc:4f:43:12:0e:67:6b:d9:69:5d:a6:ac:93:5e:dd:24:f5:
62:4f:ad:dd:d3:11:6b:5d:34:fb:86:49:16:03:ec:86:6b:ec:
49:24:68:d8:09:53:69:c9:6d:07:03:21:41:65:24:07:9f:bb:
aa:10:4d:10:ca:4a:45:fa:98:43:36:57:b0:31:62:18:74:a1:
fd:93:90:33:33:a4:fa:a3:93:f7:31:8e:ef:31:bc:ef:d5:ec:
e4:32:af:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtsfJN8RMoO+iR5Ut7YelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjY2MGE2MTE5ODBjNjgyNzMxMzllMzJhZmZiNzRiNDU0
YTlkMzIwHhcNMjQwMTAxMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA4NDQxYTdmYWY3N2UxZDE0MTEyZjJjODVkMzE2MGFhMWQ3NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMgfRSz+Eq9vnS8pNBzzrGws7sCh
NSQ4dnWaprCnHNj48on4Lg1gRvUAZhHM2MclAg3NaAjDHUGsO7MnpfvAGyVYsLhz
w64dpXvH+/D/3IUtOunZXXPbwLN1FWq2qcuPTYt4Q7FpVTTJe7l/4AfH8VE3gcfG
owzFSnYRAxtogtvHdEEZ+bXgnK3WPx8k8nH8rCrQ5HwyHQeHDVVgxWxpRqqMULnJ
uzdTAnxKkdfSjNXMGzm3QFlhyWpsFoPJEOtzU3NgwQFUDV9mhYBTqk9PNQ2D+wdO
Xx4t8tOcUzJBpP9VE0a+BXc8HYJHIdA7aAkTeeEA2ZigWOukNG+OPXbdMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHwIRBp/r3fh0UES8shdMWCqHXQdMB8GA1UdIwQY
MBaAFCS2YKYRmAxoJzE54yr/t0tFSp0yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYt
NzA1MTk3NTA3YTU5LzEvZkFoRUduLXZkLUhSUVJMeXlGMHhZS29kZEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNmQ0YjUtNzZiYi00MzI0LTlhODYtNzA1MTk3NTA3YTU5
LzEvSkxaZ3BoR1lER2duTVRuakt2LTNTMFZLblRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA0Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAtz+cSVd2vnhfKZUQlX0gAiISWUnyWDbS0wg1B
mEG7yZiijR0IpdHlYbUaEWWFHUQHbxaddbphQ2y2/s0iqfVcroVJzgzRnZgFY+eE
cMBZaOXabgPtQ5GuBthbi9mw/Ts/hS5R2AyvdvtJyW8b+KXUsrtH5ONeUaniDNH4
1jGTzb3epFI7lUnEo8b0ndKxUjxI8Xot6YudQIPstSkSNMMPc6XQvE9DEg5na9lp
Xaask17dJPViT63d0xFrXTT7hkkWA+yGa+xJJGjYCVNpyW0HAyFBZSQHn7uqEE0Q
ykpF+phDNlewMWIYdKH9k5AzM6T6o5P3MY7vMbzv1ezkMq+J
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:08 2025 by rpki-client