Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9LFtPZo8P9vy1JY5VyRkAj53KV4.roa
File: 9LFtPZo8P9vy1JY5VyRkAj53KV4.roa (raw, json)
Hash identifier: gGxKGtv9M3ngsvTPFa0tPrJwptvcasI9vw7jZmp8d6Q=
Subject key identifier: F4:B1:6D:3D:9A:3C:3F:DB:F2:D4:96:39:57:24:64:02:3E:77:29:5E
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0191663F30F1E4219031C2039F36F4542A68
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9LFtPZo8P9vy1JY5VyRkAj53KV4.roa
Signing time: Sun 18 Aug 2024 16:08:22 +0000
ROA not before: Sun 18 Aug 2024 16:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214610
IP address blocks: 2a0f:7803:f860::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 15:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:66:3f:30:f1:e4:21:90:31:c2:03:9f:36:f4:54:2a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Aug 18 16:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4b16d3d9a3c3fdbf2d49639572464023e77295e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:4a:ba:28:de:47:35:88:24:03:4a:1c:28:
8e:c7:42:d7:9a:64:11:c6:6e:00:43:de:14:64:03:
2c:7e:86:45:77:8f:ba:f1:8e:ad:a5:35:a5:05:67:
b8:f7:26:c6:be:4a:24:cf:56:a6:4d:15:f2:b2:80:
ee:8a:9f:6a:e8:26:32:59:b1:de:40:94:83:32:a5:
a0:3a:39:ce:4e:a7:2c:49:83:1f:8a:bd:24:7e:00:
92:66:46:24:c6:b4:14:31:72:b6:aa:0b:62:8a:5e:
f9:b5:a3:b4:81:41:30:7e:c2:f4:d5:ca:d2:73:18:
0b:1d:2d:3a:7b:93:30:f3:6c:1b:92:ca:59:30:e4:
75:49:f0:be:8f:d9:1c:5e:36:d4:f2:a4:10:41:48:
dc:39:77:68:d7:ff:bb:a3:8d:a5:88:6a:6c:ea:41:
70:c0:dc:7e:3d:d7:29:39:7e:92:5b:e8:fb:f6:1d:
4a:11:13:4c:37:c0:fb:a2:6a:08:f7:ea:34:02:3b:
b7:ac:25:b3:c5:2b:98:1b:a6:35:4d:0f:40:63:84:
ef:8a:4f:b3:6a:1d:5f:38:d9:8f:a9:90:4e:50:c1:
cc:fc:8f:40:89:1f:30:e6:e3:64:9c:de:e9:9a:a7:
c6:08:b9:72:d5:15:f3:3d:0c:92:e3:39:3d:1f:85:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B1:6D:3D:9A:3C:3F:DB:F2:D4:96:39:57:24:64:02:3E:77:29:5E
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/9LFtPZo8P9vy1JY5VyRkAj53KV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:f860::/44
Signature Algorithm: sha256WithRSAEncryption
91:fa:3e:27:5d:14:4b:aa:0c:34:3a:c7:3e:7e:d9:3a:50:59:
62:99:2d:b3:5a:ca:72:90:43:ae:04:be:08:32:34:58:c1:bb:
b4:23:23:fe:c7:b7:99:ca:aa:37:3d:23:5c:d4:a2:e0:2a:0a:
68:dd:b8:18:71:8f:cd:d5:9a:91:df:f0:a3:7b:ee:14:68:4c:
b0:b4:d5:2d:8f:56:7c:df:1c:5a:ec:60:34:21:74:81:d6:3a:
6f:41:84:41:19:ef:d4:d0:0e:d4:de:02:f3:0c:e4:f5:8d:0a:
a0:1a:77:9d:91:5c:19:0e:ae:98:d0:39:15:c4:a7:19:ff:8f:
20:6b:b6:48:b1:62:a8:fc:a0:55:85:b3:90:90:be:19:11:a5:
a3:10:f1:b1:e2:21:0c:04:fd:a5:20:5d:70:13:3c:4a:50:ee:
93:e9:46:09:2f:f5:9b:a7:41:58:86:e2:f2:c1:af:21:3f:25:
e9:25:99:12:7c:a0:38:ed:05:f5:47:07:db:22:c8:20:c8:3f:
b0:06:83:f4:61:19:51:58:f8:ad:2a:6a:5b:9a:be:5a:7f:b9:
d1:f5:36:fe:20:8f:98:44:48:12:d2:03:4e:2b:9a:df:8e:a4:
ed:e2:cf:ca:f8:95:3b:18:a3:f0:59:0a:03:db:16:59:ef:39:
88:f4:81:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZFmPzDx5CGQMcIDnzb0VCpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwODE4MTYwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIxNmQzZDlhM2MzZmRiZjJkNDk2Mzk1NzI0NjQwMjNlNzcyOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocRKuijeRzWIJANKHCiOx0LXmmQR
xm4AQ94UZAMsfoZFd4+68Y6tpTWlBWe49ybGvkokz1amTRXysoDuip9q6CYyWbHe
QJSDMqWgOjnOTqcsSYMfir0kfgCSZkYkxrQUMXK2qgtiil75taO0gUEwfsL01crS
cxgLHS06e5Mw82wbkspZMOR1SfC+j9kcXjbU8qQQQUjcOXdo1/+7o42liGps6kFw
wNx+PdcpOX6SW+j79h1KERNMN8D7omoI9+o0Aju3rCWzxSuYG6Y1TQ9AY4Tvik+z
ah1fONmPqZBOUMHM/I9AiR8w5uNknN7pmqfGCLly1RXzPQyS4zk9H4WJaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPSxbT2aPD/b8tSWOVckZAI+dyleMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvOUxGdFBabzhQOXZ5MUpZNVZ5UmtBajUzS1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/hg
MA0GCSqGSIb3DQEBCwUAA4IBAQCR+j4nXRRLqgw0Osc+ftk6UFlimS2zWspykEOu
BL4IMjRYwbu0IyP+x7eZyqo3PSNc1KLgKgpo3bgYcY/N1ZqR3/Cje+4UaEywtNUt
j1Z83xxa7GA0IXSB1jpvQYRBGe/U0A7U3gLzDOT1jQqgGnedkVwZDq6Y0DkVxKcZ
/48ga7ZIsWKo/KBVhbOQkL4ZEaWjEPGx4iEMBP2lIF1wEzxKUO6T6UYJL/Wbp0FY
huLywa8hPyXpJZkSfKA47QX1RwfbIsggyD+wBoP0YRlRWPitKmpbmr5af7nR9Tb+
II+YREgS0gNOK5rfjqTt4s/K+JU7GKPwWQoD2xZZ7zmI9IGj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:00 2025 by rpki-client