Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cHTY8EPBF7JsRXXCJJPSpcrXiWo.roa
File: cHTY8EPBF7JsRXXCJJPSpcrXiWo.roa (raw, json)
Hash identifier: HLOy/tyzlEX+x1V5SR5M2fGr2c1Npk4ULUDKGH6qteo=
Subject key identifier: 70:74:D8:F0:43:C1:17:B2:6C:45:75:C2:24:93:D2:A5:CA:D7:89:6A
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018FE2A75331790939073BF37884C37B86D5
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cHTY8EPBF7JsRXXCJJPSpcrXiWo.roa
Signing time: Tue 04 Jun 2024 09:49:27 +0000
ROA not before: Tue 04 Jun 2024 09:49:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:eb03::/32 maxlen: 32
2a0f:ed00::/32 maxlen: 32
2a0f:ed05::/32 maxlen: 32
2a0f:ed07::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Jun 2024 17:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:a7:53:31:79:09:39:07:3b:f3:78:84:c3:7b:86:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 4 09:49:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7074d8f043c117b26c4575c22493d2a5cad7896a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ae:58:40:9e:8b:21:2c:02:f4:5d:cf:86:13:
3e:b1:04:7b:bf:c2:c9:6e:b9:37:6c:9a:b3:8c:29:
af:c8:85:61:a0:a5:28:13:56:47:3d:9a:b6:0d:ca:
0b:83:04:c2:3d:19:ba:8a:2d:e6:13:70:5b:5d:59:
95:b6:7d:a4:d4:cd:f1:95:88:21:eb:10:03:c0:bd:
39:ac:d1:30:02:ea:2b:a3:46:ab:8c:32:20:5d:58:
eb:5d:83:15:cf:2a:a2:b1:d6:f9:8b:8a:86:68:ea:
0a:2d:4a:1e:9a:aa:56:0a:1c:a4:94:9f:ca:e5:fc:
b8:fd:94:ec:14:fb:2b:0f:7b:20:7d:f3:7c:ee:7f:
5b:68:f6:41:4b:a0:95:9a:58:30:c5:57:c9:84:1b:
30:02:3f:c1:16:1f:a1:aa:06:65:63:a1:db:68:ba:
8f:f8:a2:0c:d8:cd:80:4b:a4:01:7f:5c:b9:3d:9a:
6a:43:a9:99:0b:2b:2c:09:a0:01:d0:3b:76:af:99:
cc:7d:c9:83:cf:d7:0d:16:60:4e:42:f9:61:6a:03:
3c:d2:16:95:86:cb:02:f0:3c:4f:86:fe:ca:e5:72:
fb:ed:02:29:2b:8e:5a:a5:c4:b8:ca:0c:e7:f8:fb:
f8:5c:22:09:90:74:aa:44:a3:da:9c:c1:6c:f7:9e:
91:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:74:D8:F0:43:C1:17:B2:6C:45:75:C2:24:93:D2:A5:CA:D7:89:6A
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cHTY8EPBF7JsRXXCJJPSpcrXiWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:eb03::/32
2a0f:ed00::/32
2a0f:ed05::/32
2a0f:ed07::/32
2a13:a446::/32
Signature Algorithm: sha256WithRSAEncryption
4e:db:04:a7:d0:ae:74:3c:be:a6:2e:c8:19:18:a6:c6:a6:cc:
b6:eb:ab:b3:80:c0:52:98:79:05:69:e5:1e:e6:03:57:98:4c:
57:37:4f:16:9c:56:91:d9:f3:47:a0:a0:66:bd:18:d9:e0:bb:
50:71:69:51:09:c3:a1:c3:09:9f:e5:74:95:ec:53:16:af:d1:
30:d1:b6:76:8f:7a:b6:a5:56:26:e0:1a:c0:71:df:9b:4e:af:
f8:5c:be:26:ea:16:da:1d:9b:be:e3:ab:2a:6b:2a:f0:1d:d7:
bd:ac:e5:05:23:c0:f4:61:de:30:6e:e3:9d:1c:6b:56:d8:ac:
7c:96:c3:15:57:59:3c:55:1c:87:bd:6b:bb:05:60:91:bf:34:
28:da:72:2f:46:97:9d:fb:20:ce:9a:87:38:a7:6f:61:9b:94:
bd:2f:fe:70:56:d2:12:20:f3:ef:ac:56:af:59:44:d6:54:8d:
78:46:7e:0d:34:ae:1a:f5:f3:06:c6:e9:13:d3:68:97:82:29:
88:ee:b8:02:b6:e5:09:07:69:ca:58:08:ac:75:21:f1:a5:f6:
1a:fa:fa:61:18:f2:28:1f:47:4f:24:75:d3:dc:b8:69:00:b4:
db:5d:0d:ca:69:38:c2:50:2a:20:ea:24:5f:3f:b8:75:b1:62:
db:eb:32:a1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY/ip1MxeQk5BzvzeITDe4bVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNjA0MDk0OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc0ZDhmMDQzYzExN2IyNmM0NTc1YzIyNDkzZDJhNWNhZDc4OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh65YQJ6LISwC9F3PhhM+sQR7v8LJ
brk3bJqzjCmvyIVhoKUoE1ZHPZq2DcoLgwTCPRm6ii3mE3BbXVmVtn2k1M3xlYgh
6xADwL05rNEwAuoro0arjDIgXVjrXYMVzyqisdb5i4qGaOoKLUoemqpWChyklJ/K
5fy4/ZTsFPsrD3sgffN87n9baPZBS6CVmlgwxVfJhBswAj/BFh+hqgZlY6HbaLqP
+KIM2M2AS6QBf1y5PZpqQ6mZCyssCaAB0Dt2r5nMfcmDz9cNFmBOQvlhagM80haV
hssC8DxPhv7K5XL77QIpK45apcS4ygzn+Pv4XCIJkHSqRKPanMFs956RuQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHB02PBDwReybEV1wiST0qXK14lqMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvY0hUWThFUEJGN0pzUlhYQ0pKUFNwY3JYaVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKg/rAwMF
ACoP7QADBQAqD+0FAwUAKg/tBwMFACoTpEYwDQYJKoZIhvcNAQELBQADggEBAE7b
BKfQrnQ8vqYuyBkYpsamzLbrq7OAwFKYeQVp5R7mA1eYTFc3TxacVpHZ80egoGa9
GNngu1BxaVEJw6HDCZ/ldJXsUxav0TDRtnaPeralVibgGsBx35tOr/hcvibqFtod
m77jqyprKvAd172s5QUjwPRh3jBu450ca1bYrHyWwxVXWTxVHIe9a7sFYJG/NCja
ci9Gl537IM6ahzinb2GblL0v/nBW0hIg8++sVq9ZRNZUjXhGfg00rhr18wbG6RPT
aJeCKYjuuAK25QkHacpYCKx1IfGl9hr6+mEY8igfR08kddPcuGkAtNtdDcppOMJQ
KiDqJF8/uHWxYtvrMqE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:12 2025 by rpki-client