Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/8Q-zKdpf9v78Deb0iTKWcd3ooXY.roa
File: 8Q-zKdpf9v78Deb0iTKWcd3ooXY.roa (raw, json)
Hash identifier: Ygyhe18uCTC4RhuQxrgt+kvuhFEEjHPI+lUbaoHMYS0=
Subject key identifier: F1:0F:B3:29:DA:5F:F6:FE:FC:0D:E6:F4:89:32:96:71:DD:E8:A1:76
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 01906D0D2DB365EF1F428972D545CA8A9422
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/8Q-zKdpf9v78Deb0iTKWcd3ooXY.roa
Signing time: Mon 01 Jul 2024 06:48:18 +0000
ROA not before: Mon 01 Jul 2024 06:48:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21433
IP address blocks: 2a02:ee80:40d4::/47 maxlen: 47
2a02:ee80:40d4::/48 maxlen: 48
2a02:ee80:40d5::/48 maxlen: 48
2a02:ee80:4250::/47 maxlen: 47
2a02:ee80:4250::/48 maxlen: 48
2a02:ee80:4251::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 09:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:0d:2d:b3:65:ef:1f:42:89:72:d5:45:ca:8a:94:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jul 1 06:48:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f10fb329da5ff6fefc0de6f489329671dde8a176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:25:4e:c8:de:d1:d9:03:80:34:7b:81:4b:
38:ad:fb:9d:69:02:5e:96:e7:1b:e1:92:9b:c2:93:
60:5e:2c:a7:a5:b2:36:b5:ac:ff:88:5f:a6:9e:7b:
38:f6:0f:29:b9:38:5e:68:c4:9a:c2:97:0c:9e:5b:
05:d7:20:ec:2c:88:59:67:2d:71:52:21:92:d6:76:
e0:db:89:12:9a:25:7c:c0:12:05:22:83:91:77:f3:
c6:f1:b5:bd:e6:00:3a:ec:e3:26:b0:e9:77:89:50:
ee:1d:30:5e:ba:14:a8:02:08:69:67:72:3a:b8:6d:
08:c9:40:dd:21:d6:63:74:f0:4e:f4:19:7d:51:9a:
26:77:2a:67:9d:41:4d:90:ce:64:2d:4d:53:15:c1:
91:b7:ac:f2:af:36:53:96:fd:7f:96:5d:86:b8:f6:
de:ff:56:8e:5b:e3:24:64:2f:88:bd:fd:71:82:26:
64:d2:91:14:68:a8:ad:e4:12:91:81:54:ae:58:03:
a2:9f:87:aa:01:2c:58:f7:ae:08:2f:aa:8f:d6:fe:
17:96:7b:f3:e2:43:66:b1:56:32:e9:3e:f3:a3:c6:
2b:8e:a6:65:73:39:19:e1:00:45:0f:c0:9a:cd:76:
c9:d1:3d:49:bf:b5:1e:a7:3f:21:0a:68:a2:d4:2f:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0F:B3:29:DA:5F:F6:FE:FC:0D:E6:F4:89:32:96:71:DD:E8:A1:76
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/8Q-zKdpf9v78Deb0iTKWcd3ooXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ee80:40d4::/47
2a02:ee80:4250::/47
Signature Algorithm: sha256WithRSAEncryption
3a:e1:a5:81:e2:bb:19:9a:cd:c2:66:b8:a1:c3:f7:05:66:9e:
15:55:ef:9a:49:aa:eb:a9:a9:55:bd:d6:0f:ec:5f:01:0a:76:
67:ee:72:ff:89:fa:6d:da:74:4d:4a:dd:96:7b:b1:33:a5:cd:
e9:2e:34:7f:98:d8:9e:a1:42:99:08:e9:12:a5:5d:30:b5:53:
22:ce:1b:bb:6a:c4:39:de:a3:0e:5b:9b:d0:6f:dc:c5:a2:16:
41:a4:55:35:78:40:48:86:71:21:9f:9f:c6:9b:8a:58:ab:63:
12:33:e1:6a:31:13:68:88:b2:f7:dd:cd:02:88:fd:e0:82:e7:
8d:e7:65:85:d8:3a:f2:0f:2b:7c:ce:a0:0d:e6:37:6c:7e:1b:
ee:03:5b:e8:90:8b:27:12:41:c6:25:13:5b:bf:d2:8f:41:ad:
ec:25:e7:9f:fc:1f:14:a0:5f:98:a0:ae:07:2f:08:15:7c:fc:
e3:06:ee:ad:48:b3:02:c0:85:d0:e9:c2:52:30:b4:f0:11:bb:
54:8f:27:31:9a:61:c9:fb:ef:ca:94:72:65:2a:75:0e:73:d9:
75:1a:dd:88:17:d0:b6:a7:40:96:8f:64:05:f6:c9:d8:17:25:
90:c7:b2:2a:6a:84:a8:45:92:65:84:c7:b2:b2:71:d1:35:34:
0e:10:1f:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBtDS2zZe8fQoly1UXKipQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjQwNzAxMDY0ODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBmYjMyOWRhNWZmNmZlZmMwZGU2ZjQ4OTMyOTY3MWRkZThhMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbolTsje0dkDgDR7gUs4rfudaQJe
lucb4ZKbwpNgXiynpbI2taz/iF+mnns49g8puTheaMSawpcMnlsF1yDsLIhZZy1x
UiGS1nbg24kSmiV8wBIFIoORd/PG8bW95gA67OMmsOl3iVDuHTBeuhSoAghpZ3I6
uG0IyUDdIdZjdPBO9Bl9UZomdypnnUFNkM5kLU1TFcGRt6zyrzZTlv1/ll2GuPbe
/1aOW+MkZC+Ivf1xgiZk0pEUaKit5BKRgVSuWAOin4eqASxY964IL6qP1v4Xlnvz
4kNmsVYy6T7zo8YrjqZlczkZ4QBFD8CazXbJ0T1Jv7Uepz8hCmii1C8p+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPEPsynaX/b+/A3m9IkylnHd6KF2MB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvOFEtektkcGY5djc4RGViMGlUS1djZDNvb1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgLugEDU
AwcBKgLugEJQMA0GCSqGSIb3DQEBCwUAA4IBAQA64aWB4rsZms3CZrihw/cFZp4V
Ve+aSarrqalVvdYP7F8BCnZn7nL/ifpt2nRNSt2We7Ezpc3pLjR/mNieoUKZCOkS
pV0wtVMizhu7asQ53qMOW5vQb9zFohZBpFU1eEBIhnEhn5/Gm4pYq2MSM+FqMRNo
iLL33c0CiP3ggueN52WF2DryDyt8zqAN5jdsfhvuA1vokIsnEkHGJRNbv9KPQa3s
Jeef/B8UoF+YoK4HLwgVfPzjBu6tSLMCwIXQ6cJSMLTwEbtUjycxmmHJ++/KlHJl
KnUOc9l1Gt2IF9C2p0CWj2QF9snYFyWQx7IqaoSoRZJlhMeysnHRNTQOEB/6
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:36:35 2025 by rpki-client