Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/jOOGfus08Vj09A_tmGHXL4MYBEk.roa
File: jOOGfus08Vj09A_tmGHXL4MYBEk.roa (raw, json)
Hash identifier: 16cc46YERJ9+zZWFaNymvnc1FoVHo8fyhd+9UBkhcgY=
Subject key identifier: 8C:E3:86:7E:EB:34:F1:58:F4:F4:0F:ED:98:61:D7:2F:83:18:04:49
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 0190E3E131E7E3E9D2F9D463A023B4A52E8B
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/jOOGfus08Vj09A_tmGHXL4MYBEk.roa
Signing time: Wed 24 Jul 2024 08:35:04 +0000
ROA not before: Wed 24 Jul 2024 08:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:bf01::/32 maxlen: 32
2a0f:bf03::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 01 Aug 2024 07:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:e1:31:e7:e3:e9:d2:f9:d4:63:a0:23:b4:a5:2e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Jul 24 08:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ce3867eeb34f158f4f40fed9861d72f83180449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9e:39:5d:f2:fd:7b:69:f8:d2:c3:75:fe:8e:
59:df:65:ad:a9:35:fb:ff:10:3c:a0:d8:55:fa:38:
4e:71:1d:90:3f:15:6e:06:3b:47:25:1f:60:1c:97:
4a:ec:17:49:b5:79:b9:c8:b9:1f:68:8a:29:1a:bb:
00:49:28:31:2c:f1:52:d8:ed:43:19:81:e2:60:be:
32:a6:48:b7:f6:a4:f2:c5:9b:d3:40:a4:ea:1d:5a:
12:43:f6:04:0e:1a:8b:e8:ab:35:37:24:62:bd:2c:
ba:af:06:7f:c4:b1:3b:31:f3:0e:e1:8f:d0:8a:8e:
fa:2e:36:c7:c9:e7:4e:bd:5e:05:c9:f8:cd:49:bd:
a5:0c:09:6c:4e:11:15:8c:d4:2f:8c:cf:25:f7:fd:
a4:bd:f8:41:41:b6:51:7a:7e:df:0f:4f:0e:bc:de:
82:bd:d6:da:2c:c4:4a:63:42:9e:4a:41:a3:e0:13:
1e:74:f7:34:ae:e1:b9:1b:d2:ce:84:1c:40:5f:cd:
bc:8c:45:6f:3e:39:0c:5c:59:47:ba:33:99:ff:ba:
44:3f:f4:d5:03:c5:e9:c0:19:1b:66:96:35:cc:54:
d6:46:e6:e7:9c:76:59:b9:25:d5:8b:df:8d:36:8d:
c4:4b:85:c6:f1:ad:31:ed:49:6c:99:a4:2a:c2:38:
9b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E3:86:7E:EB:34:F1:58:F4:F4:0F:ED:98:61:D7:2F:83:18:04:49
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/jOOGfus08Vj09A_tmGHXL4MYBEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bf01::/32
2a0f:bf03::/32
Signature Algorithm: sha256WithRSAEncryption
67:2c:ec:ac:2b:c0:f7:7f:7b:9d:6a:31:fb:cf:c6:5d:c2:be:
f6:9c:3d:52:99:f5:16:04:09:1a:59:50:7f:4f:9f:0c:26:05:
09:49:3a:70:b8:e4:41:18:98:03:07:7e:3a:98:bb:7c:66:ac:
6d:05:a5:d1:77:c6:f7:9c:81:92:e7:f2:f1:33:c3:18:cc:41:
b9:0a:23:7a:90:7b:39:5d:3d:aa:33:13:56:f2:73:da:7e:aa:
f0:16:87:64:13:18:20:77:bc:fa:eb:71:2d:ec:af:75:e8:46:
1e:2a:12:0c:08:05:14:ac:0a:f0:fb:99:04:24:2c:5c:53:a8:
06:93:9c:9d:58:97:3a:9b:d9:d0:49:81:fa:42:48:68:4a:c2:
92:79:0b:81:dd:b0:f2:73:78:ef:be:90:16:67:03:83:f0:6a:
f9:fe:fd:7e:86:1f:ce:87:6f:8d:83:a2:c4:13:6c:54:c9:9d:
25:97:a9:06:c3:95:a8:0e:bb:30:7e:19:ca:e5:f9:8b:f8:1d:
10:ba:3e:8b:32:78:c9:78:4d:0b:da:6e:52:e8:80:a2:3a:59:
d4:5c:e3:f3:e9:02:8a:18:24:83:9e:d7:bd:70:d8:e5:42:7c:
30:68:f4:df:93:ec:6c:ae:7a:ff:1a:8a:9e:15:9a:4d:0a:dd:
97:a9:7c:f3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDj4THn4+nS+dRjoCO0pS6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwNzI0MDgzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2UzODY3ZWViMzRmMTU4ZjRmNDBmZWQ5ODYxZDcyZjgzMTgwNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ45XfL9e2n40sN1/o5Z32WtqTX7
/xA8oNhV+jhOcR2QPxVuBjtHJR9gHJdK7BdJtXm5yLkfaIopGrsASSgxLPFS2O1D
GYHiYL4ypki39qTyxZvTQKTqHVoSQ/YEDhqL6Ks1NyRivSy6rwZ/xLE7MfMO4Y/Q
io76LjbHyedOvV4FyfjNSb2lDAlsThEVjNQvjM8l9/2kvfhBQbZRen7fD08OvN6C
vdbaLMRKY0KeSkGj4BMedPc0ruG5G9LOhBxAX828jEVvPjkMXFlHujOZ/7pEP/TV
A8XpwBkbZpY1zFTWRubnnHZZuSXVi9+NNo3ES4XG8a0x7UlsmaQqwjibawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIzjhn7rNPFY9PQP7Zhh1y+DGARJMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvak9PR2Z1czA4VmowOUFfdG1HSFhMNE1ZQkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg+/AQMF
ACoPvwMwDQYJKoZIhvcNAQELBQADggEBAGcs7KwrwPd/e51qMfvPxl3CvvacPVKZ
9RYECRpZUH9PnwwmBQlJOnC45EEYmAMHfjqYu3xmrG0FpdF3xvecgZLn8vEzwxjM
QbkKI3qQezldPaozE1byc9p+qvAWh2QTGCB3vPrrcS3sr3XoRh4qEgwIBRSsCvD7
mQQkLFxTqAaTnJ1Ylzqb2dBJgfpCSGhKwpJ5C4HdsPJzeO++kBZnA4Pwavn+/X6G
H86Hb42DosQTbFTJnSWXqQbDlagOuzB+Gcrl+Yv4HRC6PosyeMl4TQvablLogKI6
WdRc4/PpAooYJIOe171w2OVCfDBo9N+T7Gyuev8aip4Vmk0K3ZepfPM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:15 2025 by rpki-client