Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b8amouc5NzFqjscaRrOj6weycFA.roa
File: b8amouc5NzFqjscaRrOj6weycFA.roa (raw, json)
Hash identifier: Ea4IxhOv1TIoufKz4IgFHc66XYbjbrOPHzf3UfhHQ7g=
Subject key identifier: 6F:C6:A6:A2:E7:39:37:31:6A:8E:C7:1A:46:B3:A3:EB:07:B2:70:50
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 019611974C07392F8EF27D195A49CA8DB34C
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b8amouc5NzFqjscaRrOj6weycFA.roa
Signing time: Mon 07 Apr 2025 18:50:49 +0000
ROA not before: Mon 07 Apr 2025 18:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:8543::/32 maxlen: 32
2a11:3187::/32 maxlen: 32
2a11:6341::/32 maxlen: 32
2a11:7886::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Apr 2025 19:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:97:4c:07:39:2f:8e:f2:7d:19:5a:49:ca:8d:b3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 7 18:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fc6a6a2e73937316a8ec71a46b3a3eb07b27050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:bd:34:ec:f8:8f:a4:d3:c8:80:aa:1f:1c:43:
df:aa:ea:b3:25:24:4b:ec:c5:cc:12:97:56:99:4d:
14:d0:1a:f8:95:d5:81:88:c0:24:7b:29:8a:78:90:
fe:6a:d6:7f:5c:90:34:eb:43:f0:7a:41:0f:81:51:
56:7a:a7:31:3c:1c:8d:7b:78:89:d5:2e:c3:ad:22:
43:6b:54:cb:84:61:cd:57:62:c5:96:fe:6f:5a:c9:
ed:29:91:d0:93:ac:e3:c8:5a:a0:e5:94:f4:d6:97:
f1:f3:66:3b:90:c9:f9:42:24:d5:26:05:29:a1:60:
42:19:45:b1:55:fa:14:0d:f4:ef:f0:99:49:fa:72:
45:e7:31:eb:1a:ff:85:e0:8c:15:12:6c:3e:10:96:
8a:c5:f6:64:2d:a2:13:08:a2:b4:2e:70:87:59:fb:
41:69:1a:33:dc:c5:c0:1b:ab:34:61:f0:49:4e:56:
24:a3:eb:d4:a1:c5:dc:fd:5d:ab:f5:86:2e:46:ce:
bc:e8:99:b1:08:1e:ac:88:90:43:e0:f9:9a:cd:d3:
f6:c1:ce:9e:e2:9c:c4:b2:c6:4a:04:18:6d:37:e9:
f0:99:25:e8:a2:ef:7d:e8:28:88:28:90:2e:e9:f7:
ba:8e:6f:be:48:37:68:15:cd:d1:6e:83:d0:f5:97:
d5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C6:A6:A2:E7:39:37:31:6A:8E:C7:1A:46:B3:A3:EB:07:B2:70:50
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/b8amouc5NzFqjscaRrOj6weycFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8543::/32
2a11:3187::/32
2a11:6341::/32
2a11:7886::/32
Signature Algorithm: sha256WithRSAEncryption
be:a3:c9:25:7b:4a:68:d6:fc:54:ee:68:13:aa:b1:2f:53:ef:
04:d6:53:20:83:80:e7:19:82:47:fa:bf:ff:9f:0d:16:0a:e7:
4c:75:83:31:a6:d0:89:90:a1:b0:63:c6:7c:d8:7b:46:d9:88:
13:1c:86:08:40:85:35:c6:fc:e0:a1:d8:fd:6d:4e:67:53:2b:
19:8b:80:f9:bd:64:1e:9c:ba:34:74:90:f3:e0:b6:f4:99:62:
cf:45:c3:81:3f:e9:22:d3:64:98:db:9d:9a:63:55:54:a1:2b:
b9:17:67:43:02:89:cd:fc:69:97:ca:1d:9c:aa:5b:02:9d:5d:
bd:17:27:4a:b8:1f:32:84:8b:f1:6f:19:5e:ff:4d:5d:af:4a:
ce:67:04:fc:8c:01:60:6a:9b:40:1a:fc:7a:ec:bc:11:77:d0:
0d:02:4c:d6:af:29:7b:c6:7a:7d:06:78:ba:68:6e:4a:a0:b5:
7b:e5:e2:3d:02:13:2c:5b:e4:c7:b5:2f:62:39:72:86:11:1f:
24:96:49:15:77:2a:28:db:ed:07:f9:12:19:29:37:dd:c1:4b:
3d:a9:b6:c8:15:a1:62:43:cb:72:7c:98:7a:6b:17:d2:fa:94:
7b:ef:eb:ed:df:08:20:20:ff:17:b5:1f:b4:29:a8:10:33:25:
b4:8c:ec:72
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZYRl0wHOS+O8n0ZWknKjbNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDA3MTg1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmM2YTZhMmU3MzkzNzMxNmE4ZWM3MWE0NmIzYTNlYjA3YjI3MDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7b007PiPpNPIgKofHEPfquqzJSRL
7MXMEpdWmU0U0Br4ldWBiMAkeymKeJD+atZ/XJA060PwekEPgVFWeqcxPByNe3iJ
1S7DrSJDa1TLhGHNV2LFlv5vWsntKZHQk6zjyFqg5ZT01pfx82Y7kMn5QiTVJgUp
oWBCGUWxVfoUDfTv8JlJ+nJF5zHrGv+F4IwVEmw+EJaKxfZkLaITCKK0LnCHWftB
aRoz3MXAG6s0YfBJTlYko+vUocXc/V2r9YYuRs686JmxCB6siJBD4PmazdP2wc6e
4pzEssZKBBhtN+nwmSXoou996CiIKJAu6fe6jm++SDdoFc3RboPQ9ZfV2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG/GpqLnOTcxao7HGkazo+sHsnBQMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvYjhhbW91YzVOekZxanNjYVJyT2o2d2V5Y0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg6FQwMF
ACoRMYcDBQAqEWNBAwUAKhF4hjANBgkqhkiG9w0BAQsFAAOCAQEAvqPJJXtKaNb8
VO5oE6qxL1PvBNZTIIOA5xmCR/q//58NFgrnTHWDMabQiZChsGPGfNh7RtmIExyG
CECFNcb84KHY/W1OZ1MrGYuA+b1kHpy6NHSQ8+C29Jliz0XDgT/pItNkmNudmmNV
VKEruRdnQwKJzfxpl8odnKpbAp1dvRcnSrgfMoSL8W8ZXv9NXa9KzmcE/IwBYGqb
QBr8euy8EXfQDQJM1q8pe8Z6fQZ4umhuSqC1e+XiPQITLFvkx7UvYjlyhhEfJJZJ
FXcqKNvtB/kSGSk33cFLPam2yBWhYkPLcnyYemsX0vqUe+/r7d8IICD/F7UftCmo
EDMltIzscg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:22:12 2025 by rpki-client