Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-Ff9CfvyCzSIr5yt5X2Qs_x-x9o.roa
File: 1-Ff9CfvyCzSIr5yt5X2Qs_x-x9o.roa (raw, json)
Hash identifier: T5TNoihKPCBXXRhrPn3rcrnlGeFd+YkM+jQkFvmqnsM=
Subject key identifier: F8:57:FD:09:FB:F2:0B:34:88:AF:9C:AD:E5:7D:90:B3:FC:7E:C7:DA
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FA9D9511739BC24DDB6AE7899A31F4FD2
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-Ff9CfvyCzSIr5yt5X2Qs_x-x9o.roa
Signing time: Fri 24 May 2024 09:05:42 +0000
ROA not before: Fri 24 May 2024 09:05:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 2a09:e2c0::/30 maxlen: 30
2a09:e2c4::/30 maxlen: 30
2a10:4102::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Jul 2024 05:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:d9:51:17:39:bc:24:dd:b6:ae:78:99:a3:1f:4f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 24 09:05:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f857fd09fbf20b3488af9cade57d90b3fc7ec7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:39:13:35:f7:30:22:5a:ff:e1:1f:58:52:de:
c1:83:fe:62:61:62:63:b3:f1:7a:a9:3b:79:d6:e0:
a7:ab:8c:d2:da:34:83:77:7b:06:bf:68:db:c7:3c:
10:1c:91:07:72:a0:f7:9b:9f:ef:a8:be:64:7e:0a:
75:20:0b:0e:7c:96:0b:f9:d1:08:58:a6:a4:f0:41:
cf:76:e9:fc:97:c1:b4:f3:5d:10:af:e1:66:32:73:
6a:b4:5b:07:c1:10:45:64:77:b4:fd:96:6b:85:f6:
88:a1:e2:5e:3e:93:23:43:55:67:fc:fb:52:5b:3e:
ba:8d:4a:91:e6:98:72:78:c4:a1:96:57:dc:28:44:
89:7b:2d:72:01:e6:1e:c6:96:1e:55:ce:48:c0:88:
cb:e8:60:17:9a:c6:9e:c1:4f:bc:24:89:fc:ed:7b:
95:d3:cb:17:da:70:5d:1c:35:16:7f:07:60:cc:f0:
28:7c:a0:d2:67:ce:d5:7f:29:4b:ed:3d:c9:fb:e9:
e5:e9:bc:d3:45:74:0d:08:31:89:30:ee:43:b6:14:
55:ba:59:0a:d2:78:a1:8f:a4:c0:96:a5:24:76:ff:
6f:73:52:65:7c:de:da:6c:db:6d:47:0b:d0:7d:04:
d6:5f:8b:ca:9a:92:b0:63:47:f0:6e:5b:b3:f8:78:
31:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:57:FD:09:FB:F2:0B:34:88:AF:9C:AD:E5:7D:90:B3:FC:7E:C7:DA
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-Ff9CfvyCzSIr5yt5X2Qs_x-x9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e2c0::/29
2a10:4102::/32
Signature Algorithm: sha256WithRSAEncryption
3c:6c:87:a2:5d:7b:af:26:ad:a6:46:79:5b:bd:82:63:cc:ef:
05:65:21:53:38:87:2f:13:69:a7:f1:b2:94:56:79:58:a0:61:
73:98:a1:b3:c0:50:42:0b:d3:6b:b9:da:6c:f0:fc:e6:9b:d6:
af:15:86:5a:e0:27:ff:f3:b4:73:c6:36:67:52:06:26:ae:eb:
c4:bc:7e:51:85:4d:36:93:75:69:4b:de:91:4d:50:43:5a:7c:
35:52:21:01:cb:16:1a:e9:10:9c:7d:f8:8a:16:6c:c6:31:42:
88:c1:73:bd:0f:98:be:c8:3a:cd:b8:13:fb:36:da:01:20:7e:
10:45:7f:a1:f0:e9:8e:1f:7c:c7:3a:a6:87:a7:0e:35:ef:64:
99:79:d7:a4:c5:02:a3:02:b9:29:d2:94:79:7c:ef:b8:f8:89:
ef:51:ac:ad:d6:a8:0d:5e:1f:dc:3d:14:0d:aa:3a:9a:47:6f:
ad:a5:5a:c8:46:70:f1:82:fc:67:cf:83:46:78:f8:b3:86:17:
da:79:39:f1:49:04:5e:1f:91:36:fa:34:da:07:19:81:55:79:
65:7c:e7:a0:31:23:06:72:3c:fc:47:e7:ac:97:d3:e9:04:fc:
ca:98:5f:3f:83:c3:ad:cb:2f:d8:28:75:47:f9:92:cb:85:09:
16:a3:50:c0
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAY+p2VEXObwk3baueJmjH0/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTI0MDkwNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU3ZmQwOWZiZjIwYjM0ODhhZjljYWRlNTdkOTBiM2ZjN2VjN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDkTNfcwIlr/4R9YUt7Bg/5iYWJj
s/F6qTt51uCnq4zS2jSDd3sGv2jbxzwQHJEHcqD3m5/vqL5kfgp1IAsOfJYL+dEI
WKak8EHPdun8l8G0810Qr+FmMnNqtFsHwRBFZHe0/ZZrhfaIoeJePpMjQ1Vn/PtS
Wz66jUqR5phyeMShllfcKESJey1yAeYexpYeVc5IwIjL6GAXmsaewU+8JIn87XuV
08sX2nBdHDUWfwdgzPAofKDSZ87VfylL7T3J++nl6bzTRXQNCDGJMO5DthRVulkK
0nihj6TAlqUkdv9vc1JlfN7abNttRwvQfQTWX4vKmpKwY0fwbluz+HgxHQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPhX/Qn78gs0iK+creV9kLP8fsfaMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMS1GZjlDZnZ5Q3pTSXI1eXQ1WDJRc194LXg5by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMWZhNmEzLThkYzUtNGMzNS1hNDliLTE3MWMzNjdiZTc4
Mi8xL2RRaEhYX0RZN0pZRE5nRnVEZ1FpR3BqbDdQSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoJ4sAD
BQAqEEECMA0GCSqGSIb3DQEBCwUAA4IBAQA8bIeiXXuvJq2mRnlbvYJjzO8FZSFT
OIcvE2mn8bKUVnlYoGFzmKGzwFBCC9Nrudps8Pzmm9avFYZa4Cf/87RzxjZnUgYm
ruvEvH5RhU02k3VpS96RTVBDWnw1UiEByxYa6RCcffiKFmzGMUKIwXO9D5i+yDrN
uBP7NtoBIH4QRX+h8OmOH3zHOqaHpw4172SZedekxQKjArkp0pR5fO+4+InvUayt
1qgNXh/cPRQNqjqaR2+tpVrIRnDxgvxnz4NGePizhhfaeTnxSQReH5E2+jTaBxmB
VXllfOegMSMGcjz8R+esl9PpBPzKmF8/g8Otyy/YKHVH+ZLLhQkWo1DA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:12 2025 by rpki-client