Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8OyesWMD5tBjcPdWyw9XP3sMuyE.roa
File: 8OyesWMD5tBjcPdWyw9XP3sMuyE.roa (raw, json)
Hash identifier: TquKDVzMB7cqBBIz7IYgcp/QiJpLw0zC2XrFegB4V40=
Subject key identifier: F0:EC:9E:B1:63:03:E6:D0:63:70:F7:56:CB:0F:57:3F:7B:0C:BB:21
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FB5E9641CB6CDC7C826918C13D59C010F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8OyesWMD5tBjcPdWyw9XP3sMuyE.roa
Signing time: Sun 26 May 2024 17:18:42 +0000
ROA not before: Sun 26 May 2024 17:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 2a09:6281::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 25 Jul 2024 12:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b5:e9:64:1c:b6:cd:c7:c8:26:91:8c:13:d5:9c:01:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 26 17:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0ec9eb16303e6d06370f756cb0f573f7b0cbb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:03:0b:99:f8:e6:e9:e8:03:7e:fe:74:7c:7c:
85:34:25:91:f3:fd:da:cd:97:ab:3f:f3:b3:1e:93:
7c:7b:84:f6:d4:a6:74:f1:1e:8c:c6:05:13:bf:ff:
fb:a3:ca:33:8c:71:35:ea:6f:d7:a9:79:a2:1b:4f:
59:0b:32:07:30:06:27:52:6e:2b:2c:6d:3b:6f:9b:
98:64:40:24:de:fb:4b:6c:c7:0c:e8:68:f3:d6:6d:
d5:22:74:2e:01:90:21:40:3c:54:07:ec:ce:ca:b6:
35:9c:b0:ea:cc:ab:00:cf:34:ce:b1:a8:a2:de:f7:
99:43:eb:14:82:c8:61:15:e8:87:db:a8:52:cb:ae:
7c:3a:d4:71:be:34:19:86:af:ba:d6:21:f2:d2:d6:
58:66:a7:76:4a:66:48:1c:57:24:89:41:a6:05:00:
9f:a6:15:b3:e7:f7:2a:10:8f:8f:c4:1d:e8:fa:bb:
ca:bc:ed:85:58:31:4b:ce:c1:ec:a4:ff:16:9d:dc:
c3:91:84:58:07:da:23:d7:dc:16:f5:92:9c:19:d9:
a9:c5:fa:f8:91:4b:78:50:3e:57:be:10:72:fc:63:
d1:0a:40:51:d0:a9:84:8b:e8:3f:8c:44:5d:10:1a:
14:46:c6:37:bb:93:97:27:6e:59:e4:3d:42:c5:62:
f2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EC:9E:B1:63:03:E6:D0:63:70:F7:56:CB:0F:57:3F:7B:0C:BB:21
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8OyesWMD5tBjcPdWyw9XP3sMuyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6281::/32
2a10:4102::/32
2a12:c300::/29
Signature Algorithm: sha256WithRSAEncryption
0a:3f:0c:14:74:24:52:91:86:b9:ad:f1:40:cd:ba:97:33:44:
3b:b0:76:d7:2a:fd:e6:ae:5a:13:37:2f:11:60:e8:6d:70:e6:
10:84:de:0e:38:48:b0:69:c7:8f:25:6e:29:6f:90:ef:5c:88:
02:51:5d:ac:24:2b:58:40:af:ce:15:9b:17:96:e0:50:d5:ad:
69:6a:c8:58:25:00:09:63:29:cf:d9:2f:69:37:4d:ff:94:e3:
48:0b:a7:9e:f8:44:12:55:03:48:22:9c:d4:bf:8d:4c:16:e7:
73:69:a7:28:96:e6:12:3f:ac:76:47:4e:73:1b:69:47:5b:08:
2d:06:6e:d0:ff:04:8b:c7:fc:1f:e8:3c:78:ff:88:a2:93:a9:
a6:00:1e:45:95:6e:5f:fe:5c:b0:bd:2a:b6:f0:ba:3b:23:00:
cb:05:94:8b:e3:d8:43:03:59:0a:7f:a2:a4:d6:f6:0a:95:73:
b4:ca:d2:4c:15:ff:98:2b:74:f5:56:25:1a:7d:4d:9e:37:c8:
81:bc:f6:3f:e1:57:74:1a:4b:57:68:fa:c2:8e:23:60:8b:8e:
fb:17:d9:53:c7:50:00:04:95:38:0d:f6:f4:70:5c:46:33:1b:
75:a4:81:89:a4:72:c7:70:dc:34:63:ca:48:c4:b3:50:60:98:
17:4d:85:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+16WQcts3HyCaRjBPVnAEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTI2MTcxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVjOWViMTYzMDNlNmQwNjM3MGY3NTZjYjBmNTczZjdiMGNiYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgMLmfjm6egDfv50fHyFNCWR8/3a
zZerP/OzHpN8e4T21KZ08R6MxgUTv//7o8ozjHE16m/XqXmiG09ZCzIHMAYnUm4r
LG07b5uYZEAk3vtLbMcM6Gjz1m3VInQuAZAhQDxUB+zOyrY1nLDqzKsAzzTOsaii
3veZQ+sUgshhFeiH26hSy658OtRxvjQZhq+61iHy0tZYZqd2SmZIHFckiUGmBQCf
phWz5/cqEI+PxB3o+rvKvO2FWDFLzsHspP8WndzDkYRYB9oj19wW9ZKcGdmpxfr4
kUt4UD5XvhBy/GPRCkBR0KmEi+g/jERdEBoURsY3u5OXJ25Z5D1CxWLyVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPDsnrFjA+bQY3D3VssPVz97DLshMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOE95ZXNXTUQ1dEJqY1BkV3l3OVhQM3NNdXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgligQMF
ACoQQQIDBQMqEsMAMA0GCSqGSIb3DQEBCwUAA4IBAQAKPwwUdCRSkYa5rfFAzbqX
M0Q7sHbXKv3mrloTNy8RYOhtcOYQhN4OOEiwacePJW4pb5DvXIgCUV2sJCtYQK/O
FZsXluBQ1a1pashYJQAJYynP2S9pN03/lONIC6ee+EQSVQNIIpzUv41MFudzaaco
luYSP6x2R05zG2lHWwgtBm7Q/wSLx/wf6Dx4/4iik6mmAB5FlW5f/lywvSq28Lo7
IwDLBZSL49hDA1kKf6Kk1vYKlXO0ytJMFf+YK3T1ViUafU2eN8iBvPY/4Vd0GktX
aPrCjiNgi477F9lTx1AABJU4Dfb0cFxGMxt1pIGJpHLHcNw0Y8pIxLNQYJgXTYWl
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:28 2025 by rpki-client