Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8TgR8_HkrbBxtFvIAi4VRot-77c.roa
File: 8TgR8_HkrbBxtFvIAi4VRot-77c.roa (raw, json)
Hash identifier: 2wlcZLIQB/pY7VGfYPs5p5WMj9uXYEq4lcIgXi6G7kI=
Subject key identifier: F1:38:11:F3:F1:E4:AD:B0:71:B4:5B:C8:02:2E:15:46:8B:7E:EF:B7
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0190ED8CC79A094F8FEDBC4E2711032E8659
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8TgR8_HkrbBxtFvIAi4VRot-77c.roa
Signing time: Fri 26 Jul 2024 05:39:04 +0000
ROA not before: Fri 26 Jul 2024 05:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a10:4104::/32 maxlen: 32
2a10:4b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 12 Oct 2024 12:13:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ed:8c:c7:9a:09:4f:8f:ed:bc:4e:27:11:03:2e:86:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 26 05:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f13811f3f1e4adb071b45bc8022e15468b7eefb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b0:c8:bd:ed:bf:37:c6:71:03:4d:e1:77:aa:
1d:1d:08:3d:e1:47:90:11:50:44:fc:fa:6b:ab:f8:
67:3c:42:d5:89:cf:d5:2d:19:ec:35:85:ea:be:99:
7f:73:19:99:01:46:4c:31:07:5f:7b:74:3d:d2:42:
19:ba:ae:8e:f1:37:b7:3f:a4:0e:49:b0:b8:5e:c7:
8f:cd:bb:8f:04:f7:83:97:8c:0a:6f:e2:4e:7f:c8:
63:79:51:d7:92:e0:84:65:eb:df:ec:36:4c:cb:1c:
39:32:59:7a:73:5b:ce:32:49:5c:78:ba:79:81:95:
da:24:7e:4b:23:2a:52:b2:70:af:f2:22:d3:28:18:
09:7a:f8:52:7e:e5:8c:d2:2c:e1:7a:20:ca:ac:9a:
08:e7:26:14:79:6c:8a:c9:0f:a2:df:e1:3e:a3:df:
2f:c8:fb:31:76:39:25:46:c9:e7:63:74:19:08:7b:
d3:70:42:12:ec:c6:62:e3:6a:27:e2:07:0b:94:cb:
46:49:a5:de:26:77:62:3f:1d:16:b0:c3:2f:2a:d9:
97:8a:0b:de:fb:aa:73:08:ca:5e:17:d4:b3:94:36:
3d:15:79:01:b1:38:e9:49:ea:09:0f:00:11:c7:e7:
50:c6:06:af:d5:ce:0c:65:a0:b4:e3:e8:3d:77:d3:
36:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:38:11:F3:F1:E4:AD:B0:71:B4:5B:C8:02:2E:15:46:8B:7E:EF:B7
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/8TgR8_HkrbBxtFvIAi4VRot-77c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4104::/32
2a10:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
52:81:a0:05:34:43:49:c7:50:e3:26:79:06:c0:6b:46:a5:37:
60:59:62:ff:1a:24:d8:22:2e:05:ad:85:a0:0a:6f:b0:49:27:
e3:1f:1e:91:5c:1d:3f:2e:f5:f4:ae:55:f1:aa:c8:48:e0:b4:
f2:d9:48:e8:86:2d:b7:a9:f8:a5:af:38:3e:58:2b:07:00:0d:
5e:83:03:1c:d3:a2:81:a8:71:fe:0a:45:2d:bc:d3:ad:8a:43:
89:7b:e5:b3:ee:33:3e:e4:80:7a:3d:c2:09:d1:1f:02:9f:76:
c1:df:34:d4:e5:1a:b8:60:aa:be:67:4e:35:f9:6c:52:81:bf:
ec:3f:cf:d2:73:4d:d8:89:37:14:3b:09:ea:70:6f:4a:87:91:
96:12:7f:0f:ce:58:b3:8b:ae:89:cf:1e:bd:01:9e:22:97:a0:
e7:ed:a3:d8:80:e1:4b:0a:88:b7:cf:d3:47:68:70:72:fe:c4:
0f:90:68:fb:89:27:14:ba:0a:6e:30:53:9b:33:d4:52:0f:23:
50:11:f6:82:93:99:fd:91:c4:99:0b:84:ca:ff:0a:ff:93:fb:
3f:6f:00:52:a6:ac:0b:00:95:b3:df:5a:96:d3:b5:cb:d5:24:
b3:0a:64:7f:cc:1f:60:f1:ee:19:1c:5f:63:dd:82:4f:9d:e7:
b7:42:71:ab
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDtjMeaCU+P7bxOJxEDLoZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNzI2MDUzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM4MTFmM2YxZTRhZGIwNzFiNDViYzgwMjJlMTU0NjhiN2VlZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7DIve2/N8ZxA03hd6odHQg94UeQ
EVBE/Pprq/hnPELVic/VLRnsNYXqvpl/cxmZAUZMMQdfe3Q90kIZuq6O8Te3P6QO
SbC4XsePzbuPBPeDl4wKb+JOf8hjeVHXkuCEZevf7DZMyxw5Mll6c1vOMklceLp5
gZXaJH5LIypSsnCv8iLTKBgJevhSfuWM0izheiDKrJoI5yYUeWyKyQ+i3+E+o98v
yPsxdjklRsnnY3QZCHvTcEIS7MZi42on4gcLlMtGSaXeJndiPx0WsMMvKtmXigve
+6pzCMpeF9SzlDY9FXkBsTjpSeoJDwARx+dQxgav1c4MZaC04+g9d9M2QQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPE4EfPx5K2wcbRbyAIuFUaLfu+3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOFRnUjhfSGtyYkJ4dEZ2SUFpNFZSb3QtNzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhBBBAMF
AyoQSwAwDQYJKoZIhvcNAQELBQADggEBAFKBoAU0Q0nHUOMmeQbAa0alN2BZYv8a
JNgiLgWthaAKb7BJJ+MfHpFcHT8u9fSuVfGqyEjgtPLZSOiGLbep+KWvOD5YKwcA
DV6DAxzTooGocf4KRS28062KQ4l75bPuMz7kgHo9wgnRHwKfdsHfNNTlGrhgqr5n
TjX5bFKBv+w/z9JzTdiJNxQ7Cepwb0qHkZYSfw/OWLOLronPHr0BniKXoOfto9iA
4UsKiLfP00docHL+xA+QaPuJJxS6Cm4wU5sz1FIPI1AR9oKTmf2RxJkLhMr/Cv+T
+z9vAFKmrAsAlbPfWpbTtcvVJLMKZH/MH2Dx7hkcX2Pdgk+d57dCcas=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:27 2025 by rpki-client