Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9IBVbFBM6ToJXpTF7iq1OUFQgfM.roa
File: 9IBVbFBM6ToJXpTF7iq1OUFQgfM.roa (raw, json)
Hash identifier: 5aHlGXtV06Fbsc0W/XTKJZhOZt66InS314CSYpIV/HA=
Subject key identifier: F4:80:55:6C:50:4C:E9:3A:09:5E:94:C5:EE:2A:B5:39:41:50:81:F3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0192413A3DDB5F452EC9E044CBBF390A23A0
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9IBVbFBM6ToJXpTF7iq1OUFQgfM.roa
Signing time: Mon 30 Sep 2024 04:39:48 +0000
ROA not before: Mon 30 Sep 2024 04:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a0f:db80::/29 maxlen: 29
2a13:3880::/29 maxlen: 29
2a13:3b80::/29 maxlen: 29
2a13:8c40::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 16 Nov 2024 07:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:41:3a:3d:db:5f:45:2e:c9:e0:44:cb:bf:39:0a:23:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 30 04:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f480556c504ce93a095e94c5ee2ab539415081f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:b5:44:9d:73:df:e0:c4:3e:ca:8a:15:09:
60:71:99:46:5d:b0:b4:49:52:79:42:2e:07:47:23:
00:c7:8e:f5:c7:c2:48:4c:a7:81:bd:56:97:61:61:
1d:8d:4a:2a:24:56:df:ac:f2:28:78:96:c1:52:9e:
3e:ad:4e:7a:06:32:3e:76:95:28:fb:cd:d2:23:5c:
80:d2:cf:99:62:61:e4:cf:85:d1:1f:1b:8b:c0:e7:
b7:9d:5f:75:6c:b6:cc:d9:ed:16:3f:f7:37:f1:c1:
9d:7d:76:28:91:4a:95:00:b9:bf:96:3a:9e:65:13:
d2:ce:71:86:ef:26:68:97:f0:0c:8d:c3:a6:7b:51:
4f:e8:cf:a7:18:cb:f7:f2:88:d2:f2:18:91:9c:60:
84:55:fe:96:2f:a1:c9:6f:b6:f9:3f:a9:61:84:5d:
3b:f1:25:a5:2a:5c:f7:13:f7:8f:09:bd:00:75:d3:
16:24:eb:3d:da:f6:c0:93:dd:e8:a1:aa:43:ce:31:
d0:0e:0d:cc:60:a5:54:b2:38:c2:c9:72:01:dd:1e:
d7:1e:90:27:11:4f:2f:4d:26:3a:38:d5:ea:e3:42:
cb:dd:00:5f:89:64:d3:e0:87:c5:4b:21:f7:a3:70:
04:76:ae:fc:3b:a8:e9:27:a0:bb:06:ee:83:74:94:
c3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:80:55:6C:50:4C:E9:3A:09:5E:94:C5:EE:2A:B5:39:41:50:81:F3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/9IBVbFBM6ToJXpTF7iq1OUFQgfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db80::/29
2a13:3880::/29
2a13:3b80::/29
2a13:8c40::/29
2a13:9340::/29
2a13:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:d6:9f:bf:b4:4c:e2:19:77:f5:3c:b3:5e:e1:e5:f5:a0:9e:
13:df:8c:63:0c:23:40:6e:29:fb:0b:a2:a6:73:46:15:a2:57:
76:20:ed:9a:51:25:a5:a0:07:3e:9d:c0:43:c2:f6:e0:d0:bd:
e4:9b:3e:9c:69:cb:85:ab:48:0a:9c:fe:55:0e:4e:60:f2:3b:
59:9b:3b:0d:e2:14:f0:e2:01:6b:73:35:ff:64:e0:a1:2a:ff:
0e:ce:3e:4f:3b:53:fe:bd:d9:39:ba:9c:36:f2:74:9c:72:50:
8d:f4:68:c3:da:7c:a2:e6:0a:47:22:58:96:2b:19:4e:7d:aa:
13:a0:d5:cf:30:0b:20:3b:63:2a:e0:24:ba:15:0d:76:ca:34:
c1:da:ec:98:5d:4d:a3:57:2a:3d:bb:99:a6:16:4c:ec:af:61:
04:98:02:42:09:dc:58:a1:dc:a9:d6:d2:47:37:61:68:ec:11:
65:09:6b:23:53:44:66:a7:0a:25:0d:d1:5e:97:8a:30:f7:45:
7e:bc:7e:9c:01:15:58:d0:76:1f:29:da:f3:39:52:01:d5:9b:
61:d1:c7:1d:39:a2:f5:26:89:a1:45:23:9d:8a:95:5c:e7:a4:
a8:b6:b7:30:6c:9a:2a:3c:3f:d3:60:a4:3d:09:c5:57:98:6d:
a7:99:12:25
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJBOj3bX0UuyeBEy785CiOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTMwMDQzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgwNTU2YzUwNGNlOTNhMDk1ZTk0YzVlZTJhYjUzOTQxNTA4MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIe1RJ1z3+DEPsqKFQlgcZlGXbC0
SVJ5Qi4HRyMAx471x8JITKeBvVaXYWEdjUoqJFbfrPIoeJbBUp4+rU56BjI+dpUo
+83SI1yA0s+ZYmHkz4XRHxuLwOe3nV91bLbM2e0WP/c38cGdfXYokUqVALm/ljqe
ZRPSznGG7yZol/AMjcOme1FP6M+nGMv38ojS8hiRnGCEVf6WL6HJb7b5P6lhhF07
8SWlKlz3E/ePCb0AddMWJOs92vbAk93ooapDzjHQDg3MYKVUsjjCyXIB3R7XHpAn
EU8vTSY6ONXq40LL3QBfiWTT4IfFSyH3o3AEdq78O6jpJ6C7Bu6DdJTDYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPSAVWxQTOk6CV6Uxe4qtTlBUIHzMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvOUlCVmJGQk02VG9KWHBURjdpcTFPVUZRZ2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg/bgAMF
AyoTOIADBQMqEzuAAwUDKhOMQAMFAyoTk0ADBQMqE5PAMA0GCSqGSIb3DQEBCwUA
A4IBAQCM1p+/tEziGXf1PLNe4eX1oJ4T34xjDCNAbin7C6Kmc0YVold2IO2aUSWl
oAc+ncBDwvbg0L3kmz6cacuFq0gKnP5VDk5g8jtZmzsN4hTw4gFrczX/ZOChKv8O
zj5PO1P+vdk5upw28nScclCN9GjD2nyi5gpHIliWKxlOfaoToNXPMAsgO2Mq4CS6
FQ12yjTB2uyYXU2jVyo9u5mmFkzsr2EEmAJCCdxYodyp1tJHN2Fo7BFlCWsjU0Rm
pwolDdFel4ow90V+vH6cARVY0HYfKdrzOVIB1Zth0ccdOaL1JomhRSOdipVc56So
trcwbJoqPD/TYKQ9CcVXmG2nmRIl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:15 2025 by rpki-client