Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/G8Ehx662yGe8CnGPGo02tGCMbnY.roa
File: G8Ehx662yGe8CnGPGo02tGCMbnY.roa (raw, json)
Hash identifier: TB2NczHhthHblh/sWzY1xRvTmBK3crkdEbq66CtCXag=
Subject key identifier: 1B:C1:21:C7:AE:B6:C8:67:BC:0A:71:8F:1A:8D:36:B4:60:8C:6E:76
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FDCB2FA19C73A8F641306E9DF99A9D3F9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/G8Ehx662yGe8CnGPGo02tGCMbnY.roa
Signing time: Mon 03 Jun 2024 06:04:27 +0000
ROA not before: Mon 03 Jun 2024 06:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214958
IP address blocks: 2a04:6e40::/29 maxlen: 29
2a11:91c0::/29 maxlen: 29
2a13:3c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 30 Sep 2024 04:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dc:b2:fa:19:c7:3a:8f:64:13:06:e9:df:99:a9:d3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 3 06:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bc121c7aeb6c867bc0a718f1a8d36b4608c6e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:05:e7:89:83:39:16:45:e7:fe:02:b3:6f:af:
09:2c:f3:68:b3:3d:33:f2:23:70:ad:42:ca:00:2b:
7a:e0:4f:09:05:3a:d6:a2:52:7e:37:16:a8:8d:cd:
24:81:a9:63:e9:a9:87:25:01:d0:24:46:15:4c:2e:
e6:a7:b8:97:9e:c7:db:a1:39:6e:a6:1a:2f:37:7c:
64:55:10:39:a8:05:6d:c5:f8:f5:23:4e:8d:84:e0:
95:b1:2b:88:1a:18:2a:73:92:32:c6:94:84:2f:73:
c4:69:23:30:7c:13:fb:f9:ab:b9:1d:6c:b0:98:50:
ed:9c:6a:32:4a:17:6b:bd:ae:d3:ee:d3:28:11:91:
c5:3f:08:12:49:a7:97:4f:2a:d8:ec:35:0a:2e:40:
9f:cf:54:95:01:c3:a1:01:5f:f0:31:12:ef:53:93:
a6:07:c8:93:ca:a0:f0:fa:c8:5c:9d:30:43:f6:41:
98:e3:79:28:6d:b4:f2:2c:fb:3e:3c:35:15:03:fa:
20:cf:6f:6b:c8:9a:21:73:86:ba:92:99:ad:68:a2:
39:7b:2b:95:50:4e:67:e5:c3:6e:88:d1:4d:2c:de:
dc:82:f9:f4:ff:2c:46:23:ed:56:db:95:6e:39:9e:
d4:53:d7:5d:0f:91:74:5e:ac:b0:58:3d:fb:db:8b:
c2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C1:21:C7:AE:B6:C8:67:BC:0A:71:8F:1A:8D:36:B4:60:8C:6E:76
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/G8Ehx662yGe8CnGPGo02tGCMbnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:6e40::/29
2a11:91c0::/29
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
c3:99:16:a6:78:40:22:1b:9d:2a:91:60:ae:80:01:ce:58:90:
ad:22:39:47:cf:a5:40:42:a8:e0:7d:86:b3:0c:19:11:32:f7:
03:ac:3e:cd:97:63:75:17:1e:df:ec:30:3c:13:4b:9a:d2:48:
c9:7e:e6:03:a7:9a:c7:c9:60:ac:15:cf:18:b2:16:84:97:c7:
66:08:3f:f0:16:fb:5b:df:d9:81:3f:f5:49:75:f9:64:a5:b9:
c9:65:35:01:ae:a4:06:f1:3f:b4:35:4a:f2:57:2f:ed:d8:e8:
2c:03:6e:18:81:3e:6d:d4:79:f7:19:c8:6b:fe:30:a1:91:49:
96:6d:b8:3c:c1:05:d8:49:a1:4a:f2:a4:80:98:0e:91:71:e6:
d6:60:dc:f9:81:67:3e:65:a7:68:a5:fe:8a:54:00:44:86:4a:
7e:c9:66:4c:18:aa:a7:e6:65:8a:7c:72:e4:22:da:09:b2:5e:
a7:01:f6:f6:21:f6:39:8c:9b:a0:63:21:c3:f3:8f:a1:2f:68:
1f:be:b8:6e:e0:d6:58:0f:50:43:14:e5:7f:d1:e1:62:10:d5:
6c:10:a2:c3:b0:18:53:ab:07:6e:6a:b3:b3:85:10:7b:c8:5d:
ac:ae:29:47:94:37:1a:e8:23:81:3e:d7:f9:95:89:55:eb:ec:
94:13:f3:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/csvoZxzqPZBMG6d+ZqdP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNjAzMDYwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMxMjFjN2FlYjZjODY3YmMwYTcxOGYxYThkMzZiNDYwOGM2ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAXniYM5FkXn/gKzb68JLPNosz0z
8iNwrULKACt64E8JBTrWolJ+Nxaojc0kgalj6amHJQHQJEYVTC7mp7iXnsfboTlu
phovN3xkVRA5qAVtxfj1I06NhOCVsSuIGhgqc5IyxpSEL3PEaSMwfBP7+au5HWyw
mFDtnGoyShdrva7T7tMoEZHFPwgSSaeXTyrY7DUKLkCfz1SVAcOhAV/wMRLvU5Om
B8iTyqDw+shcnTBD9kGY43kobbTyLPs+PDUVA/ogz29ryJohc4a6kpmtaKI5eyuV
UE5n5cNuiNFNLN7cgvn0/yxGI+1W25VuOZ7UU9ddD5F0XqywWD3724vCrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBvBIceutshnvApxjxqNNrRgjG52MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRzhFaHg2NjJ5R2U4Q25HUEdvMDJ0R0NNYm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgRuQAMF
AyoRkcADBQMqEzyAMA0GCSqGSIb3DQEBCwUAA4IBAQDDmRameEAiG50qkWCugAHO
WJCtIjlHz6VAQqjgfYazDBkRMvcDrD7Nl2N1Fx7f7DA8E0ua0kjJfuYDp5rHyWCs
Fc8YshaEl8dmCD/wFvtb39mBP/VJdflkpbnJZTUBrqQG8T+0NUryVy/t2OgsA24Y
gT5t1Hn3Gchr/jChkUmWbbg8wQXYSaFK8qSAmA6RcebWYNz5gWc+Zadopf6KVABE
hkp+yWZMGKqn5mWKfHLkItoJsl6nAfb2IfY5jJugYyHD84+hL2gfvrhu4NZYD1BD
FOV/0eFiENVsEKLDsBhTqwduarOzhRB7yF2srilHlDca6COBPtf5lYlV6+yUE/Pi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:28 2025 by rpki-client