Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/K8Bmb2c5qrIGLAwIIEqn5kZXx1Y.roa
File: K8Bmb2c5qrIGLAwIIEqn5kZXx1Y.roa (raw, json)
Hash identifier: iFiujZr4Pi5Sc3LPR28qFyYzpsaKcSEtSHJYoJ28n9M=
Subject key identifier: 2B:C0:66:6F:67:39:AA:B2:06:2C:0C:08:20:4A:A7:E6:46:57:C7:56
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018DF2F61021FA5BEE601A8B597BC50174B9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/K8Bmb2c5qrIGLAwIIEqn5kZXx1Y.roa
Signing time: Thu 29 Feb 2024 03:43:48 +0000
ROA not before: Thu 29 Feb 2024 03:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f2:f6:10:21:fa:5b:ee:60:1a:8b:59:7b:c5:01:74:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 29 03:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bc0666f6739aab2062c0c08204aa7e64657c756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d8:be:4a:b4:5b:d8:ea:94:3c:ee:6e:c8:a6:
33:84:dd:25:b3:a9:61:41:7b:df:32:e2:22:0f:23:
9f:57:76:dc:9c:1e:d9:e9:2e:b3:c0:bb:25:7f:a2:
6d:94:cc:f0:11:ba:23:8d:5c:ff:a0:34:88:7c:53:
67:d1:23:1a:06:66:db:91:08:c4:a2:b3:7e:1a:9f:
09:5d:ca:71:ef:b0:7e:ee:53:f2:ee:bd:fb:0b:92:
c7:b1:41:99:c7:e4:b7:12:68:11:a3:0a:93:fd:e7:
63:03:ee:93:88:fd:cb:59:27:49:91:37:4f:0a:aa:
37:57:be:76:37:be:e6:aa:d2:0d:af:01:6a:a7:73:
a6:36:2c:41:f6:80:e5:4a:6b:b7:0a:a7:2b:8d:50:
ae:05:fd:6a:a5:af:83:55:ad:c4:ac:79:96:b8:b7:
6a:27:e3:a2:b2:85:6b:f4:27:6d:a5:36:57:8d:da:
35:b8:09:00:1e:b6:82:d7:0f:a3:bc:ac:48:a6:9d:
2c:3d:af:3f:39:6b:ab:8d:bc:4e:48:33:77:46:29:
1e:75:3f:34:4b:c2:8d:fb:1f:74:fe:30:c3:05:f4:
16:fc:4b:89:b5:cc:a5:e7:a4:f5:6f:e5:48:b8:69:
ea:df:05:f2:6c:2c:2d:e3:3e:70:ba:8d:97:af:f1:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C0:66:6F:67:39:AA:B2:06:2C:0C:08:20:4A:A7:E6:46:57:C7:56
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/K8Bmb2c5qrIGLAwIIEqn5kZXx1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e5c0::/30
2a0e:b140::/29
2a11:4b40::/32
2a11:4b44::/30
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
67:41:82:34:14:49:81:7a:63:cc:13:47:ad:36:a1:41:b6:5a:
20:ea:4d:00:b6:18:be:ed:d6:75:96:f3:04:64:88:fe:cd:53:
31:ab:e2:40:a6:41:61:33:16:ac:83:f6:53:15:5b:49:45:aa:
10:21:98:96:e3:7f:36:c2:c7:46:60:0e:63:b7:07:31:b7:c2:
b5:94:6f:d1:c2:67:70:14:22:dd:5a:d8:28:f4:7d:44:9f:0e:
c7:09:bd:7c:a0:03:9e:09:6e:2d:9b:f3:c2:6b:fe:be:0c:5e:
7a:52:12:20:b7:97:13:71:8d:e2:b9:7a:de:03:61:ac:27:70:
62:79:7a:42:9a:8c:be:a9:b7:48:f2:d2:76:b7:fa:c3:93:49:
a5:bb:6c:ac:40:b5:52:2a:d0:52:af:7e:42:90:89:e5:8a:11:
b8:b6:fc:d8:9e:a8:71:25:59:23:47:76:08:fb:ae:93:66:4b:
39:1c:a2:37:1c:ee:65:39:d7:3a:c8:1a:6a:8d:23:19:83:a7:
86:70:e6:a9:0a:91:71:91:c5:0a:42:89:c7:1f:65:4c:36:15:
5b:1c:f9:38:8f:bd:bf:21:9e:4a:66:2c:77:0d:0f:30:08:b7:
a0:a5:e1:86:6b:88:87:67:7d:75:11:c0:a4:00:b4:8e:f1:5c:
cc:fc:9a:e7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY3y9hAh+lvuYBqLWXvFAXS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMjI5MDM0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmMwNjY2ZjY3MzlhYWIyMDYyYzBjMDgyMDRhYTdlNjQ2NTdjNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9i+SrRb2OqUPO5uyKYzhN0ls6lh
QXvfMuIiDyOfV3bcnB7Z6S6zwLslf6JtlMzwEbojjVz/oDSIfFNn0SMaBmbbkQjE
orN+Gp8JXcpx77B+7lPy7r37C5LHsUGZx+S3EmgRowqT/edjA+6TiP3LWSdJkTdP
Cqo3V752N77mqtINrwFqp3OmNixB9oDlSmu3CqcrjVCuBf1qpa+DVa3ErHmWuLdq
J+OisoVr9CdtpTZXjdo1uAkAHraC1w+jvKxIpp0sPa8/OWurjbxOSDN3RikedT80
S8KN+x90/jDDBfQW/EuJtcyl56T1b+VIuGnq3wXybCwt4z5wuo2Xr/ERzQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCvAZm9nOaqyBiwMCCBKp+ZGV8dWMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSzhCbWIyYzVxcklHTEF3SUlFcW41a1pYeDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUCKgnlwAMF
AyoOsUADBQAqEUtAAwUCKhFLRDAOAwUAKhKjQwMFACoSo0QDBQAqEqNGMA0GCSqG
SIb3DQEBCwUAA4IBAQBnQYI0FEmBemPME0etNqFBtlog6k0Athi+7dZ1lvMEZIj+
zVMxq+JApkFhMxasg/ZTFVtJRaoQIZiW4382wsdGYA5jtwcxt8K1lG/RwmdwFCLd
Wtgo9H1Enw7HCb18oAOeCW4tm/PCa/6+DF56UhIgt5cTcY3iuXreA2GsJ3BieXpC
moy+qbdI8tJ2t/rDk0mlu2ysQLVSKtBSr35CkInlihG4tvzYnqhxJVkjR3YI+66T
Zks5HKI3HO5lOdc6yBpqjSMZg6eGcOapCpFxkcUKQonHH2VMNhVbHPk4j72/IZ5K
Zix3DQ8wCLegpeGGa4iHZ311EcCkALSO8VzM/Jrn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:01 2025 by rpki-client