Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_F8I4NuLrtnTa3jdWvwsFXKl-vM.roa
File: _F8I4NuLrtnTa3jdWvwsFXKl-vM.roa (raw, json)
Hash identifier: jUDmBJqImKUHDEe3aG5AwLF98p82fJagfOcnvhpNi24=
Subject key identifier: FC:5F:08:E0:DB:8B:AE:D9:D3:6B:78:DD:5A:FC:2C:15:72:A5:FA:F3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB62FEAC9093C85E9980DFF6168399
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_F8I4NuLrtnTa3jdWvwsFXKl-vM.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:4b45::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
2a11:4b40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Jan 2024 00:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:62:fe:ac:90:93:c8:5e:99:80:df:f6:16:83:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc5f08e0db8baed9d36b78dd5afc2c1572a5faf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:23:7e:ca:bb:a4:5a:3a:cc:9d:c0:9c:e7:
e7:98:50:e6:1d:28:1d:8d:c6:10:b4:a4:49:e0:0f:
1d:af:aa:be:f8:ee:e3:03:67:2e:c9:8e:09:c2:25:
35:5e:8f:45:37:93:5d:5f:14:84:e0:e0:f5:72:26:
34:d9:62:72:c6:40:99:b6:4d:5d:11:9d:1e:0d:3b:
c3:94:52:2e:bb:67:ab:e0:01:e7:dc:8c:4c:16:27:
6b:c5:9e:c5:19:29:fe:cc:ba:79:9a:97:0a:b3:11:
3c:16:78:fb:2d:f3:80:c0:1b:69:c2:95:55:ac:e1:
60:63:45:d6:ab:c0:6c:00:40:50:44:e3:39:49:00:
37:ac:46:7f:9d:00:5c:3a:58:29:58:0d:b6:17:40:
37:df:6d:4f:ea:c2:1b:a4:bd:ee:05:29:65:84:2e:
36:3b:14:07:d2:7f:69:2f:67:b5:01:85:e3:05:06:
1e:5e:d8:b9:3d:52:9a:18:1c:66:1c:20:1d:a5:2e:
5c:a3:d0:7d:5b:a0:69:13:9e:3c:22:72:3d:26:c3:
cc:fa:32:c2:b6:b0:70:23:80:f9:04:e2:a6:b1:9f:
86:ce:87:e0:07:01:ef:d3:c9:56:94:13:8b:a1:eb:
94:04:d9:87:d3:b8:12:7f:4a:29:68:88:f8:aa:2b:
b9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5F:08:E0:DB:8B:AE:D9:D3:6B:78:DD:5A:FC:2C:15:72:A5:FA:F3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_F8I4NuLrtnTa3jdWvwsFXKl-vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a11:4b45::/32
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
8e:f6:36:12:6b:94:8c:e1:84:38:c7:f6:c2:a6:ed:38:c1:a7:
46:13:53:49:45:9f:06:eb:97:4d:ea:00:31:10:16:fb:bb:99:
e9:91:74:79:b5:79:57:87:d7:71:fa:ce:1d:22:80:7e:fb:86:
c6:d8:46:ea:b4:e9:71:5f:b6:30:68:0b:e0:14:b8:9e:04:3f:
f3:8b:98:5e:0b:78:4f:2f:c3:5a:e9:f3:1b:46:85:e0:33:69:
b4:e7:c5:c8:e0:70:c5:3e:08:38:d9:5d:c3:22:f3:75:81:9f:
80:b0:73:63:5e:67:20:6c:38:73:a9:e1:b8:09:47:56:71:66:
c6:d6:af:70:80:ed:5e:94:7c:af:ec:80:e8:f7:11:99:3b:28:
e5:60:8b:20:0a:7d:f7:2a:f5:f1:ac:1f:d3:85:b0:37:10:dd:
64:4e:4d:7c:0d:49:82:8f:ec:4d:21:fe:bd:0e:aa:2a:aa:56:
0f:f1:32:95:c2:67:17:c9:5d:2f:40:30:fc:62:fc:86:e3:40:
76:78:b5:96:60:81:cf:35:be:e4:10:b4:a2:fe:14:3b:a7:c8:
d9:09:6c:ab:7f:d2:5f:3a:88:f9:29:f2:0f:3e:c2:db:92:5a:
ee:80:cf:c8:15:b6:ff:53:91:c7:40:86:96:ae:64:b8:fb:78:
77:ae:20:03
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC22L+rJCTyF6ZgN/2FoOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzVmMDhlMGRiOGJhZWQ5ZDM2Yjc4ZGQ1YWZjMmMxNTcyYTVmYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp44jfsq7pFo6zJ3AnOfnmFDmHSgd
jcYQtKRJ4A8dr6q++O7jA2cuyY4JwiU1Xo9FN5NdXxSE4OD1ciY02WJyxkCZtk1d
EZ0eDTvDlFIuu2er4AHn3IxMFidrxZ7FGSn+zLp5mpcKsxE8Fnj7LfOAwBtpwpVV
rOFgY0XWq8BsAEBQROM5SQA3rEZ/nQBcOlgpWA22F0A3321P6sIbpL3uBSllhC42
OxQH0n9pL2e1AYXjBQYeXti5PVKaGBxmHCAdpS5co9B9W6BpE548InI9JsPM+jLC
trBwI4D5BOKmsZ+GzofgBwHv08lWlBOLoeuUBNmH07gSf0opaIj4qiu55wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPxfCODbi67Z02t43Vr8LBVypfrzMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvX0Y4STROdUxydG5UYTNqZFd2d3NGWEtsLXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFLQAMF
ACoRS0UDBQAqEqNGMA0GCSqGSIb3DQEBCwUAA4IBAQCO9jYSa5SM4YQ4x/bCpu04
wadGE1NJRZ8G65dN6gAxEBb7u5npkXR5tXlXh9dx+s4dIoB++4bG2EbqtOlxX7Yw
aAvgFLieBD/zi5heC3hPL8Na6fMbRoXgM2m058XI4HDFPgg42V3DIvN1gZ+AsHNj
XmcgbDhzqeG4CUdWcWbG1q9wgO1elHyv7IDo9xGZOyjlYIsgCn33KvXxrB/ThbA3
EN1kTk18DUmCj+xNIf69DqoqqlYP8TKVwmcXyV0vQDD8YvyG40B2eLWWYIHPNb7k
ELSi/hQ7p8jZCWyrf9JfOoj5KfIPPsLbklrugM/IFbb/U5HHQIaWrmS4+3h3riAD
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:59 2025 by rpki-client