Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/h6nE54Shafgrn5ajlQ98f6wuqhw.roa
File: h6nE54Shafgrn5ajlQ98f6wuqhw.roa (raw, json)
Hash identifier: tS3xG7skdZsbz0SADopCjZInRyyF4u/OXMlOWBc1l2E=
Subject key identifier: 87:A9:C4:E7:84:A1:69:F8:2B:9F:96:A3:95:0F:7C:7F:AC:2E:AA:1C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018F568B3D0B720598212058963C8289A753
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/h6nE54Shafgrn5ajlQ98f6wuqhw.roa
Signing time: Wed 08 May 2024 04:51:56 +0000
ROA not before: Wed 08 May 2024 04:51:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 2a09:e2c4::/30 maxlen: 30
2a10:4102::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 16 May 2024 03:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:56:8b:3d:0b:72:05:98:21:20:58:96:3c:82:89:a7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 8 04:51:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a9c4e784a169f82b9f96a3950f7c7fac2eaa1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:d7:92:1e:b3:cc:bb:d5:5e:12:05:b1:a4:
d7:00:18:4b:1a:f3:6f:d9:40:b4:42:20:0a:85:4e:
92:65:93:b1:1f:44:58:dd:d3:0a:3b:46:1a:15:ea:
b8:c6:6e:33:39:ee:e3:3d:99:d4:0f:eb:3a:0c:ec:
f8:82:c3:05:3b:55:f6:dd:1e:5f:75:5d:7e:2d:d9:
a1:a8:fe:9b:99:26:46:12:41:a3:56:39:ec:eb:76:
46:84:10:b7:dd:1e:b9:62:fa:b0:6a:d6:1e:31:ba:
6f:55:0e:a1:8c:e1:a5:fe:41:ce:ad:f0:4b:49:aa:
db:6d:8d:d2:be:d8:54:36:09:80:4a:e7:2b:92:e8:
05:72:81:82:26:77:5e:ce:af:fa:41:f2:1e:d5:9b:
c6:16:fa:c6:64:0b:51:2c:9e:a5:c2:df:84:d9:6d:
3f:02:67:ba:ae:0a:6a:e0:d1:2b:2f:ad:66:46:83:
22:5e:be:c5:83:d1:11:c4:11:84:d2:41:e5:f9:bd:
9c:64:ea:1b:67:18:e8:f6:f7:fb:be:94:29:ac:e1:
d1:00:8b:a5:96:51:12:a2:23:b0:b8:c9:72:2b:11:
d4:2a:5b:83:dc:9a:b1:2a:e3:5b:3d:14:76:38:ce:
1d:11:d6:c4:20:26:50:5d:5b:e5:be:c7:38:8e:89:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A9:C4:E7:84:A1:69:F8:2B:9F:96:A3:95:0F:7C:7F:AC:2E:AA:1C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/h6nE54Shafgrn5ajlQ98f6wuqhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e2c4::/30
2a10:4102::/32
2a12:c300::/29
Signature Algorithm: sha256WithRSAEncryption
36:08:a9:24:be:ea:01:da:fb:0d:ed:43:f3:18:20:8d:5c:d9:
ec:e2:60:05:07:90:c7:45:50:d9:36:8b:c4:9e:0b:ba:c4:b9:
d7:91:7b:da:72:a6:5b:66:6c:ea:82:19:52:ae:7b:09:8c:5d:
87:ae:4b:c8:8e:14:83:9e:aa:94:6e:3d:ce:ea:38:85:f2:e5:
c3:24:26:9b:28:67:2b:1c:c4:52:09:bf:d7:ee:ef:50:04:d2:
47:7e:8b:69:05:0c:b5:87:fd:ac:7e:75:24:b9:14:68:1d:1b:
f1:7b:15:15:28:2a:8c:26:5f:10:17:f4:41:44:d7:2e:be:73:
af:5d:ed:78:f8:d6:30:47:07:d2:0c:fa:02:2c:4d:28:ca:e4:
fb:10:47:e7:e1:2a:18:73:4d:f8:d4:5b:80:d5:d5:9d:a5:af:
e4:9f:a8:ca:8e:5d:50:96:42:a4:a4:26:e5:17:7f:25:92:74:
cb:20:95:ec:09:9c:60:22:9b:5e:ac:79:ee:5c:56:da:7a:05:
ab:99:6e:ea:5d:4a:43:88:45:f6:5d:59:e4:f2:ef:39:40:50:
c2:62:de:ee:d8:69:7b:48:05:bf:b6:48:b1:de:fc:c2:15:61:
4e:4a:ac:34:5f:44:5f:69:7f:b1:01:cd:61:97:a4:ac:d0:da:
e9:84:36:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY9Wiz0LcgWYISBYljyCiadTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTA4MDQ1MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E5YzRlNzg0YTE2OWY4MmI5Zjk2YTM5NTBmN2M3ZmFjMmVhYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJPXkh6zzLvVXhIFsaTXABhLGvNv
2UC0QiAKhU6SZZOxH0RY3dMKO0YaFeq4xm4zOe7jPZnUD+s6DOz4gsMFO1X23R5f
dV1+LdmhqP6bmSZGEkGjVjns63ZGhBC33R65YvqwatYeMbpvVQ6hjOGl/kHOrfBL
SarbbY3SvthUNgmASucrkugFcoGCJndezq/6QfIe1ZvGFvrGZAtRLJ6lwt+E2W0/
Ame6rgpq4NErL61mRoMiXr7Fg9ERxBGE0kHl+b2cZOobZxjo9vf7vpQprOHRAIul
llESoiOwuMlyKxHUKluD3JqxKuNbPRR2OM4dEdbEICZQXVvlvsc4jolAOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIepxOeEoWn4K5+Wo5UPfH+sLqocMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvaDZuRTU0U2hhZmdybjVhamxROThmNnd1cWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUCKgnixAMF
ACoQQQIDBQMqEsMAMA0GCSqGSIb3DQEBCwUAA4IBAQA2CKkkvuoB2vsN7UPzGCCN
XNns4mAFB5DHRVDZNovEngu6xLnXkXvacqZbZmzqghlSrnsJjF2HrkvIjhSDnqqU
bj3O6jiF8uXDJCabKGcrHMRSCb/X7u9QBNJHfotpBQy1h/2sfnUkuRRoHRvxexUV
KCqMJl8QF/RBRNcuvnOvXe14+NYwRwfSDPoCLE0oyuT7EEfn4SoYc0341FuA1dWd
pa/kn6jKjl1QlkKkpCblF38lknTLIJXsCZxgIpterHnuXFbaegWrmW7qXUpDiEX2
XVnk8u85QFDCYt7u2Gl7SAW/tkix3vzCFWFOSqw0X0RfaX+xAc1hl6Ss0NrphDax
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:13 2025 by rpki-client