Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8mXi3kexpPcCNhYK645kpeJwbN0.roa
File: 8mXi3kexpPcCNhYK645kpeJwbN0.roa (raw, json)
Hash identifier: cEW15MToWZE2/ZlonmwZvPHhz4DD/tkBoLbCInVVhoI=
Subject key identifier: F2:65:E2:DE:47:B1:A4:F7:02:36:16:0A:EB:8E:64:A5:E2:70:6C:DD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0194F65267AC7721F24413E82D01A45E0ACE
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8mXi3kexpPcCNhYK645kpeJwbN0.roa
Signing time: Tue 11 Feb 2025 18:43:03 +0000
ROA not before: Tue 11 Feb 2025 18:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:b385::/32 maxlen: 32
2a0b:9005::/32 maxlen: 32
2a0f:3105::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Feb 2025 17:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f6:52:67:ac:77:21:f2:44:13:e8:2d:01:a4:5e:0a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 11 18:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f265e2de47b1a4f70236160aeb8e64a5e2706cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:26:aa:3a:9b:aa:1c:35:10:d6:13:26:2c:81:
08:53:57:e0:a4:18:38:bd:2c:dd:e1:59:e6:f4:14:
45:4a:fb:e3:fe:40:15:60:d4:4f:e2:73:60:bc:c6:
fa:2b:2b:96:c5:79:66:fd:5b:1f:13:db:e8:fe:cc:
39:8a:67:fa:b1:6a:b6:5e:ae:f9:03:73:dc:6b:e6:
24:88:84:b7:ab:51:ee:41:11:8e:25:4c:07:c3:a6:
92:b3:b6:bb:80:16:44:bd:3a:f4:9c:24:71:05:55:
89:16:96:5a:9e:96:7f:9c:e0:be:64:4c:b8:90:08:
89:15:b7:d5:87:a2:da:06:b1:e8:89:7a:ff:1f:4f:
89:e6:7f:0d:a1:4c:6e:b9:e9:62:6e:aa:7d:35:45:
42:4e:63:e3:63:66:bf:ff:a4:5c:35:23:31:46:e9:
a9:88:35:f1:1e:db:99:bf:45:50:76:8c:f5:2c:35:
2e:6f:45:f1:43:8c:cf:a3:c4:46:3f:b6:9e:8c:0f:
b7:4e:d7:c5:05:bd:51:42:d4:69:19:e1:84:f1:8b:
31:cd:f9:7a:d8:c8:bb:7b:e3:b4:c5:16:a6:39:77:
dd:a4:c1:29:7a:bc:d4:8b:34:cd:fa:b5:e9:92:c0:
56:15:5b:fd:fc:d5:55:b4:88:10:dc:c7:c0:56:a8:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:65:E2:DE:47:B1:A4:F7:02:36:16:0A:EB:8E:64:A5:E2:70:6C:DD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8mXi3kexpPcCNhYK645kpeJwbN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b385::/32
2a0b:9005::/32
2a0f:3105::/32
Signature Algorithm: sha256WithRSAEncryption
cb:db:7f:bc:61:bf:3c:a7:da:86:d7:b8:6c:75:fa:73:5e:64:
2d:83:48:a7:bf:3a:06:49:d0:d6:6d:79:7b:73:aa:9d:53:db:
9f:7e:a0:53:73:78:58:f7:18:9a:0a:e9:12:97:f0:18:66:40:
51:b2:aa:e5:37:cf:7f:f0:1f:dc:56:ff:2a:00:27:b2:93:eb:
7a:78:f2:84:c0:da:9d:03:b3:51:d8:08:99:7f:09:79:4a:88:
d8:45:d9:89:d7:33:d5:7e:2d:56:7c:cb:31:1c:3b:80:d6:53:
6d:d6:ca:64:d8:21:65:4e:04:c9:87:bd:d6:63:cc:a8:01:28:
ac:1e:0d:45:8f:6b:a9:36:a9:c0:f4:17:10:da:44:a3:5d:b0:
5a:ee:ad:5f:bc:96:23:76:be:07:77:12:e2:a4:99:52:ea:c4:
5f:ab:03:08:c8:df:fc:7a:70:33:62:10:b5:92:9a:de:0f:1b:
a0:e4:f7:96:e1:8f:93:2c:d7:f2:65:f0:52:c7:02:88:e7:08:
4b:c4:da:a2:e1:04:25:db:ce:e4:da:67:99:27:00:c8:b9:63:
5e:02:47:9f:cb:5f:cc:99:8a:aa:e4:dd:61:59:60:d3:56:66:
9b:e0:6f:4b:63:d2:90:b9:f3:f5:66:93:07:df:49:6e:33:09:
c1:dd:75:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZT2UmesdyHyRBPoLQGkXgrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMjExMTg0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY1ZTJkZTQ3YjFhNGY3MDIzNjE2MGFlYjhlNjRhNWUyNzA2Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCaqOpuqHDUQ1hMmLIEIU1fgpBg4
vSzd4Vnm9BRFSvvj/kAVYNRP4nNgvMb6KyuWxXlm/VsfE9vo/sw5imf6sWq2Xq75
A3Pca+YkiIS3q1HuQRGOJUwHw6aSs7a7gBZEvTr0nCRxBVWJFpZanpZ/nOC+ZEy4
kAiJFbfVh6LaBrHoiXr/H0+J5n8NoUxuuelibqp9NUVCTmPjY2a//6RcNSMxRump
iDXxHtuZv0VQdoz1LDUub0XxQ4zPo8RGP7aejA+3TtfFBb1RQtRpGeGE8Ysxzfl6
2Mi7e+O0xRamOXfdpMEperzUizTN+rXpksBWFVv9/NVVtIgQ3MfAVqhHZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPJl4t5HsaT3AjYWCuuOZKXicGzdMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvOG1YaTNrZXhwUGNDTmhZSzY0NWtwZUp3Yk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgqzhQMF
ACoLkAUDBQAqDzEFMA0GCSqGSIb3DQEBCwUAA4IBAQDL23+8Yb88p9qG17hsdfpz
XmQtg0invzoGSdDWbXl7c6qdU9uffqBTc3hY9xiaCukSl/AYZkBRsqrlN89/8B/c
Vv8qACeyk+t6ePKEwNqdA7NR2AiZfwl5SojYRdmJ1zPVfi1WfMsxHDuA1lNt1spk
2CFlTgTJh73WY8yoASisHg1Fj2upNqnA9BcQ2kSjXbBa7q1fvJYjdr4HdxLipJlS
6sRfqwMIyN/8enAzYhC1kpreDxug5PeW4Y+TLNfyZfBSxwKI5whLxNqi4QQl287k
2meZJwDIuWNeAkefy1/MmYqq5N1hWWDTVmab4G9LY9KQufP1ZpMH30luMwnB3XXB
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:39:03 2025 by rpki-client