Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/8QBjsE2-qyFJE5_c094GHKXpPss.roa
File: 8QBjsE2-qyFJE5_c094GHKXpPss.roa (raw, json)
Hash identifier: /dxosJQl+DHlY4cuvDqERVTbNERv69bQoT0D/2fyCs8=
Subject key identifier: F1:00:63:B0:4D:BE:AB:21:49:13:9F:DC:D3:DE:06:1C:A5:E9:3E:CB
Certificate issuer: /CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
Certificate serial: 019420D5F9C3F68B81455CF6C7EF2A979B9B
Authority key identifier: B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/8QBjsE2-qyFJE5_c094GHKXpPss.roa
Signing time: Wed 01 Jan 2025 07:48:01 +0000
ROA not before: Wed 01 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1133
IP address blocks: 130.89.0.0/16 maxlen: 16
2001:67c:2564::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f9:c3:f6:8b:81:45:5c:f6:c7:ef:2a:97:9b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ef7c76ab3e6971d8f87302ddf92cc6098849ea
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f10063b04dbeab2149139fdcd3de061ca5e93ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d1:0a:8d:3c:90:f1:39:b6:5e:2c:61:e0:23:
77:a7:f0:35:c2:97:52:3e:ec:94:eb:4a:f7:b2:15:
44:62:4e:e6:36:0d:57:ae:3c:2c:ec:f4:c3:24:6a:
28:80:8f:96:0e:dc:f4:56:e2:9f:e9:83:c7:23:06:
65:82:d0:56:ee:d9:ee:f2:6d:a7:2f:04:b9:28:0f:
f3:1b:9a:8b:6f:88:3b:dc:9c:b1:6a:ba:56:37:64:
b3:2e:ac:76:58:de:f7:f4:5c:09:92:88:f2:2b:fa:
53:bb:52:ca:34:64:2a:0e:cc:49:96:b6:83:d5:69:
e4:7a:ac:34:35:95:36:d5:2f:85:0f:9e:c4:d4:bb:
03:fb:7e:9a:23:b5:32:68:b1:25:0f:85:35:f0:f0:
12:20:02:7c:b5:77:22:ec:96:34:e9:6c:92:b5:63:
7d:f0:80:f3:18:47:2d:ae:88:a9:ed:94:cd:ad:ea:
30:64:b5:f0:cc:09:86:cb:bf:a0:3b:a6:63:2a:5a:
fc:9a:1b:79:8a:96:1c:2c:dd:63:61:94:59:eb:81:
bd:17:dc:dc:c8:c0:ca:8f:c5:a6:02:04:11:50:1f:
52:ed:58:84:55:25:8f:78:52:5b:99:b2:dc:53:ac:
06:c0:d7:37:02:fe:f1:b3:5f:f4:4b:4a:8a:ab:9c:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:00:63:B0:4D:BE:AB:21:49:13:9F:DC:D3:DE:06:1C:A5:E9:3E:CB
X509v3 Authority Key Identifier:
keyid:B3:EF:7C:76:AB:3E:69:71:D8:F8:73:02:DD:F9:2C:C6:09:88:49:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-98dqs-aXHY-HMC3fksxgmISeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/8QBjsE2-qyFJE5_c094GHKXpPss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/74980e-74f9-4b5e-9cf2-69711fe83d23/1/s-98dqs-aXHY-HMC3fksxgmISeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.89.0.0/16
IPv6:
2001:67c:2564::/48
Signature Algorithm: sha256WithRSAEncryption
84:ef:75:ee:90:d8:b9:bc:23:af:83:96:6a:be:3b:98:16:00:
cb:90:4e:e4:ec:fa:a1:5f:7b:2a:9b:0f:63:fa:04:2d:83:de:
8d:75:9a:26:8c:af:c6:96:36:ef:be:c8:c0:3a:ce:db:da:d2:
88:75:e2:9c:bd:6c:81:5a:a7:2e:c4:1e:49:0c:d5:be:21:57:
c1:94:68:fa:b9:7f:62:2f:c2:cd:75:df:18:3e:12:ed:30:11:
cf:d5:f0:b8:7d:dc:94:23:2d:b6:2c:c8:93:e8:76:a9:d0:35:
87:7f:76:58:82:c1:b7:47:7f:5a:e6:99:92:13:67:cf:02:2a:
d4:8b:1c:f4:bd:a0:80:2a:d4:11:1a:e7:da:cc:73:a5:df:5d:
86:67:94:b0:28:d4:18:55:39:74:c9:22:6c:15:3d:23:6f:ce:
0c:79:10:16:a7:8e:1d:05:37:b7:b3:23:a7:18:05:93:85:79:
d0:78:c1:f2:4e:91:96:92:3a:95:b7:d5:6a:39:5f:fd:74:52:
99:b7:7c:18:ab:81:68:82:4e:ad:30:c5:34:0c:fe:45:4f:82:
12:f6:b5:a8:72:7a:6e:bc:30:0d:02:21:66:aa:bc:16:aa:ee:
9d:0d:e9:b9:67:26:9c:aa:25:3b:a6:71:e3:13:6a:57:4a:1c:
79:46:f3:73
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQg1fnD9ouBRVz2x+8ql5ubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWY3Yzc2YWIzZTY5NzFkOGY4NzMwMmRkZjkyY2M2MDk4
ODQ5ZWEwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTAwNjNiMDRkYmVhYjIxNDkxMzlmZGNkM2RlMDYxY2E1ZTkzZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NEKjTyQ8Tm2Xixh4CN3p/A1wpdS
PuyU60r3shVEYk7mNg1Xrjws7PTDJGoogI+WDtz0VuKf6YPHIwZlgtBW7tnu8m2n
LwS5KA/zG5qLb4g73JyxarpWN2SzLqx2WN739FwJkojyK/pTu1LKNGQqDsxJlraD
1Wnkeqw0NZU21S+FD57E1LsD+36aI7UyaLElD4U18PASIAJ8tXci7JY06WyStWN9
8IDzGEctroip7ZTNreowZLXwzAmGy7+gO6ZjKlr8mht5ipYcLN1jYZRZ64G9F9zc
yMDKj8WmAgQRUB9S7ViEVSWPeFJbmbLcU6wGwNc3Av7xs1/0S0qKq5xB6QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPEAY7BNvqshSROf3NPeBhyl6T7LMB8GA1UdIwQY
MBaAFLPvfHarPmlx2PhzAt35LMYJiEnqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy05OGRxcy1hWEhZLUhNQzNma3N4Z21JU2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS83NDk4MGUtNzRmOS00YjVlLTljZjIt
Njk3MTFmZTgzZDIzLzEvOFFCanNFMi1xeUZKRTVfYzA5NEdIS1hwUHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS83NDk4MGUtNzRmOS00YjVlLTljZjItNjk3MTFmZTgzZDIz
LzEvcy05OGRxcy1hWEhZLUhNQzNma3N4Z21JU2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAglkwDwQC
AAIwCQMHACABBnwlZDANBgkqhkiG9w0BAQsFAAOCAQEAhO917pDYubwjr4OWar47
mBYAy5BO5Oz6oV97KpsPY/oELYPejXWaJoyvxpY2777IwDrO29rSiHXinL1sgVqn
LsQeSQzVviFXwZRo+rl/Yi/CzXXfGD4S7TARz9XwuH3clCMttizIk+h2qdA1h392
WILBt0d/WuaZkhNnzwIq1Isc9L2ggCrUERrn2sxzpd9dhmeUsCjUGFU5dMkibBU9
I2/ODHkQFqeOHQU3t7MjpxgFk4V50HjB8k6RlpI6lbfVajlf/XRSmbd8GKuBaIJO
rTDFNAz+RU+CEva1qHJ6brwwDQIhZqq8FqrunQ3puWcmnKolO6Zx4xNqV0oceUbz
cw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:18:12 2025 by rpki-client