Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vAfSAaKBaUUswil-sW3-OQDSyWY.roa
File: vAfSAaKBaUUswil-sW3-OQDSyWY.roa (raw, json)
Hash identifier: rKiUIurHs+eaeUioTvpQl/o/G1osS8M9u/PSgXWGUf0=
Subject key identifier: BC:07:D2:01:A2:81:69:45:2C:C2:29:7E:B1:6D:FE:39:00:D2:C9:66
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018CC726245E1729A76CFADE2E0545A3E3C7
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vAfSAaKBaUUswil-sW3-OQDSyWY.roa
Signing time: Mon 01 Jan 2024 22:30:14 +0000
ROA not before: Mon 01 Jan 2024 22:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49542
IP address blocks: 2a0e:dfc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:24:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:24:5e:17:29:a7:6c:fa:de:2e:05:45:a3:e3:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 1 22:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc07d201a28169452cc2297eb16dfe3900d2c966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0f:46:a3:2b:68:fb:f0:a8:b1:8a:a5:e0:e1:
5d:49:f4:cd:85:48:09:bb:23:99:ed:3c:9d:9a:31:
ac:96:d8:30:1f:ed:aa:6b:90:42:24:24:26:89:be:
70:dc:7f:61:74:97:3f:7e:ae:1c:15:2d:28:96:79:
c7:85:f2:23:51:30:65:f3:5b:9d:45:bb:92:4d:6c:
51:b6:b0:ba:76:37:4b:c8:22:2f:9e:c5:2d:8d:2f:
57:74:25:c0:cf:e1:1a:b6:b0:a8:77:53:7c:12:1f:
82:7c:03:48:07:9b:8d:d7:8c:cd:73:df:0d:5b:aa:
e1:c4:fd:95:32:44:f8:29:92:01:1a:0f:41:4b:a7:
d9:9c:93:e6:52:c3:60:ee:93:e5:b3:47:a4:31:b8:
eb:31:04:4f:08:50:d6:b9:91:21:dc:0f:6a:19:ae:
af:ea:8e:cd:2c:8b:17:4f:f4:dd:12:e3:a5:0f:4b:
06:24:75:8e:ce:19:d4:e6:e9:99:1d:e6:f2:70:71:
84:76:2f:22:2b:d5:df:b1:b4:0a:0e:9d:9e:5b:8b:
9d:e1:f7:03:cd:8e:4d:f1:d3:25:b0:85:d5:f0:ef:
40:40:92:65:17:fa:bb:72:ae:d1:0b:86:56:91:eb:
c9:df:fe:d3:23:27:bc:ce:6b:76:8e:1d:49:36:66:
04:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:07:D2:01:A2:81:69:45:2C:C2:29:7E:B1:6D:FE:39:00:D2:C9:66
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/vAfSAaKBaUUswil-sW3-OQDSyWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc5::/32
Signature Algorithm: sha256WithRSAEncryption
46:8c:dd:f1:b6:7b:0f:3b:a6:66:ae:61:16:c3:aa:b7:38:a2:
08:54:c6:31:5a:a0:29:a3:5c:82:61:5b:93:ec:e9:53:c5:09:
d5:0d:59:6e:10:ea:eb:a4:a9:2b:f5:3a:24:f3:1b:c7:08:ec:
47:ba:f1:8e:a9:28:dc:14:4e:cc:c4:e4:8c:6d:93:8b:23:83:
8f:42:31:1f:79:63:54:c5:a2:32:02:d2:92:74:bd:20:c6:18:
87:4b:89:6a:14:b5:e9:7d:06:98:ff:1b:0b:3a:2c:a8:b0:b6:
a1:88:5f:de:84:a7:d2:49:23:bf:fc:ef:56:8c:6f:6c:60:fb:
b6:0b:d9:66:21:2f:61:e0:4a:e6:c9:4d:cd:ef:9a:0f:5c:39:
18:4a:35:e1:d7:c5:63:2e:5a:36:96:e5:73:5c:7e:2a:80:33:
78:55:9c:db:7e:81:98:4c:43:2f:49:85:7d:f7:70:bb:a8:b1:
da:e1:7c:18:f0:50:8f:ca:2b:c7:89:26:7b:9c:c3:ca:6d:4a:
d0:4c:84:44:bd:d1:10:87:29:e4:a8:3a:74:ff:af:c2:63:42:
dc:5c:9d:d0:18:1f:03:46:89:7b:ef:d3:d2:a8:92:09:10:f2:
a1:14:28:13:ce:12:ff:ee:5a:74:c0:1c:8f:85:9e:6b:8d:55:
88:3e:6a:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJiReFymnbPreLgVFo+PHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTAxMjIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA3ZDIwMWEyODE2OTQ1MmNjMjI5N2ViMTZkZmUzOTAwZDJjOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ9Goyto+/CosYql4OFdSfTNhUgJ
uyOZ7TydmjGsltgwH+2qa5BCJCQmib5w3H9hdJc/fq4cFS0olnnHhfIjUTBl81ud
RbuSTWxRtrC6djdLyCIvnsUtjS9XdCXAz+EatrCod1N8Eh+CfANIB5uN14zNc98N
W6rhxP2VMkT4KZIBGg9BS6fZnJPmUsNg7pPls0ekMbjrMQRPCFDWuZEh3A9qGa6v
6o7NLIsXT/TdEuOlD0sGJHWOzhnU5umZHebycHGEdi8iK9XfsbQKDp2eW4ud4fcD
zY5N8dMlsIXV8O9AQJJlF/q7cq7RC4ZWkevJ3/7TIye8zmt2jh1JNmYEiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLwH0gGigWlFLMIpfrFt/jkA0slmMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvdkFmU0FhS0JhVVVzd2lsLXNXMy1PUURTeVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7fxTAN
BgkqhkiG9w0BAQsFAAOCAQEARozd8bZ7DzumZq5hFsOqtziiCFTGMVqgKaNcgmFb
k+zpU8UJ1Q1ZbhDq66SpK/U6JPMbxwjsR7rxjqko3BROzMTkjG2TiyODj0IxH3lj
VMWiMgLSknS9IMYYh0uJahS16X0GmP8bCzosqLC2oYhf3oSn0kkjv/zvVoxvbGD7
tgvZZiEvYeBK5slNze+aD1w5GEo14dfFYy5aNpblc1x+KoAzeFWc236BmExDL0mF
ffdwu6ix2uF8GPBQj8orx4kme5zDym1K0EyERL3REIcp5Kg6dP+vwmNC3Fyd0Bgf
A0aJe+/T0qiSCRDyoRQoE84S/+5adMAcj4Wea41ViD5q9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org