Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/puh0WHew73gc6Aoy3Lkk6GlJsuo.roa
File: puh0WHew73gc6Aoy3Lkk6GlJsuo.roa (raw, json)
Hash identifier: 8nFgkqg9YSUSWvllkQIcQ6EG54meeq204q7Ih08m5qg=
Subject key identifier: A6:E8:74:58:77:B0:EF:78:1C:E8:0A:32:DC:B9:24:E8:69:49:B2:EA
Certificate issuer: /CN=acde2358f57439c44f6b1662f55615a0aab6bacb
Certificate serial: 018ADAC1C6F779F7AC0AA81A0E36446337EA
Authority key identifier: AC:DE:23:58:F5:74:39:C4:4F:6B:16:62:F5:56:15:A0:AA:B6:BA:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rN4jWPV0OcRPaxZi9VYVoKq2uss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/puh0WHew73gc6Aoy3Lkk6GlJsuo.roa
Signing time: Thu 28 Sep 2023 07:47:27 +0000
ROA not before: Thu 28 Sep 2023 07:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202204
IP address blocks: 2a09:5c0::/29 maxlen: 48
2a00:ea0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:c1:c6:f7:79:f7:ac:0a:a8:1a:0e:36:44:63:37:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acde2358f57439c44f6b1662f55615a0aab6bacb
Validity
Not Before: Sep 28 07:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6e8745877b0ef781ce80a32dcb924e86949b2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:4e:7c:bf:9d:ca:97:2f:65:59:0a:9e:c7:
ae:6d:bb:b4:30:1f:ea:43:2a:3c:ab:9b:07:ba:22:
4d:1a:90:cd:3c:9a:77:7a:4d:25:15:7c:72:2e:81:
30:4e:01:ea:75:dd:ac:43:dc:f8:f7:ad:4b:7d:00:
19:c4:ad:cc:b9:75:14:25:3c:64:20:58:0d:d8:18:
b1:15:f2:c3:ab:9b:99:32:ca:01:fc:e8:88:55:cd:
29:b5:98:da:86:b7:e2:e3:17:06:05:ee:2d:e8:d1:
41:5e:a8:f8:05:cf:cd:bf:23:37:13:8d:09:81:78:
ae:92:d9:6f:bb:d0:61:df:d6:16:43:30:bb:b0:d6:
9e:2a:ea:70:b2:04:81:ce:11:2c:bc:03:aa:50:7c:
d1:1a:14:71:ee:8a:c5:82:a4:06:52:84:04:cd:70:
9d:80:81:3f:e8:77:fc:2e:6b:fe:d0:c1:e2:c1:cc:
61:59:48:9b:19:43:c8:7b:f3:44:17:7f:c9:75:c5:
2d:4b:96:c1:71:f3:47:c4:a2:ee:50:ec:4f:10:28:
17:81:d8:db:8f:93:b9:f5:cc:03:97:bb:50:42:13:
a9:ad:00:36:0d:8d:21:ae:89:e6:37:fa:27:c6:df:
41:64:36:b4:4c:82:5c:e7:f1:f6:ef:bf:ff:8b:87:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E8:74:58:77:B0:EF:78:1C:E8:0A:32:DC:B9:24:E8:69:49:B2:EA
X509v3 Authority Key Identifier:
keyid:AC:DE:23:58:F5:74:39:C4:4F:6B:16:62:F5:56:15:A0:AA:B6:BA:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rN4jWPV0OcRPaxZi9VYVoKq2uss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/puh0WHew73gc6Aoy3Lkk6GlJsuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b65e33-f947-4968-a27c-dd99d397e4d6/1/rN4jWPV0OcRPaxZi9VYVoKq2uss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ea0::/29
2a09:5c0::/29
Signature Algorithm: sha256WithRSAEncryption
54:7c:9a:9c:60:85:ec:2a:41:32:20:3d:a9:13:11:f0:ba:20:
53:d5:37:35:73:a0:b4:7f:4a:b9:b4:5d:74:a4:8d:c2:b9:75:
b6:9f:d5:71:4f:3c:f7:8c:9a:22:e3:79:c3:62:21:39:51:0d:
2d:f9:6e:8d:80:e2:ea:a9:95:1f:60:aa:09:6e:e4:07:87:82:
1c:8a:69:7f:44:84:0e:5c:5a:c9:aa:0f:51:29:aa:71:88:68:
e2:3d:59:5d:47:70:d2:b5:c9:5c:d0:31:fc:ed:f7:35:f6:b6:
fc:e5:66:d0:a8:40:07:34:6a:b5:af:11:48:e8:fb:6f:ec:f4:
73:ef:5f:9a:48:61:bd:e4:a1:d3:ed:13:e6:7b:86:e1:47:e1:
7f:4e:95:8b:32:d4:3f:98:7c:fe:2d:d3:08:22:47:eb:33:4b:
5d:0f:f0:87:84:00:ce:fd:e7:62:d4:5e:d9:f0:88:c4:fe:f8:
f6:93:31:11:5d:4d:01:8a:4d:7e:fd:a3:4f:d1:11:85:c8:21:
5b:ea:79:fe:d3:3f:44:f4:aa:9c:95:6c:82:2b:1e:06:1e:9e:
6e:f5:a7:77:82:b2:5f:0f:02:c0:11:8a:82:1b:9f:fb:c1:62:
c5:18:22:22:6f:fc:20:16:6f:a3:a5:d2:b5:ee:4c:91:1c:e7:
50:1f:ed:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrawcb3efesCqgaDjZEYzfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZGUyMzU4ZjU3NDM5YzQ0ZjZiMTY2MmY1NTYxNWEwYWFi
NmJhY2IwHhcNMjMwOTI4MDc0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU4NzQ1ODc3YjBlZjc4MWNlODBhMzJkY2I5MjRlODY5NDliMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW5OfL+dypcvZVkKnseubbu0MB/q
Qyo8q5sHuiJNGpDNPJp3ek0lFXxyLoEwTgHqdd2sQ9z4961LfQAZxK3MuXUUJTxk
IFgN2BixFfLDq5uZMsoB/OiIVc0ptZjahrfi4xcGBe4t6NFBXqj4Bc/NvyM3E40J
gXiuktlvu9Bh39YWQzC7sNaeKupwsgSBzhEsvAOqUHzRGhRx7orFgqQGUoQEzXCd
gIE/6Hf8Lmv+0MHiwcxhWUibGUPIe/NEF3/JdcUtS5bBcfNHxKLuUOxPECgXgdjb
j5O59cwDl7tQQhOprQA2DY0hronmN/onxt9BZDa0TIJc5/H277//i4eN5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKbodFh3sO94HOgKMty5JOhpSbLqMB8GA1UdIwQY
MBaAFKzeI1j1dDnET2sWYvVWFaCqtrrLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck40aldQVjBPY1JQYXhaaTlWWVZvS3EydXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iNjVlMzMtZjk0Ny00OTY4LWEyN2Mt
ZGQ5OWQzOTdlNGQ2LzEvcHVoMFdIZXc3M2djNkFveTNMa2s2R2xKc3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iNjVlMzMtZjk0Ny00OTY4LWEyN2MtZGQ5OWQzOTdlNGQ2
LzEvck40aldQVjBPY1JQYXhaaTlWWVZvS3EydXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgAOoAMF
AyoJBcAwDQYJKoZIhvcNAQELBQADggEBAFR8mpxghewqQTIgPakTEfC6IFPVNzVz
oLR/Srm0XXSkjcK5dbaf1XFPPPeMmiLjecNiITlRDS35bo2A4uqplR9gqglu5AeH
ghyKaX9EhA5cWsmqD1EpqnGIaOI9WV1HcNK1yVzQMfzt9zX2tvzlZtCoQAc0arWv
EUjo+2/s9HPvX5pIYb3kodPtE+Z7huFH4X9OlYsy1D+YfP4t0wgiR+szS10P8IeE
AM7952LUXtnwiMT++PaTMRFdTQGKTX79o0/REYXIIVvqef7TP0T0qpyVbIIrHgYe
nm71p3eCsl8PAsARioIbn/vBYsUYIiJv/CAWb6Ol0rXuTJEc51Af7Q0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org