Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/q6UD4cl5tPdPD2jBBsPUiip7G2k.roa
File: q6UD4cl5tPdPD2jBBsPUiip7G2k.roa (raw, json)
Hash identifier: AFc8dEfFHFGJYanPPVTG92uUOVQQu75b98Wb+vevzEo=
Subject key identifier: AB:A5:03:E1:C9:79:B4:F7:4F:0F:68:C1:06:C3:D4:8A:2A:7B:1B:69
Certificate issuer: /CN=8ef8c471e83b14fc6c6cc7cfc96c1ac3e3087eae
Certificate serial: 018B3D2686321AF91CA62CEEB3C0A3F94263
Authority key identifier: 8E:F8:C4:71:E8:3B:14:FC:6C:6C:C7:CF:C9:6C:1A:C3:E3:08:7E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvjEceg7FPxsbMfPyWwaw-MIfq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/q6UD4cl5tPdPD2jBBsPUiip7G2k.roa
Signing time: Tue 17 Oct 2023 10:20:16 +0000
ROA not before: Tue 17 Oct 2023 10:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216238
IP address blocks: 2a13:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:26:86:32:1a:f9:1c:a6:2c:ee:b3:c0:a3:f9:42:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef8c471e83b14fc6c6cc7cfc96c1ac3e3087eae
Validity
Not Before: Oct 17 10:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aba503e1c979b4f74f0f68c106c3d48a2a7b1b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b5:76:2e:6c:dd:f0:0a:a9:fe:ec:fb:fb:33:
b9:86:e4:5a:de:87:21:af:30:c0:0a:e5:50:91:ba:
1c:ce:72:fb:19:d9:6f:08:e4:63:3a:81:b6:78:60:
c7:1a:42:41:dd:b7:8e:f9:45:21:28:f2:14:82:b1:
cf:5e:db:f9:c9:fb:f0:53:59:6b:12:08:37:ec:1c:
f4:56:ac:b1:a4:7c:1e:4c:4f:b7:10:fe:50:18:09:
54:41:94:3d:3f:18:8f:5f:a5:af:18:d1:d1:84:45:
88:87:25:e0:bf:ab:42:67:22:a0:2b:0d:41:5f:76:
f0:e2:39:de:19:af:df:62:e9:2c:a6:a0:69:2a:78:
2f:65:dd:80:9d:2e:55:a4:ed:1b:07:c6:29:58:4d:
6d:be:15:9b:92:85:97:ed:27:96:75:5b:f3:71:1f:
c3:81:07:c0:9d:b9:a3:39:f9:59:d6:58:35:7d:6c:
c4:8f:3c:1e:a8:e7:4c:81:e2:1f:f0:82:fa:6e:b2:
db:8a:e1:6d:a7:fe:9c:a2:e8:e1:68:9f:ed:72:f7:
13:6e:f9:17:91:3a:4b:3d:9a:7c:92:90:57:df:d3:
f5:81:68:2e:2e:a3:ce:57:60:ab:b5:b8:ff:b6:8f:
ab:a8:5d:75:b7:64:ec:47:98:6c:49:28:9b:c7:a8:
2c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A5:03:E1:C9:79:B4:F7:4F:0F:68:C1:06:C3:D4:8A:2A:7B:1B:69
X509v3 Authority Key Identifier:
keyid:8E:F8:C4:71:E8:3B:14:FC:6C:6C:C7:CF:C9:6C:1A:C3:E3:08:7E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvjEceg7FPxsbMfPyWwaw-MIfq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/q6UD4cl5tPdPD2jBBsPUiip7G2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/jvjEceg7FPxsbMfPyWwaw-MIfq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:f1:3d:ae:c5:a6:ec:f2:fa:4c:d2:b6:34:53:5c:9f:1b:e7:
83:0f:69:88:65:c8:fa:b4:5d:e9:22:fc:0a:b1:56:aa:f9:f9:
1c:ff:ac:6c:85:d8:1b:0f:7a:9d:6a:94:1d:9b:51:52:6e:3b:
36:e9:a1:eb:3f:fe:bb:45:03:ba:07:b5:f8:04:7b:0a:a9:d1:
81:4d:eb:e7:f5:fa:11:f2:7f:3b:88:77:af:db:61:1a:cf:4f:
cb:37:37:7e:6f:f4:84:21:b8:2e:bf:24:93:c4:ba:dd:f3:67:
c6:59:18:74:0c:70:f2:14:a0:46:f9:49:c2:19:e8:e5:05:67:
b8:c2:22:bb:c9:ff:81:5f:f2:cc:1e:2f:48:3c:ce:7e:c3:e6:
8f:32:2d:11:64:15:12:ca:e2:8d:e6:06:b4:42:7c:d2:4a:00:
89:c6:38:76:56:4d:91:94:a5:c2:f1:39:7d:59:79:6c:c2:2b:
c9:5d:05:43:07:ee:3b:40:c8:5c:e4:39:36:fe:a4:b7:5f:25:
eb:c2:4e:03:3a:1a:48:52:01:84:25:a1:bc:1f:90:25:45:74:
59:3b:1f:13:45:cd:8c:00:c4:1f:0d:d2:fd:c5:0d:2b:9c:26:
eb:a3:5c:b2:dc:2e:cf:07:6e:fe:fb:d8:eb:54:d2:ca:0f:77:
c8:7a:00:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYs9JoYyGvkcpizus8Cj+UJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjhjNDcxZTgzYjE0ZmM2YzZjYzdjZmM5NmMxYWMzZTMw
ODdlYWUwHhcNMjMxMDE3MTAyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE1MDNlMWM5NzliNGY3NGYwZjY4YzEwNmMzZDQ4YTJhN2IxYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrV2Lmzd8Aqp/uz7+zO5huRa3och
rzDACuVQkbocznL7GdlvCORjOoG2eGDHGkJB3beO+UUhKPIUgrHPXtv5yfvwU1lr
Egg37Bz0VqyxpHweTE+3EP5QGAlUQZQ9PxiPX6WvGNHRhEWIhyXgv6tCZyKgKw1B
X3bw4jneGa/fYukspqBpKngvZd2AnS5VpO0bB8YpWE1tvhWbkoWX7SeWdVvzcR/D
gQfAnbmjOflZ1lg1fWzEjzweqOdMgeIf8IL6brLbiuFtp/6coujhaJ/tcvcTbvkX
kTpLPZp8kpBX39P1gWguLqPOV2Crtbj/to+rqF11t2TsR5hsSSibx6gsyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKulA+HJebT3Tw9owQbD1IoqextpMB8GA1UdIwQY
MBaAFI74xHHoOxT8bGzHz8lsGsPjCH6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZqRWNlZzdGUHhzYk1mUHlXd2F3LU1JZnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84ZjJhZDgtNmE0OC00MjNjLWJlNDEt
MTM4YTcxMTdkZTM2LzEvcTZVRDRjbDV0UGRQRDJqQkJzUFVpaXA3RzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84ZjJhZDgtNmE0OC00MjNjLWJlNDEtMTM4YTcxMTdkZTM2
LzEvanZqRWNlZzdGUHhzYk1mUHlXd2F3LU1JZnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAXvE9rsWm7PL6TNK2NFNcnxvngw9piGXI+rRd6SL8
CrFWqvn5HP+sbIXYGw96nWqUHZtRUm47Numh6z/+u0UDuge1+AR7CqnRgU3r5/X6
EfJ/O4h3r9thGs9Pyzc3fm/0hCG4Lr8kk8S63fNnxlkYdAxw8hSgRvlJwhno5QVn
uMIiu8n/gV/yzB4vSDzOfsPmjzItEWQVEsrijeYGtEJ80koAicY4dlZNkZSlwvE5
fVl5bMIryV0FQwfuO0DIXOQ5Nv6kt18l68JOAzoaSFIBhCWhvB+QJUV0WTsfE0XN
jADEHw3S/cUNK5wm66Ncstwuzwdu/vvY61TSyg93yHoAVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:19 2024 by rpki-client on console-ams.rpki-client.org