Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/A5sQthN-7C4eKxBy9THX7-Qf3Fk.roa
File: A5sQthN-7C4eKxBy9THX7-Qf3Fk.roa (raw, json)
Hash identifier: 9k14ImC2GPG4z6GrlZ67MrZwh+fascyZouiGrJ1o1ok=
Subject key identifier: 03:9B:10:B6:13:7E:EC:2E:1E:2B:10:72:F5:31:D7:EF:E4:1F:DC:59
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018D9E5CDAAC14FEE61F0D2B5CE8FE4B8A57
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/A5sQthN-7C4eKxBy9THX7-Qf3Fk.roa
Signing time: Mon 12 Feb 2024 17:28:21 +0000
ROA not before: Mon 12 Feb 2024 17:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a00:4080::/29 maxlen: 29
2a04:1bc0::/29 maxlen: 29
2a0f:cdc6:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Feb 2024 18:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:5c:da:ac:14:fe:e6:1f:0d:2b:5c:e8:fe:4b:8a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Feb 12 17:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=039b10b6137eec2e1e2b1072f531d7efe41fdc59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:61:4f:29:9a:20:01:87:5f:bf:74:ef:63:
40:c5:e4:07:84:ca:fd:70:3c:11:33:59:fe:f2:bc:
75:4f:f6:ed:78:35:2a:6f:1c:c5:12:33:a8:ab:7c:
2c:08:6f:d8:e0:84:36:7c:46:15:ce:4e:f6:15:0a:
d6:75:ed:59:cb:0b:2a:bd:fa:75:9d:34:2c:0d:08:
af:1a:a4:7a:f4:e3:c1:16:e7:5b:f5:1e:64:e6:e3:
f8:dc:fd:7a:f6:f4:c6:de:45:48:45:6f:7b:ec:7e:
3d:17:64:87:58:c2:6b:29:41:84:65:25:8c:ed:e0:
ee:21:45:8a:a4:be:0a:e7:49:2f:cd:27:8f:b1:20:
49:82:13:2f:69:06:ec:7a:f4:15:f7:02:41:68:fa:
db:a3:ad:99:42:aa:0d:b0:d0:6e:10:77:ea:f1:a3:
4f:5c:73:38:8e:3c:fd:12:3f:31:7a:f6:2c:e5:ba:
eb:8a:14:a1:aa:5f:7f:f8:63:34:6a:4f:9b:3e:bd:
4e:fc:65:00:4b:35:e4:66:00:b4:d1:64:7c:a9:d6:
b9:ca:39:02:ad:0b:bf:7a:76:ae:ba:c5:d4:c8:41:
1b:e1:fb:28:ad:b4:aa:60:99:da:70:29:ae:26:9f:
ed:de:ac:10:88:11:fb:94:04:25:c6:d6:c6:f5:aa:
f9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9B:10:B6:13:7E:EC:2E:1E:2B:10:72:F5:31:D7:EF:E4:1F:DC:59
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/A5sQthN-7C4eKxBy9THX7-Qf3Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4080::/29
2a04:1bc0::/29
2a0f:cdc6:2001::/48
Signature Algorithm: sha256WithRSAEncryption
83:1f:c8:21:57:b7:57:f6:b5:d6:a0:f7:74:ab:88:98:71:be:
0e:b0:38:b5:c9:8e:55:52:22:00:16:d9:78:0c:9f:79:04:02:
46:45:0e:59:04:b2:45:53:c6:37:a0:8d:ad:56:c6:92:76:67:
f0:7e:f3:fe:43:ad:58:72:14:f3:af:60:54:84:9d:ce:0d:57:
5f:d9:b4:27:58:59:08:7e:15:5a:a3:21:18:86:dd:67:d8:e8:
53:02:d8:16:c4:8e:22:c9:c5:0f:ff:25:39:34:9d:e0:5e:6a:
22:63:82:e4:b9:0f:25:f5:99:d0:19:ac:fd:30:45:4b:96:34:
1d:14:54:b4:4e:77:f3:44:fa:91:bd:21:6d:35:ee:ff:99:9b:
ac:ec:77:1b:99:c3:c5:4d:f2:dd:98:de:33:3f:3d:1b:cf:be:
bb:b7:43:67:87:e6:01:75:80:d1:a7:46:1f:35:14:2a:bb:7c:
73:8d:ca:58:e3:07:83:98:52:87:4f:d0:11:af:8b:60:bf:e7:
f0:cd:ed:ca:5e:ce:6d:3f:c6:20:6e:58:53:01:72:c0:d4:44:
20:b9:e4:85:2b:08:e2:18:e9:58:8e:9e:b0:ee:27:f6:6b:3d:
b1:00:37:43:3a:8d:32:2c:d4:ae:00:e1:59:7b:ee:c6:4a:ab:
97:d8:da:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2eXNqsFP7mHw0rXOj+S4pXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMjEyMTcyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzliMTBiNjEzN2VlYzJlMWUyYjEwNzJmNTMxZDdlZmU0MWZkYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyFhTymaIAGHX79072NAxeQHhMr9
cDwRM1n+8rx1T/bteDUqbxzFEjOoq3wsCG/Y4IQ2fEYVzk72FQrWde1Zywsqvfp1
nTQsDQivGqR69OPBFudb9R5k5uP43P169vTG3kVIRW977H49F2SHWMJrKUGEZSWM
7eDuIUWKpL4K50kvzSePsSBJghMvaQbsevQV9wJBaPrbo62ZQqoNsNBuEHfq8aNP
XHM4jjz9Ej8xevYs5brrihShql9/+GM0ak+bPr1O/GUASzXkZgC00WR8qda5yjkC
rQu/enauusXUyEEb4fsorbSqYJnacCmuJp/t3qwQiBH7lAQlxtbG9ar5lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAObELYTfuwuHisQcvUx1+/kH9xZMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvQTVzUXRoTi03QzRlS3hCeTlUSFg3LVFmM0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKgBAgAMF
AyoEG8ADBwAqD83GIAEwDQYJKoZIhvcNAQELBQADggEBAIMfyCFXt1f2tdag93Sr
iJhxvg6wOLXJjlVSIgAW2XgMn3kEAkZFDlkEskVTxjegja1WxpJ2Z/B+8/5DrVhy
FPOvYFSEnc4NV1/ZtCdYWQh+FVqjIRiG3WfY6FMC2BbEjiLJxQ//JTk0neBeaiJj
guS5DyX1mdAZrP0wRUuWNB0UVLROd/NE+pG9IW017v+Zm6zsdxuZw8VN8t2Y3jM/
PRvPvru3Q2eH5gF1gNGnRh81FCq7fHONyljjB4OYUodP0BGvi2C/5/DN7cpezm0/
xiBuWFMBcsDURCC55IUrCOIY6ViOnrDuJ/ZrPbEAN0M6jTIs1K4A4Vl77sZKq5fY
2vY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org