Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/dH7TZYpd5mMAf0SlE5ENtIXekHg.roa
File: dH7TZYpd5mMAf0SlE5ENtIXekHg.roa (raw, json)
Hash identifier: WTi8e2WUKBCucgWp9dcrMCKfBmgDXEmqV78R+/EX6k8=
Subject key identifier: 74:7E:D3:65:8A:5D:E6:63:00:7F:44:A5:13:91:0D:B4:85:DE:90:78
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0186E462852EE742EB1B85C4B0557DA32A78
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/dH7TZYpd5mMAf0SlE5ENtIXekHg.roa
Signing time: Wed 15 Mar 2023 08:28:27 +0000
ROA not before: Wed 15 Mar 2023 08:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a04:1bc0::/29 maxlen: 29
2a00:4080::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 17 Nov 2023 14:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:62:85:2e:e7:42:eb:1b:85:c4:b0:55:7d:a3:2a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Mar 15 08:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=747ed3658a5de663007f44a513910db485de9078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:aa:de:87:2b:87:74:ad:ee:02:4d:f2:55:26:
3c:13:b5:70:bf:47:ca:a3:c1:46:82:93:74:f2:ef:
50:01:33:06:1d:fe:18:38:ad:3d:74:9b:57:b5:88:
10:df:08:d3:d2:89:de:03:5a:b7:93:97:de:72:11:
b7:31:27:5d:64:5e:03:de:8d:1a:e1:b7:1c:be:4e:
dc:b8:4d:cb:82:5e:48:fb:41:5b:b3:11:77:7f:e7:
7f:9d:e1:23:cd:ba:64:c8:8a:eb:98:38:ab:3f:b9:
fd:72:cd:c1:99:24:01:51:d7:6b:03:0e:99:35:09:
bb:69:ba:ab:55:f5:c8:58:b5:b9:91:6c:2d:29:bc:
fd:fc:54:af:a4:57:24:e3:fe:77:c3:59:f7:c1:85:
ef:fd:5e:f0:33:ef:f5:fa:59:20:fe:99:20:66:c1:
ef:6d:11:76:d3:eb:ce:21:6f:a8:ba:89:6d:3a:ec:
3e:22:c4:95:95:f1:ad:82:0c:88:67:de:67:87:b2:
10:cf:f8:8c:d4:e0:a7:d2:96:ff:5f:50:37:63:e9:
6d:54:45:79:84:94:e4:93:6f:b8:1e:fa:ae:e5:a3:
bf:89:a3:bf:31:54:f3:37:8d:5f:8d:55:75:46:12:
ff:33:02:fc:cc:01:4e:b3:6a:03:07:6b:55:b3:5e:
a7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7E:D3:65:8A:5D:E6:63:00:7F:44:A5:13:91:0D:B4:85:DE:90:78
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/dH7TZYpd5mMAf0SlE5ENtIXekHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4080::/29
2a04:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
89:43:a7:46:8e:9b:c9:a0:5b:1f:48:ac:bb:9a:d7:88:8e:03:
ca:ba:06:8f:9d:dc:dd:92:1e:44:df:db:7c:3f:38:a5:31:86:
39:4c:99:f1:7e:b7:8a:03:fc:78:b3:c6:c2:08:85:6b:53:21:
1b:35:9a:b7:8c:d2:7a:e0:32:58:4b:2d:b4:d9:3c:a9:0f:e4:
0e:aa:2b:9c:84:af:d4:8b:e0:0f:93:96:34:b1:4d:6d:d2:50:
c6:87:d7:4a:cb:65:93:0a:a6:13:53:89:b7:a5:01:6f:75:31:
5a:31:65:4f:56:91:6d:46:16:e5:b5:42:a3:a2:6c:94:88:f5:
09:73:01:9c:b1:46:f6:2f:6e:5b:f0:1b:6e:65:6b:d3:27:25:
7b:47:9c:d3:f5:c4:e8:0c:37:b5:c0:ce:3b:24:e6:3c:ce:92:
78:74:67:16:3f:6e:75:9c:16:09:07:3a:21:4d:5f:81:4a:d3:
05:7d:da:5b:4d:64:53:c5:50:51:0a:ed:60:f5:cc:a7:85:f2:
1f:48:e4:a8:57:47:d6:58:10:e5:d5:2f:22:ee:db:36:2d:a8:
03:76:77:40:c0:0a:6a:b7:14:dd:0c:a9:d7:18:b2:ef:13:f6:
01:0d:cf:91:4b:e3:e4:b0:50:b3:01:24:2b:bd:f5:74:c9:fd:
58:f6:12:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYbkYoUu50LrG4XEsFV9oyp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwMzE1MDgyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdlZDM2NThhNWRlNjYzMDA3ZjQ0YTUxMzkxMGRiNDg1ZGU5MDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoarehyuHdK3uAk3yVSY8E7Vwv0fK
o8FGgpN08u9QATMGHf4YOK09dJtXtYgQ3wjT0oneA1q3k5fechG3MSddZF4D3o0a
4bccvk7cuE3Lgl5I+0FbsxF3f+d/neEjzbpkyIrrmDirP7n9cs3BmSQBUddrAw6Z
NQm7abqrVfXIWLW5kWwtKbz9/FSvpFck4/53w1n3wYXv/V7wM+/1+lkg/pkgZsHv
bRF20+vOIW+ouoltOuw+IsSVlfGtggyIZ95nh7IQz/iM1OCn0pb/X1A3Y+ltVEV5
hJTkk2+4Hvqu5aO/iaO/MVTzN41fjVV1RhL/MwL8zAFOs2oDB2tVs16n2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHR+02WKXeZjAH9EpRORDbSF3pB4MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvZEg3VFpZcGQ1bU1BZjBTbEU1RU50SVhla0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgBAgAMF
AyoEG8AwDQYJKoZIhvcNAQELBQADggEBAIlDp0aOm8mgWx9IrLua14iOA8q6Bo+d
3N2SHkTf23w/OKUxhjlMmfF+t4oD/HizxsIIhWtTIRs1mreM0nrgMlhLLbTZPKkP
5A6qK5yEr9SL4A+TljSxTW3SUMaH10rLZZMKphNTibelAW91MVoxZU9WkW1GFuW1
QqOibJSI9QlzAZyxRvYvblvwG25la9MnJXtHnNP1xOgMN7XAzjsk5jzOknh0ZxY/
bnWcFgkHOiFNX4FK0wV92ltNZFPFUFEK7WD1zKeF8h9I5KhXR9ZYEOXVLyLu2zYt
qAN2d0DACmq3FN0MqdcYsu8T9gENz5FL4+SwULMBJCu99XTJ/Vj2EmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org