Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/wtXraYNEa-R7nDgd7ksvYDRvXzs.roa
File: wtXraYNEa-R7nDgd7ksvYDRvXzs.roa (raw, json)
Hash identifier: 4sYnz5t81wAOYq+0XZ5dwIlu4Lvt+Errljtc4yARxZE=
Subject key identifier: C2:D5:EB:69:83:44:6B:E4:7B:9C:38:1D:EE:4B:2F:60:34:6F:5F:3B
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018CC8021CBEF623F442836CF6696DD06D27
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/wtXraYNEa-R7nDgd7ksvYDRvXzs.roa
Signing time: Tue 02 Jan 2024 02:30:30 +0000
ROA not before: Tue 02 Jan 2024 02:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a04:1bc0::/29 maxlen: 29
2a0f:cdc6:2001::/48 maxlen: 48
2a00:4080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:1c:be:f6:23:f4:42:83:6c:f6:69:6d:d0:6d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 2 02:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2d5eb6983446be47b9c381dee4b2f60346f5f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4a:51:ed:1e:3d:0d:7a:39:21:a6:4b:eb:05:
4b:33:70:1c:89:97:d0:21:46:9f:da:a4:24:8c:dd:
76:d9:b9:a0:23:e6:eb:13:a9:10:02:83:9a:fb:bb:
83:42:d9:12:04:6e:a3:34:d0:47:70:54:56:50:23:
fa:c5:94:74:cc:4c:f1:17:a2:df:b8:62:b6:02:f7:
b7:fb:bf:7c:32:28:b3:bb:a8:7d:7c:3a:9f:e4:ce:
00:dd:8f:ea:c8:f4:ef:5e:7a:d5:94:92:12:ad:53:
0c:9f:96:66:5c:21:e9:dd:ad:3c:5b:e4:f4:be:20:
7b:c2:ff:c5:98:08:0b:a9:de:25:de:00:1a:95:54:
91:86:a2:52:b6:d1:59:02:5d:03:6c:82:90:c9:58:
5d:7d:17:b5:0b:9a:f8:0e:50:b5:1c:4b:ee:2e:ff:
26:8c:9c:24:05:4a:32:b9:3d:da:b1:bd:23:81:f9:
21:11:3a:34:60:1f:ec:81:e7:f2:d3:1e:11:6a:c2:
c6:d2:c6:74:c5:39:38:3e:56:ae:af:d4:f0:40:ff:
e6:d7:4d:cc:da:a7:0a:fc:b4:ce:13:24:c1:6f:27:
df:d1:59:9f:92:36:cc:43:5a:14:0b:78:34:61:11:
17:ba:50:7a:bc:ff:73:66:94:c0:ef:3c:11:6f:bd:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D5:EB:69:83:44:6B:E4:7B:9C:38:1D:EE:4B:2F:60:34:6F:5F:3B
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/wtXraYNEa-R7nDgd7ksvYDRvXzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4080::/29
2a04:1bc0::/29
2a0f:cdc6:2001::/48
Signature Algorithm: sha256WithRSAEncryption
22:b4:69:96:32:51:6b:0c:ac:6e:98:5a:55:99:27:7e:79:19:
43:5d:63:25:0a:89:e8:a9:7f:87:6a:cf:da:f5:cb:52:a1:bf:
3a:9e:bc:a1:58:3d:76:05:b4:09:0c:cf:1d:3f:ae:db:9b:cd:
9d:b9:0b:2f:6d:b6:90:4d:15:09:a0:db:07:97:e6:6c:90:68:
dc:53:76:0e:f3:a2:49:33:84:72:f5:e5:c6:2a:1c:f8:eb:e3:
71:a1:c4:37:25:e0:a7:da:44:43:1e:85:68:ad:aa:ee:2c:df:
a8:5e:ea:d4:30:1c:42:02:e8:59:5b:3e:4e:51:46:50:07:8b:
74:32:82:e0:d0:4b:07:00:66:15:0f:ba:08:e2:a9:8b:9d:27:
2c:0b:1a:04:74:6b:c0:c1:04:8b:e5:f5:f3:91:96:3f:43:e0:
63:8d:ef:c1:e8:cf:88:c4:69:f1:e2:d3:68:a2:92:32:12:82:
33:f0:b8:3e:4a:97:a3:ac:4b:2f:90:16:18:68:44:74:f1:79:
fd:4f:56:70:e8:74:0b:3a:1f:56:f3:6b:c7:62:f0:9b:62:ad:
86:f7:f4:84:12:91:a1:34:a2:d2:3f:ab:94:b9:59:44:8f:a0:
5c:b1:a0:cf:f9:bc:34:a3:cd:5a:da:46:f9:58:b4:46:4f:d7:
30:ae:b1:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAhy+9iP0QoNs9mlt0G0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTAyMDIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ1ZWI2OTgzNDQ2YmU0N2I5YzM4MWRlZTRiMmY2MDM0NmY1ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUpR7R49DXo5IaZL6wVLM3AciZfQ
IUaf2qQkjN122bmgI+brE6kQAoOa+7uDQtkSBG6jNNBHcFRWUCP6xZR0zEzxF6Lf
uGK2Ave3+798Miizu6h9fDqf5M4A3Y/qyPTvXnrVlJISrVMMn5ZmXCHp3a08W+T0
viB7wv/FmAgLqd4l3gAalVSRhqJSttFZAl0DbIKQyVhdfRe1C5r4DlC1HEvuLv8m
jJwkBUoyuT3asb0jgfkhETo0YB/sgefy0x4RasLG0sZ0xTk4Plaur9TwQP/m103M
2qcK/LTOEyTBbyff0VmfkjbMQ1oUC3g0YREXulB6vP9zZpTA7zwRb73c6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMLV62mDRGvke5w4He5LL2A0b187MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvd3RYcmFZTkVhLVI3bkRnZDdrc3ZZRFJ2WHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKgBAgAMF
AyoEG8ADBwAqD83GIAEwDQYJKoZIhvcNAQELBQADggEBACK0aZYyUWsMrG6YWlWZ
J355GUNdYyUKieipf4dqz9r1y1KhvzqevKFYPXYFtAkMzx0/rtubzZ25Cy9ttpBN
FQmg2weX5myQaNxTdg7zokkzhHL15cYqHPjr43GhxDcl4KfaREMehWitqu4s36he
6tQwHEIC6FlbPk5RRlAHi3QyguDQSwcAZhUPugjiqYudJywLGgR0a8DBBIvl9fOR
lj9D4GON78Hoz4jEafHi02iikjISgjPwuD5Kl6OsSy+QFhhoRHTxef1PVnDodAs6
H1bza8di8JtirYb39IQSkaE0otI/q5S5WUSPoFyxoM/5vDSjzVraRvlYtEZP1zCu
sUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:53 2024 by rpki-client on console-ams.rpki-client.org