Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/moHBH5F4Xd9Q8fHB_TIVy9bU5_I.roa
File: moHBH5F4Xd9Q8fHB_TIVy9bU5_I.roa (raw, json)
Hash identifier: Rvha4t9rg8mor3VJEXs1gv8Yay3I9hsJgI6PXB00YTc=
Subject key identifier: 9A:81:C1:1F:91:78:5D:DF:50:F1:F1:C1:FD:32:15:CB:D6:D4:E7:F2
Certificate issuer: /CN=74e8159a16d72b3d6cdfbaa096d69139fde9d290
Certificate serial: 018B8B55C60CB7164C34E8688AE0FFC3BE3E
Authority key identifier: 74:E8:15:9A:16:D7:2B:3D:6C:DF:BA:A0:96:D6:91:39:FD:E9:D2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOgVmhbXKz1s37qgltaROf3p0pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/moHBH5F4Xd9Q8fHB_TIVy9bU5_I.roa
Signing time: Wed 01 Nov 2023 14:42:16 +0000
ROA not before: Wed 01 Nov 2023 14:42:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 2a14:5200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:55:c6:0c:b7:16:4c:34:e8:68:8a:e0:ff:c3:be:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e8159a16d72b3d6cdfbaa096d69139fde9d290
Validity
Not Before: Nov 1 14:42:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a81c11f91785ddf50f1f1c1fd3215cbd6d4e7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d9:84:81:d6:4f:b9:ec:d6:e9:36:27:11:2e:
df:8d:85:1b:29:b9:66:1a:d3:c9:1e:e2:9e:84:de:
e6:20:f9:88:a0:c5:ce:77:0f:72:5f:00:31:fd:c0:
a5:52:3b:ad:14:02:47:eb:e6:bc:8f:f8:20:86:1b:
09:28:b4:81:ce:eb:34:e3:fb:33:7a:d7:1e:d6:34:
4d:4a:87:8e:99:fb:58:e2:41:19:87:13:32:4f:3c:
62:01:f1:e2:cf:22:2e:dd:c1:da:0f:9b:0b:a8:5b:
fb:a0:35:ad:dd:95:ee:3c:2d:3a:88:00:d1:6a:39:
25:90:44:68:ef:a3:a9:e0:46:af:d1:08:90:73:1e:
e2:e9:eb:6e:d5:38:76:6b:9f:27:9a:ef:28:f6:cf:
2f:7b:06:81:51:74:a7:72:7f:fe:4c:69:40:92:91:
88:ce:aa:9d:ea:11:b7:e2:bb:f6:c9:d4:41:2b:59:
66:1d:d2:7a:7d:21:d2:a7:c7:a7:7b:3f:ab:15:5e:
99:b5:ed:df:37:b2:06:52:74:ca:13:97:6d:a6:9a:
47:d3:23:24:cb:88:b5:96:55:ea:1b:d1:cc:30:5b:
6e:03:36:70:2f:95:36:04:49:2f:c8:14:af:7c:d7:
ec:85:a9:96:e5:e3:8d:c3:a5:13:e5:1c:1a:4d:4f:
3c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:81:C1:1F:91:78:5D:DF:50:F1:F1:C1:FD:32:15:CB:D6:D4:E7:F2
X509v3 Authority Key Identifier:
keyid:74:E8:15:9A:16:D7:2B:3D:6C:DF:BA:A0:96:D6:91:39:FD:E9:D2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOgVmhbXKz1s37qgltaROf3p0pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/moHBH5F4Xd9Q8fHB_TIVy9bU5_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/dOgVmhbXKz1s37qgltaROf3p0pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5200::/29
Signature Algorithm: sha256WithRSAEncryption
50:29:2f:7b:fa:67:19:75:ec:b7:03:6b:f2:f9:e6:05:50:98:
44:8b:28:c9:d9:d8:64:68:94:2b:bc:f4:b2:aa:93:62:c5:54:
9b:de:9b:c1:63:9b:3f:60:6d:68:4f:2f:07:13:f7:3b:9b:45:
09:ba:84:91:7a:79:a2:46:98:ad:25:5e:f5:02:b2:3b:9e:77:
17:2f:c3:22:d2:15:c7:2f:49:64:32:9d:1c:99:7f:63:25:c2:
4a:01:aa:c4:25:52:18:69:ba:2f:e5:6f:c7:27:fb:c7:07:c6:
84:c6:f8:ab:04:0d:c7:e1:64:65:ea:a7:6d:25:3b:8b:a6:51:
db:87:8e:32:32:0c:28:49:73:d6:04:ee:bb:3e:bc:4c:cc:21:
ac:2b:bc:af:ce:c2:19:de:a3:83:6a:b2:e4:cb:82:16:55:3b:
ab:f0:43:d6:7b:a5:82:55:e4:9b:72:dc:57:4b:f4:59:76:a4:
3c:29:7a:d8:50:89:02:ef:6d:5a:cd:60:fe:93:74:ba:40:81:
ca:a7:ea:b7:af:bc:54:59:f3:9f:cd:12:d0:97:84:4c:9c:0e:
ed:cc:d5:3f:f8:3d:e0:7a:69:b8:17:bd:a4:de:0b:c2:ef:71:
0f:3b:e0:1c:c2:b9:04:17:e4:ea:56:6b:45:35:60:8e:47:1c:
d8:73:50:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuLVcYMtxZMNOhoiuD/w74+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTgxNTlhMTZkNzJiM2Q2Y2RmYmFhMDk2ZDY5MTM5ZmRl
OWQyOTAwHhcNMjMxMTAxMTQ0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgxYzExZjkxNzg1ZGRmNTBmMWYxYzFmZDMyMTVjYmQ2ZDRlN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdmEgdZPuezW6TYnES7fjYUbKblm
GtPJHuKehN7mIPmIoMXOdw9yXwAx/cClUjutFAJH6+a8j/gghhsJKLSBzus04/sz
etce1jRNSoeOmftY4kEZhxMyTzxiAfHizyIu3cHaD5sLqFv7oDWt3ZXuPC06iADR
ajklkERo76Op4Eav0QiQcx7i6etu1Th2a58nmu8o9s8vewaBUXSncn/+TGlAkpGI
zqqd6hG34rv2ydRBK1lmHdJ6fSHSp8enez+rFV6Zte3fN7IGUnTKE5dtpppH0yMk
y4i1llXqG9HMMFtuAzZwL5U2BEkvyBSvfNfshamW5eONw6UT5RwaTU88DwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJqBwR+ReF3fUPHxwf0yFcvW1OfyMB8GA1UdIwQY
MBaAFHToFZoW1ys9bN+6oJbWkTn96dKQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9nVm1oYlhLejFzMzdxZ2x0YVJPZjNwMHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85YmUwYTctNDFiMy00OGE1LThhMzgt
ODRjYmM4NWEyMzQzLzEvbW9IQkg1RjRYZDlROGZIQl9USVZ5OWJVNV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85YmUwYTctNDFiMy00OGE1LThhMzgtODRjYmM4NWEyMzQz
LzEvZE9nVm1oYlhLejFzMzdxZ2x0YVJPZjNwMHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRSADAN
BgkqhkiG9w0BAQsFAAOCAQEAUCkve/pnGXXstwNr8vnmBVCYRIsoydnYZGiUK7z0
sqqTYsVUm96bwWObP2BtaE8vBxP3O5tFCbqEkXp5okaYrSVe9QKyO553Fy/DItIV
xy9JZDKdHJl/YyXCSgGqxCVSGGm6L+Vvxyf7xwfGhMb4qwQNx+FkZeqnbSU7i6ZR
24eOMjIMKElz1gTuuz68TMwhrCu8r87CGd6jg2qy5MuCFlU7q/BD1nulglXkm3Lc
V0v0WXakPCl62FCJAu9tWs1g/pN0ukCByqfqt6+8VFnzn80S0JeETJwO7czVP/g9
4HppuBe9pN4Lwu9xDzvgHMK5BBfk6lZrRTVgjkcc2HNQ1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org