Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/vRqvjTMf4WksaDOtzQy4nJosC2U.roa
File: vRqvjTMf4WksaDOtzQy4nJosC2U.roa (raw, json)
Hash identifier: aRZR79MZXGSEXk2KkheQ9ZF6ciA3bxi7gm8he1wiCCg=
Subject key identifier: BD:1A:AF:8D:33:1F:E1:69:2C:68:33:AD:CD:0C:B8:9C:9A:2C:0B:65
Certificate issuer: /CN=74e8159a16d72b3d6cdfbaa096d69139fde9d290
Certificate serial: 018CC26D6C01B567360647EBD8E265D4D710
Authority key identifier: 74:E8:15:9A:16:D7:2B:3D:6C:DF:BA:A0:96:D6:91:39:FD:E9:D2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOgVmhbXKz1s37qgltaROf3p0pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/vRqvjTMf4WksaDOtzQy4nJosC2U.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2a14:5200::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:01:b5:67:36:06:47:eb:d8:e2:65:d4:d7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e8159a16d72b3d6cdfbaa096d69139fde9d290
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd1aaf8d331fe1692c6833adcd0cb89c9a2c0b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f3:b8:90:50:9c:96:19:7e:4f:97:dc:4b:04:
71:06:9e:5c:54:9f:22:0b:f9:40:b8:5f:e0:dd:10:
d1:d8:aa:5b:7d:9c:7b:f2:57:3e:a3:dd:ce:28:9c:
f6:bf:b6:ab:48:7b:da:66:0f:ad:f0:b0:69:3e:ac:
6b:11:3e:b1:01:0e:d0:d8:b2:0e:d3:8e:c1:58:4b:
28:54:96:8c:a8:6b:1c:af:3e:39:bd:51:ab:0e:a0:
00:cc:66:37:be:b2:5f:28:8b:8b:26:8e:83:b4:67:
97:34:99:f5:f3:fa:cc:38:b1:cb:d6:47:23:e1:53:
28:75:c2:c8:62:c2:44:79:4a:54:60:7d:03:59:0d:
84:89:8e:34:5e:9b:4a:6c:13:81:53:e1:9d:5c:b4:
dc:3d:e8:c6:aa:bc:6d:ce:66:43:89:58:52:4b:07:
67:4c:0f:0a:65:80:85:02:ed:a7:49:30:50:1d:78:
a3:d1:56:05:67:99:dd:e5:51:35:ab:a3:b1:6c:b4:
40:64:62:6a:62:5f:f2:21:54:be:21:42:7b:1b:9d:
11:c1:32:7f:0e:f2:aa:1a:2a:0b:83:5c:68:a2:ba:
c6:8f:3d:36:15:35:1e:bd:03:5c:24:c0:74:97:c0:
59:c2:c6:43:10:b9:45:d2:77:87:e3:ba:44:3d:dc:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1A:AF:8D:33:1F:E1:69:2C:68:33:AD:CD:0C:B8:9C:9A:2C:0B:65
X509v3 Authority Key Identifier:
keyid:74:E8:15:9A:16:D7:2B:3D:6C:DF:BA:A0:96:D6:91:39:FD:E9:D2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOgVmhbXKz1s37qgltaROf3p0pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/vRqvjTMf4WksaDOtzQy4nJosC2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/9be0a7-41b3-48a5-8a38-84cbc85a2343/1/dOgVmhbXKz1s37qgltaROf3p0pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5200::/29
Signature Algorithm: sha256WithRSAEncryption
1c:2e:99:ce:0f:aa:f1:3d:5e:30:ba:c4:d8:e6:d0:0f:0a:5e:
55:c6:4f:6f:fc:7f:0b:af:ed:d8:d0:88:30:20:95:54:2e:a7:
18:b9:38:46:c4:a3:e7:84:45:e5:a9:60:64:9c:98:c8:f1:86:
2a:3f:12:0d:f4:f9:de:5c:f6:15:74:63:6d:df:ba:8e:1e:2d:
47:a5:7d:b1:fa:c6:37:45:9a:a7:09:5b:b5:1f:a4:f6:c3:4b:
ca:c8:55:df:7a:28:50:0b:f4:33:8a:03:67:bb:b7:61:d8:e1:
7b:df:03:69:67:fd:57:5b:82:23:1d:85:c9:3a:c7:37:0f:22:
61:69:69:60:fd:cf:e3:0e:a7:5a:5f:6c:06:8b:22:53:b7:a4:
68:bb:0e:f0:14:64:a7:04:49:5a:db:c7:5b:a5:1e:4f:02:2d:
95:21:25:7b:92:c4:91:1d:10:01:77:ad:a1:7a:13:f9:0c:d3:
24:a4:62:68:eb:77:cc:2b:32:24:0f:4e:ed:49:d5:ff:7c:ef:
40:37:3f:1a:b9:ab:0d:9b:f4:01:3b:ad:ad:b0:66:04:58:6c:
11:c2:73:48:fe:60:a0:e1:d7:75:1b:24:bd:88:34:66:22:b8:
9d:8b:46:2b:9e:42:42:bc:87:cf:79:85:f7:e6:39:86:b8:88:
99:45:f7:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbWwBtWc2Bkfr2OJl1NcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTgxNTlhMTZkNzJiM2Q2Y2RmYmFhMDk2ZDY5MTM5ZmRl
OWQyOTAwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDFhYWY4ZDMzMWZlMTY5MmM2ODMzYWRjZDBjYjg5YzlhMmMwYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifO4kFCclhl+T5fcSwRxBp5cVJ8i
C/lAuF/g3RDR2KpbfZx78lc+o93OKJz2v7arSHvaZg+t8LBpPqxrET6xAQ7Q2LIO
047BWEsoVJaMqGscrz45vVGrDqAAzGY3vrJfKIuLJo6DtGeXNJn18/rMOLHL1kcj
4VModcLIYsJEeUpUYH0DWQ2EiY40XptKbBOBU+GdXLTcPejGqrxtzmZDiVhSSwdn
TA8KZYCFAu2nSTBQHXij0VYFZ5nd5VE1q6OxbLRAZGJqYl/yIVS+IUJ7G50RwTJ/
DvKqGioLg1xoorrGjz02FTUevQNcJMB0l8BZwsZDELlF0neH47pEPdwvMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL0ar40zH+FpLGgzrc0MuJyaLAtlMB8GA1UdIwQY
MBaAFHToFZoW1ys9bN+6oJbWkTn96dKQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9nVm1oYlhLejFzMzdxZ2x0YVJPZjNwMHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85YmUwYTctNDFiMy00OGE1LThhMzgt
ODRjYmM4NWEyMzQzLzEvdlJxdmpUTWY0V2tzYURPdHpReTRuSm9zQzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85YmUwYTctNDFiMy00OGE1LThhMzgtODRjYmM4NWEyMzQz
LzEvZE9nVm1oYlhLejFzMzdxZ2x0YVJPZjNwMHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRSADAN
BgkqhkiG9w0BAQsFAAOCAQEAHC6Zzg+q8T1eMLrE2ObQDwpeVcZPb/x/C6/t2NCI
MCCVVC6nGLk4RsSj54RF5algZJyYyPGGKj8SDfT53lz2FXRjbd+6jh4tR6V9sfrG
N0WapwlbtR+k9sNLyshV33ooUAv0M4oDZ7u3Ydjhe98DaWf9V1uCIx2FyTrHNw8i
YWlpYP3P4w6nWl9sBosiU7ekaLsO8BRkpwRJWtvHW6UeTwItlSEle5LEkR0QAXet
oXoT+QzTJKRiaOt3zCsyJA9O7UnV/3zvQDc/GrmrDZv0ATutrbBmBFhsEcJzSP5g
oOHXdRskvYg0ZiK4nYtGK55CQryHz3mF9+Y5hriImUX37Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:23 2024 by rpki-client on console-ams.rpki-client.org