Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/vFUpkAXXGAlYqitXnSGiQEsDZeE.roa
File: vFUpkAXXGAlYqitXnSGiQEsDZeE.roa (raw, json)
Hash identifier: ezG3WiqBgY5dOz/PDjF6h1iDwf5t6GYb+yff0ubxQF8=
Subject key identifier: BC:55:29:90:05:D7:18:09:58:AA:2B:57:9D:21:A2:40:4B:03:65:E1
Certificate issuer: /CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Certificate serial: 01856BEEB11A877B53C71675601A2FD1CCB8
Authority key identifier: AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/vFUpkAXXGAlYqitXnSGiQEsDZeE.roa
Signing time: Sun 01 Jan 2023 06:04:43 +0000
ROA not before: Sun 01 Jan 2023 06:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20625
IP address blocks: 2a02:ae8::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b1:1a:87:7b:53:c7:16:75:60:1a:2f:d1:cc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Validity
Not Before: Jan 1 06:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc55299005d7180958aa2b579d21a2404b0365e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:b2:2c:91:b5:8d:5d:7d:7d:d2:40:db:67:
0d:7b:41:3b:78:96:dd:28:76:4d:c3:d7:a7:f2:45:
f7:71:a6:a6:dc:6e:e3:e0:07:3c:42:d5:43:8c:22:
59:d9:19:9e:97:47:fd:33:f2:87:39:6c:db:cc:3f:
80:1c:d0:a4:ec:04:d9:99:22:0d:b2:bd:f0:18:7a:
15:32:d0:d9:cd:91:a7:29:03:e9:04:2c:63:e2:ba:
d9:0b:e0:51:ec:b6:09:20:69:66:32:56:b4:a3:8c:
c8:b3:0b:ec:bb:f9:51:68:4b:39:5c:1a:81:a5:df:
14:d0:2a:86:10:12:39:c4:d9:26:4d:da:63:2f:2a:
dd:c0:c7:f6:3d:1c:9e:95:66:47:62:97:ad:a3:7b:
70:d4:a9:da:43:5a:52:07:61:0c:5c:29:2e:df:3f:
cf:4d:21:02:e3:47:8a:e5:ea:32:91:79:17:73:bb:
a7:37:e6:da:f9:f2:e8:e8:4d:bb:74:5f:e4:83:f5:
4f:64:e5:eb:95:aa:f6:ad:5f:32:87:ec:ef:a2:5e:
fe:d4:85:ab:d6:0b:ca:b9:5e:80:01:e9:4d:86:1a:
0b:1e:a3:b2:b4:48:b7:b8:ae:35:0f:7b:bf:42:1b:
f9:92:8d:58:b4:9e:2e:59:58:84:9e:c1:cb:25:cf:
6e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:55:29:90:05:D7:18:09:58:AA:2B:57:9D:21:A2:40:4B:03:65:E1
X509v3 Authority Key Identifier:
keyid:AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/vFUpkAXXGAlYqitXnSGiQEsDZeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/qlPNLFhKPcFiCLqTsNt0dzs_I74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ae8::/29
Signature Algorithm: sha256WithRSAEncryption
58:57:fc:e6:4f:5b:3d:8f:94:ce:a1:15:f5:24:43:e7:b2:b3:
b1:fc:6e:81:65:0b:67:80:d4:ef:3b:94:da:08:a1:d6:d2:20:
6e:0c:6e:2a:01:ae:b1:8e:6b:e3:32:dd:4a:15:d8:34:ea:68:
45:72:1c:db:ae:58:78:0b:ea:14:af:f3:e9:55:b5:54:a5:df:
58:8e:31:f8:ea:45:23:b2:53:c2:9e:f8:e6:df:95:a5:2b:4a:
9f:27:48:7d:6d:b5:e5:87:c1:a4:81:32:91:95:5b:fe:59:04:
20:52:44:1e:23:c9:52:3d:be:2c:8f:95:5c:9b:be:9b:d5:4a:
c7:78:01:7f:f0:29:8d:26:86:8a:9b:41:e8:04:c0:67:34:03:
1b:88:c1:0d:b5:50:75:96:2e:b5:12:c0:75:2d:ee:d9:66:4e:
ec:b8:f3:87:c4:ae:00:75:c8:62:80:5a:67:80:29:2f:ba:90:
02:0c:33:8a:60:80:6e:99:b4:04:0c:f8:42:68:3b:f7:4b:98:
f6:33:82:e7:73:82:a0:0f:44:ba:5a:53:5c:23:b7:c8:be:ab:
0c:bc:f0:b8:10:c1:11:c8:15:db:6f:7a:d8:a7:f3:ad:a0:3b:
8f:86:b0:2b:5d:c9:25:ba:bd:e2:5a:54:89:31:83:71:5d:34:
9b:95:2f:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVr7rEah3tTxxZ1YBov0cy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTNjZDJjNTg0YTNkYzE2MjA4YmE5M2IwZGI3NDc3M2Iz
ZjIzYmUwHhcNMjMwMTAxMDYwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU1Mjk5MDA1ZDcxODA5NThhYTJiNTc5ZDIxYTI0MDRiMDM2NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9eyLJG1jV19fdJA22cNe0E7eJbd
KHZNw9en8kX3caam3G7j4Ac8QtVDjCJZ2Rmel0f9M/KHOWzbzD+AHNCk7ATZmSIN
sr3wGHoVMtDZzZGnKQPpBCxj4rrZC+BR7LYJIGlmMla0o4zIswvsu/lRaEs5XBqB
pd8U0CqGEBI5xNkmTdpjLyrdwMf2PRyelWZHYpeto3tw1KnaQ1pSB2EMXCku3z/P
TSEC40eK5eoykXkXc7unN+ba+fLo6E27dF/kg/VPZOXrlar2rV8yh+zvol7+1IWr
1gvKuV6AAelNhhoLHqOytEi3uK41D3u/Qhv5ko1YtJ4uWViEnsHLJc9uSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLxVKZAF1xgJWKorV50hokBLA2XhMB8GA1UdIwQY
MBaAFKpTzSxYSj3BYgi6k7DbdHc7PyO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxQTkxGaEtQY0ZpQ0xxVHNOdDBkenNfSTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lNjcwYTctYWQ3OC00NTdlLWFkODAt
MDA3OTc4YmRiMDUyLzEvdkZVcGtBWFhHQWxZcWl0WG5TR2lRRXNEWmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lNjcwYTctYWQ3OC00NTdlLWFkODAtMDA3OTc4YmRiMDUy
LzEvcWxQTkxGaEtQY0ZpQ0xxVHNOdDBkenNfSTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgIK6DAN
BgkqhkiG9w0BAQsFAAOCAQEAWFf85k9bPY+UzqEV9SRD57KzsfxugWULZ4DU7zuU
2gih1tIgbgxuKgGusY5r4zLdShXYNOpoRXIc265YeAvqFK/z6VW1VKXfWI4x+OpF
I7JTwp745t+VpStKnydIfW215YfBpIEykZVb/lkEIFJEHiPJUj2+LI+VXJu+m9VK
x3gBf/ApjSaGiptB6ATAZzQDG4jBDbVQdZYutRLAdS3u2WZO7Ljzh8SuAHXIYoBa
Z4ApL7qQAgwzimCAbpm0BAz4Qmg790uY9jOC53OCoA9EulpTXCO3yL6rDLzwuBDB
EcgV22962KfzraA7j4awK13JJbq94lpUiTGDcV00m5UvIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:11 2024 by rpki-client on console-fra.rpki-client.org