Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/lWhFMxHNiV3faV3a4d8UVD0TPUQ.roa
File: lWhFMxHNiV3faV3a4d8UVD0TPUQ.roa (raw, json)
Hash identifier: QBY9MSQsTCgy6+4/fVdPTVwvfc7NiSsbbKZ9WOTxJHQ=
Subject key identifier: 95:68:45:33:11:CD:89:5D:DF:69:5D:DA:E1:DF:14:54:3D:13:3D:44
Certificate issuer: /CN=b3b5d2b43acc0d9f07aa00aa90f025c96d5cec25
Certificate serial: 0185708CC07D7C0AEF0C4CD65CC028676960
Authority key identifier: B3:B5:D2:B4:3A:CC:0D:9F:07:AA:00:AA:90:F0:25:C9:6D:5C:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7XStDrMDZ8HqgCqkPAlyW1c7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/lWhFMxHNiV3faV3a4d8UVD0TPUQ.roa
Signing time: Mon 02 Jan 2023 03:35:50 +0000
ROA not before: Mon 02 Jan 2023 03:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207502
IP address blocks: 2a12:9e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Mar 2023 16:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c0:7d:7c:0a:ef:0c:4c:d6:5c:c0:28:67:69:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b5d2b43acc0d9f07aa00aa90f025c96d5cec25
Validity
Not Before: Jan 2 03:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9568453311cd895ddf695ddae1df14543d133d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4f:b9:a7:fe:41:bc:50:01:49:7f:63:4c:1d:
75:e2:39:b0:3c:f3:1e:10:ff:41:97:19:98:7a:72:
65:82:d6:74:ea:bf:49:7a:e9:dd:01:73:a4:ab:69:
29:a4:00:92:eb:ca:db:59:f5:e4:b8:8c:3d:7a:e3:
5f:7f:fc:80:09:a7:91:29:9d:ec:dd:df:44:c4:3b:
e3:95:b0:fe:f1:e4:46:c2:d4:d4:26:e8:ce:3c:67:
f9:43:6d:36:15:b0:ad:3f:f2:86:5f:4b:a4:1d:f6:
39:78:1f:66:f3:ed:10:76:a3:a4:0c:f3:ec:d3:69:
22:f7:83:f4:32:5e:01:0c:a9:dd:72:a8:c7:aa:88:
1d:46:97:a2:37:06:60:21:3e:0d:66:ef:11:7d:21:
83:27:a5:d9:ca:6f:65:97:0d:95:bd:3e:77:e5:7b:
b4:52:20:26:5d:ce:06:2e:e2:51:97:c0:9d:84:dd:
70:2f:2c:14:84:95:fe:88:2d:da:30:7c:f9:6f:1e:
dc:1b:f3:84:bb:af:ff:5f:f2:d6:2e:47:ae:2a:35:
ad:99:73:f8:1c:be:08:e9:5e:e9:d4:92:35:4b:7e:
4a:f9:88:e5:63:5a:18:46:40:bc:40:90:65:a7:49:
c6:d8:93:01:b0:26:fc:97:bf:72:58:a1:4e:f4:33:
1c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:68:45:33:11:CD:89:5D:DF:69:5D:DA:E1:DF:14:54:3D:13:3D:44
X509v3 Authority Key Identifier:
keyid:B3:B5:D2:B4:3A:CC:0D:9F:07:AA:00:AA:90:F0:25:C9:6D:5C:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7XStDrMDZ8HqgCqkPAlyW1c7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/lWhFMxHNiV3faV3a4d8UVD0TPUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/s7XStDrMDZ8HqgCqkPAlyW1c7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
c2:4a:02:51:bf:61:a1:0a:11:04:b0:ba:3f:ff:84:30:a8:21:
b3:5a:06:0c:59:fc:09:29:c2:5f:e7:af:3f:fa:31:75:98:a6:
75:01:40:e8:f2:29:b8:a2:c8:81:dc:2e:64:79:f9:a1:67:e9:
29:33:ba:bb:87:c0:70:6d:0e:f0:2a:dd:71:26:a1:ec:30:0b:
54:44:eb:d2:7a:df:68:5f:44:fe:05:06:00:e3:36:99:6d:51:
85:c8:77:83:86:c3:8a:6b:af:4f:ab:07:45:0f:cd:bf:92:4c:
12:81:ce:1b:80:26:d1:fc:34:6f:91:06:82:19:04:24:da:16:
80:76:a0:cb:d1:06:59:42:94:a8:ab:d2:fa:16:e0:40:9c:89:
ac:c8:34:a0:ed:99:10:b8:ea:2e:f3:6e:1b:0c:26:5b:d2:88:
c2:82:e4:9f:1a:b5:73:82:e0:73:85:fc:74:6b:75:f5:16:57:
51:18:a9:b2:54:f3:35:aa:09:e6:70:b5:53:02:08:45:be:a5:
26:3d:4d:78:45:ed:80:ac:0d:21:49:76:01:1f:37:0e:61:54:
0d:76:4f:d0:c0:36:2b:ec:00:af:cd:32:5c:39:12:50:56:54:
cf:8e:ce:36:11:56:08:48:87:cf:11:db:ff:6a:f3:4a:7f:ca:
39:4a:58:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwjMB9fArvDEzWXMAoZ2lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjVkMmI0M2FjYzBkOWYwN2FhMDBhYTkwZjAyNWM5NmQ1
Y2VjMjUwHhcNMjMwMTAyMDMzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY4NDUzMzExY2Q4OTVkZGY2OTVkZGFlMWRmMTQ1NDNkMTMzZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhU+5p/5BvFABSX9jTB114jmwPPMe
EP9BlxmYenJlgtZ06r9JeundAXOkq2kppACS68rbWfXkuIw9euNff/yACaeRKZ3s
3d9ExDvjlbD+8eRGwtTUJujOPGf5Q202FbCtP/KGX0ukHfY5eB9m8+0QdqOkDPPs
02ki94P0Ml4BDKndcqjHqogdRpeiNwZgIT4NZu8RfSGDJ6XZym9llw2VvT535Xu0
UiAmXc4GLuJRl8CdhN1wLywUhJX+iC3aMHz5bx7cG/OEu6//X/LWLkeuKjWtmXP4
HL4I6V7p1JI1S35K+YjlY1oYRkC8QJBlp0nG2JMBsCb8l79yWKFO9DMcVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJVoRTMRzYld32ld2uHfFFQ9Ez1EMB8GA1UdIwQY
MBaAFLO10rQ6zA2fB6oAqpDwJcltXOwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdYU3REck1EWjhIcWdDcWtQQWx5VzFjN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTkyZGYtYzUwOS00ZTkyLThlMmIt
MjRiOGMwMmZhODJhLzEvbFdoRk14SE5pVjNmYVYzYTRkOFVWRDBUUFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTkyZGYtYzUwOS00ZTkyLThlMmItMjRiOGMwMmZhODJh
LzEvczdYU3REck1EWjhIcWdDcWtQQWx5VzFjN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKeQDAN
BgkqhkiG9w0BAQsFAAOCAQEAwkoCUb9hoQoRBLC6P/+EMKghs1oGDFn8CSnCX+ev
P/oxdZimdQFA6PIpuKLIgdwuZHn5oWfpKTO6u4fAcG0O8CrdcSah7DALVETr0nrf
aF9E/gUGAOM2mW1Rhch3g4bDimuvT6sHRQ/Nv5JMEoHOG4Am0fw0b5EGghkEJNoW
gHagy9EGWUKUqKvS+hbgQJyJrMg0oO2ZELjqLvNuGwwmW9KIwoLknxq1c4Lgc4X8
dGt19RZXURipslTzNaoJ5nC1UwIIRb6lJj1NeEXtgKwNIUl2AR83DmFUDXZP0MA2
K+wAr80yXDkSUFZUz47ONhFWCEiHzxHb/2rzSn/KOUpY+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org