Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/IXaR0LUrE7de-BsxfzNFwzvIkBs.roa
File: IXaR0LUrE7de-BsxfzNFwzvIkBs.roa (raw, json)
Hash identifier: l3FWeqgxooI3gN+iYY7KLZ0HVphxoEF/+ylLLpS0cEo=
Subject key identifier: 21:76:91:D0:B5:2B:13:B7:5E:F8:1B:31:7F:33:45:C3:3B:C8:90:1B
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01856C4A6FD9BCD96266C6EB40A683146449
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/IXaR0LUrE7de-BsxfzNFwzvIkBs.roa
Signing time: Sun 01 Jan 2023 07:44:55 +0000
ROA not before: Sun 01 Jan 2023 07:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46516
IP address blocks: 2a05:6700::/29 maxlen: 32
2a06:2700::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Aug 2023 04:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6f:d9:bc:d9:62:66:c6:eb:40:a6:83:14:64:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 1 07:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=217691d0b52b13b75ef81b317f3345c33bc8901b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:ab:25:b2:b7:14:1e:db:d9:ea:b3:9b:7e:
4b:c6:b7:fd:f1:68:30:95:e9:27:8b:4b:58:54:32:
e1:d0:fd:49:91:4d:bf:45:b4:a8:be:24:f5:67:5d:
79:26:42:6f:ec:31:25:af:0c:8e:29:bb:f0:86:6e:
3d:f1:de:74:ac:33:71:e1:31:64:0c:36:37:59:21:
2b:ac:69:58:13:82:8e:41:54:52:f2:60:35:d9:78:
fd:eb:64:0d:63:4a:e2:a5:50:a9:0f:00:e8:e3:c1:
c4:0c:15:88:35:fc:be:39:b1:9f:a6:3e:1c:f6:f2:
02:98:f7:4a:57:06:bf:54:9a:14:30:84:43:74:4e:
38:d8:45:8c:04:ff:ea:a3:fb:86:e4:69:4d:ee:34:
ef:3f:52:0f:bd:5d:c9:05:8b:be:01:59:ec:ca:55:
05:7f:0c:e5:60:09:4b:d7:06:7f:be:8e:b0:e4:cc:
f0:63:67:46:03:5d:9b:62:15:04:1c:27:7f:e6:7a:
89:9a:f2:b6:bf:08:70:61:7f:75:93:ef:05:e3:fc:
c0:a8:2e:e6:e9:10:8c:5a:71:5d:a7:a0:98:56:4a:
19:08:5d:e8:b0:dc:4e:fa:b9:2e:e8:02:b4:e2:31:
da:0e:22:61:fa:68:75:70:6e:a7:78:c2:70:0c:0a:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:76:91:D0:B5:2B:13:B7:5E:F8:1B:31:7F:33:45:C3:3B:C8:90:1B
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/IXaR0LUrE7de-BsxfzNFwzvIkBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6700::/29
2a06:2700::/29
Signature Algorithm: sha256WithRSAEncryption
8c:fd:a1:54:c6:cc:dd:16:2f:46:79:7d:4d:61:1e:65:1a:e2:
69:20:c3:88:56:0a:d2:32:92:41:8a:01:48:32:fd:2a:66:73:
7e:8c:e4:66:95:8e:b4:83:66:82:86:74:48:90:9b:e0:e3:78:
36:ca:a1:c4:13:68:d4:8d:cc:a2:6f:13:e9:61:24:3f:be:a1:
50:40:c1:9f:7a:f6:f2:ba:93:b8:ef:2e:7e:50:f0:bd:2f:51:
04:4a:14:d1:26:03:d8:d6:e9:7a:e1:c3:d3:2f:43:2d:be:a6:
1d:40:66:af:59:0f:6b:8b:51:9f:67:f9:c2:5b:cf:26:de:fc:
67:a9:c1:68:a0:e1:34:17:6f:d5:10:cd:7d:42:03:7c:e6:1c:
ee:a2:73:b6:58:20:16:c1:0d:eb:b1:bb:2a:37:89:dd:8e:09:
dd:ef:ff:af:93:3c:cf:95:7b:c2:cf:aa:78:0b:99:53:4d:e0:
92:8d:73:61:75:ba:c2:e0:15:c8:48:ce:c8:f9:31:3b:0b:4d:
28:4f:2d:a8:e6:27:e9:60:b9:f3:7e:8e:c0:62:2d:5d:02:b7:
5e:c2:51:d3:c1:68:e7:e9:d8:8f:88:ae:38:20:8c:25:f5:c5:
93:01:5b:a1:20:82:80:e7:17:09:78:1f:94:ae:27:74:db:f5:
ce:2a:73:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsSm/ZvNliZsbrQKaDFGRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMTAxMDc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTc2OTFkMGI1MmIxM2I3NWVmODFiMzE3ZjMzNDVjMzNiYzg5MDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPOrJbK3FB7b2eqzm35Lxrf98Wgw
lekni0tYVDLh0P1JkU2/RbSoviT1Z115JkJv7DElrwyOKbvwhm498d50rDNx4TFk
DDY3WSErrGlYE4KOQVRS8mA12Xj962QNY0ripVCpDwDo48HEDBWINfy+ObGfpj4c
9vICmPdKVwa/VJoUMIRDdE442EWMBP/qo/uG5GlN7jTvP1IPvV3JBYu+AVnsylUF
fwzlYAlL1wZ/vo6w5MzwY2dGA12bYhUEHCd/5nqJmvK2vwhwYX91k+8F4/zAqC7m
6RCMWnFdp6CYVkoZCF3osNxO+rku6AK04jHaDiJh+mh1cG6neMJwDArJMwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCF2kdC1KxO3XvgbMX8zRcM7yJAbMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvSVhhUjBMVXJFN2RlLUJzeGZ6TkZ3enZJa0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgVnAAMF
AyoGJwAwDQYJKoZIhvcNAQELBQADggEBAIz9oVTGzN0WL0Z5fU1hHmUa4mkgw4hW
CtIykkGKAUgy/Spmc36M5GaVjrSDZoKGdEiQm+DjeDbKocQTaNSNzKJvE+lhJD++
oVBAwZ969vK6k7jvLn5Q8L0vUQRKFNEmA9jW6Xrhw9MvQy2+ph1AZq9ZD2uLUZ9n
+cJbzybe/GepwWig4TQXb9UQzX1CA3zmHO6ic7ZYIBbBDeuxuyo3id2OCd3v/6+T
PM+Ve8LPqngLmVNN4JKNc2F1usLgFchIzsj5MTsLTShPLajmJ+lgufN+jsBiLV0C
t17CUdPBaOfp2I+IrjggjCX1xZMBW6EggoDnFwl4H5SuJ3Tb9c4qc6k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org