Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9I6xbM0eBg_rZMHXsT9rCM2tLmE.roa
File: 9I6xbM0eBg_rZMHXsT9rCM2tLmE.roa (raw, json)
Hash identifier: FJu8wu+sO8mt1cN2z04C4/j1HeQ/wYEC2xh5nw1HTRg=
Subject key identifier: F4:8E:B1:6C:CD:1E:06:0F:EB:64:C1:D7:B1:3F:6B:08:CD:AD:2E:61
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D0CDA2C5EAF3D7606576E278BA74AB6C7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9I6xbM0eBg_rZMHXsT9rCM2tLmE.roa
Signing time: Mon 15 Jan 2024 11:20:41 +0000
ROA not before: Mon 15 Jan 2024 11:20:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2a00:1c8d::/32 maxlen: 32
2a00:1c8b::/32 maxlen: 32
2a00:1c89::/32 maxlen: 32
2a00:1c8c::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:da:2c:5e:af:3d:76:06:57:6e:27:8b:a7:4a:b6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 15 11:20:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f48eb16ccd1e060feb64c1d7b13f6b08cdad2e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2a:d5:05:b6:0c:6f:4a:8a:87:9f:ef:a9:cf:
f4:f9:9d:2e:33:de:74:52:ce:32:9e:d8:94:34:15:
b3:14:5d:8c:ef:92:a9:cf:42:6a:9e:95:e8:61:9d:
33:3f:91:da:2b:f1:13:44:2d:3f:ec:79:b3:b8:da:
9d:fe:3c:b3:cc:42:9b:7c:c3:f0:4c:87:40:bf:a1:
47:5c:ca:88:c6:ea:5c:8b:c4:53:bc:2a:cc:a8:84:
61:a2:9e:f0:e9:68:d6:2a:e0:d5:2c:f4:e5:ab:46:
6f:5e:87:28:33:35:94:66:df:53:70:ed:a8:42:76:
e6:68:64:4e:17:bb:a5:b6:0c:22:db:a6:12:ea:d1:
a3:a6:55:f2:66:5c:ef:53:5f:5a:a4:fe:4e:5f:7e:
9a:db:a1:d4:78:51:56:af:2e:42:e3:d5:d4:69:9a:
13:fd:85:4e:88:32:63:01:92:14:10:aa:b3:6a:8a:
b9:13:dc:37:3f:49:42:2a:61:21:95:59:83:f3:86:
be:2d:fc:b2:5d:bc:3d:f1:ae:45:d7:47:2d:40:61:
35:8c:ac:fd:a4:cb:2e:c8:14:e6:2e:71:7a:05:8e:
9c:fc:d9:31:f7:37:78:de:81:69:e1:7a:02:23:ba:
71:b3:ec:25:72:3a:3f:c2:9b:97:23:33:7b:16:fd:
ce:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8E:B1:6C:CD:1E:06:0F:EB:64:C1:D7:B1:3F:6B:08:CD:AD:2E:61
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/9I6xbM0eBg_rZMHXsT9rCM2tLmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c89::/32
2a00:1c8b::-2a00:1c8d:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:5d:74:ed:6e:6f:64:79:7c:0a:ae:39:c0:1e:a3:ef:ed:a1:
c6:f7:bd:76:a7:7d:98:92:bc:96:29:66:55:60:25:81:80:d1:
59:db:da:32:02:e4:1c:da:ff:79:c4:d9:fd:8c:7e:a3:90:64:
e5:14:c5:f1:08:bb:c4:70:b6:33:f5:f0:3a:9a:aa:17:e9:63:
77:67:80:9f:b2:b1:f2:79:d4:fb:06:d9:44:25:1e:eb:96:4a:
14:71:d3:aa:f2:51:13:5c:29:dd:d0:a9:56:03:28:4f:73:df:
9b:fe:31:58:b0:f7:eb:6e:e0:5f:2a:72:7a:28:11:c9:60:9b:
86:67:17:2c:7d:0a:12:1b:3b:44:1d:5c:8d:c8:9e:0d:15:d5:
c8:8c:89:63:29:c9:fe:d2:cd:4f:c3:8a:a4:b6:f1:74:89:e8:
ef:54:ec:ff:7b:12:d6:86:63:fb:33:aa:ad:61:4a:bc:02:e9:
a7:d8:f0:2b:4d:2a:ee:21:44:46:90:71:5f:77:10:77:1d:ce:
9b:a1:e2:e3:cd:4b:ab:62:f7:19:d8:f0:63:a1:f2:75:d3:fd:
40:e0:e2:2d:f1:b8:41:29:45:a9:78:e9:4b:37:06:b6:ed:a5:
0c:fe:00:b9:5f:30:dc:5e:4e:74:33:e2:2f:29:98:fb:e4:b1:
89:fd:b9:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0M2ixerz12BlduJ4unSrbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTE1MTEyMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDhlYjE2Y2NkMWUwNjBmZWI2NGMxZDdiMTNmNmIwOGNkYWQyZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhirVBbYMb0qKh5/vqc/0+Z0uM950
Us4yntiUNBWzFF2M75Kpz0JqnpXoYZ0zP5HaK/ETRC0/7HmzuNqd/jyzzEKbfMPw
TIdAv6FHXMqIxupci8RTvCrMqIRhop7w6WjWKuDVLPTlq0ZvXocoMzWUZt9TcO2o
QnbmaGROF7ultgwi26YS6tGjplXyZlzvU19apP5OX36a26HUeFFWry5C49XUaZoT
/YVOiDJjAZIUEKqzaoq5E9w3P0lCKmEhlVmD84a+LfyyXbw98a5F10ctQGE1jKz9
pMsuyBTmLnF6BY6c/Nkx9zd43oFp4XoCI7pxs+wlcjo/wpuXIzN7Fv3OxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSOsWzNHgYP62TB17E/awjNrS5hMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOUk2eGJNMGVCZ19yWk1IWHNUOXJDTTJ0TG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKgAciTAO
AwUAKgAciwMFASoAHIwwDQYJKoZIhvcNAQELBQADggEBAIBddO1ub2R5fAquOcAe
o+/tocb3vXanfZiSvJYpZlVgJYGA0Vnb2jIC5Bza/3nE2f2MfqOQZOUUxfEIu8Rw
tjP18DqaqhfpY3dngJ+ysfJ51PsG2UQlHuuWShRx06ryURNcKd3QqVYDKE9z35v+
MViw9+tu4F8qcnooEclgm4ZnFyx9ChIbO0QdXI3Ing0V1ciMiWMpyf7SzU/DiqS2
8XSJ6O9U7P97EtaGY/szqq1hSrwC6afY8CtNKu4hREaQcV93EHcdzpuh4uPNS6ti
9xnY8GOh8nXT/UDg4i3xuEEpRal46Us3BrbtpQz+ALlfMNxeTnQz4i8pmPvksYn9
uSc=
-----END CERTIFICATE-----
Generated at Wed Feb 7 09:08:04 2024 by rpki-client on console-ams.rpki-client.org