Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_ieUDWqRcOYNYELt5cd9bKe0DXc.roa
File: _ieUDWqRcOYNYELt5cd9bKe0DXc.roa (raw, json)
Hash identifier: R0IhnYBukMCMgsfgv6nZY83dUQt+q6QHVWOcEYKPxFY=
Subject key identifier: FE:27:94:0D:6A:91:70:E6:0D:60:42:ED:E5:C7:7D:6C:A7:B4:0D:77
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C107BDA91362D37AD8597AC663A43E0BA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_ieUDWqRcOYNYELt5cd9bKe0DXc.roa
Signing time: Mon 27 Nov 2023 11:13:21 +0000
ROA not before: Mon 27 Nov 2023 11:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 2a00:1c8d::/32 maxlen: 32
2a00:1c8a::/32 maxlen: 32
2a00:1c8b::/32 maxlen: 32
2a00:1c89::/32 maxlen: 32
2a00:1c8c::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:7b:da:91:36:2d:37:ad:85:97:ac:66:3a:43:e0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 11:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe27940d6a9170e60d6042ede5c77d6ca7b40d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9c:99:e0:db:5b:a8:3b:68:db:45:11:52:b8:
ad:25:d7:68:b6:9d:4e:fb:a2:f8:47:30:09:4e:24:
55:7c:47:7e:9a:ef:ec:0f:27:f4:58:d2:51:30:3b:
56:3d:91:e2:ed:c1:a3:f6:99:5c:c4:b4:e7:c2:91:
dc:07:7d:a0:a5:ed:03:5d:39:1f:d4:64:1a:47:40:
bc:a3:12:14:13:04:e1:d8:2c:d5:7e:4b:2f:7c:32:
1e:9b:b7:f9:7b:b4:d0:0b:15:4b:dc:45:17:9d:91:
47:f0:51:e0:d8:d0:7e:54:3f:08:82:7b:73:ff:9f:
eb:7d:5f:47:30:55:d8:84:42:7d:98:e9:99:8e:9d:
c6:0a:4e:47:b8:74:ec:e0:6e:aa:44:38:e1:f2:9a:
62:85:85:12:22:d7:26:55:f9:65:0c:44:18:3e:8f:
06:8c:a1:16:86:5b:63:71:af:d8:1a:62:74:66:90:
29:4c:5d:6b:62:4c:6a:06:c9:17:35:d7:e2:3c:91:
ff:e9:b1:d4:4c:0b:08:c4:2a:ac:31:1e:c7:aa:85:
6c:53:4e:8a:2a:d6:b7:8e:ef:4a:81:3d:05:39:73:
ab:b5:9a:35:f1:7f:02:c1:54:d6:b1:ed:94:06:21:
ec:fa:8c:06:15:7b:51:9c:ed:a0:33:05:52:cd:60:
5c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:27:94:0D:6A:91:70:E6:0D:60:42:ED:E5:C7:7D:6C:A7:B4:0D:77
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_ieUDWqRcOYNYELt5cd9bKe0DXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c89::-2a00:1c8d:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
12:70:2b:75:04:8c:ad:c6:16:1d:9b:b7:e7:ed:d7:05:10:f4:
21:ea:8c:19:10:ab:48:e4:b7:8d:07:3c:09:87:74:57:82:91:
0a:aa:3a:bb:ef:fe:6c:91:c4:17:0e:bd:e6:73:d8:30:b8:3e:
ca:ce:f0:5f:c8:cf:6c:dc:ff:97:21:ac:93:18:3d:d2:eb:d3:
bc:2a:4c:21:8f:6c:a5:28:25:91:eb:ac:8e:f1:c0:3d:98:9a:
ae:5e:44:e8:04:e0:26:38:91:94:07:7a:9a:e7:ee:c0:d6:fd:
1c:ce:b4:2c:35:f2:6e:4e:ad:7b:75:53:80:39:8f:24:19:46:
d7:2b:db:f3:f3:5d:f2:eb:9a:1c:fd:26:25:83:8b:51:7a:06:
ab:f0:20:4a:82:65:39:ff:9f:74:a3:5a:3e:14:50:b9:c4:5a:
c7:96:32:94:87:39:ea:b4:29:74:99:c0:da:30:72:b8:d1:c4:
fa:a7:cd:55:95:e4:4a:c4:5c:05:07:0b:b5:41:fe:a9:02:ea:
80:e0:25:18:f8:c9:f3:2f:3d:ec:4c:4f:58:54:02:18:50:9b:
1f:dd:66:2a:e1:bc:a6:8b:4f:7d:3f:9e:d9:e0:8e:7b:7d:36:
38:c0:d7:b0:cb:be:2d:59:f3:11:c4:e0:72:d7:c2:cb:13:a8:
54:3b:d3:b5
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYwQe9qRNi03rYWXrGY6Q+C6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI3MTExMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTI3OTQwZDZhOTE3MGU2MGQ2MDQyZWRlNWM3N2Q2Y2E3YjQwZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpyZ4NtbqDto20URUritJddotp1O
+6L4RzAJTiRVfEd+mu/sDyf0WNJRMDtWPZHi7cGj9plcxLTnwpHcB32gpe0DXTkf
1GQaR0C8oxIUEwTh2CzVfksvfDIem7f5e7TQCxVL3EUXnZFH8FHg2NB+VD8Igntz
/5/rfV9HMFXYhEJ9mOmZjp3GCk5HuHTs4G6qRDjh8ppihYUSItcmVfllDEQYPo8G
jKEWhltjca/YGmJ0ZpApTF1rYkxqBskXNdfiPJH/6bHUTAsIxCqsMR7HqoVsU06K
Kta3ju9KgT0FOXOrtZo18X8CwVTWse2UBiHs+owGFXtRnO2gMwVSzWBcCQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFP4nlA1qkXDmDWBC7eXHfWyntA13MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX2llVURXcVJjT1lOWUVMdDVjZDliS2UwRFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqAByJ
AwUBKgAcjDANBgkqhkiG9w0BAQsFAAOCAQEAEnArdQSMrcYWHZu35+3XBRD0IeqM
GRCrSOS3jQc8CYd0V4KRCqo6u+/+bJHEFw695nPYMLg+ys7wX8jPbNz/lyGskxg9
0uvTvCpMIY9spSglkeusjvHAPZiarl5E6ATgJjiRlAd6mufuwNb9HM60LDXybk6t
e3VTgDmPJBlG1yvb8/Nd8uuaHP0mJYOLUXoGq/AgSoJlOf+fdKNaPhRQucRax5Yy
lIc56rQpdJnA2jByuNHE+qfNVZXkSsRcBQcLtUH+qQLqgOAlGPjJ8y897ExPWFQC
GFCbH91mKuG8potPfT+e2eCOe302OMDXsMu+LVnzEcTgctfCyxOoVDvTtQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org