Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j787VLvYA8SATE2OpnLAq2ZzqG0.roa
File: j787VLvYA8SATE2OpnLAq2ZzqG0.roa (raw, json)
Hash identifier: /4fw8Ut7T6CA+KWYL8iG2F/ulbSQCtkUGfHbS0owOmc=
Subject key identifier: 8F:BF:3B:54:BB:D8:03:C4:80:4C:4D:8E:A6:72:C0:AB:66:73:A8:6D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E413C284CBAB8FA9E30AA3DFDA48FC43D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j787VLvYA8SATE2OpnLAq2ZzqG0.roa
Signing time: Fri 15 Mar 2024 08:30:45 +0000
ROA not before: Fri 15 Mar 2024 08:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a00:1c88::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Mar 2024 08:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:3c:28:4c:ba:b8:fa:9e:30:aa:3d:fd:a4:8f:c4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 08:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fbf3b54bbd803c4804c4d8ea672c0ab6673a86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a5:c2:19:d1:31:da:85:df:0a:bb:4e:0a:68:
70:d7:eb:4b:e0:e5:9a:b4:75:5d:57:19:99:a1:00:
d1:d2:e5:09:c9:48:94:0e:7b:d6:fa:c8:f0:79:a9:
75:af:7b:4c:34:be:bb:0a:21:35:4c:ec:e5:b7:55:
d2:a7:bb:b2:8e:16:ad:39:9d:4b:25:2a:16:38:14:
24:ed:a4:52:bb:1c:e6:52:fb:e7:ba:dc:73:8a:aa:
9f:6a:0f:8d:4b:83:ce:67:7e:0b:3a:b2:79:60:50:
c7:f1:73:c3:b2:13:73:62:47:9a:f3:55:81:7c:4a:
6a:2c:c4:08:8a:1d:7d:58:7b:6f:f2:c9:1c:b6:33:
4c:f2:06:1a:25:3d:1b:f4:8e:4a:c4:e5:d9:e8:c1:
4f:2c:7f:b8:71:80:bb:1c:7d:b8:c7:a6:fb:00:86:
29:ec:36:60:64:ee:00:ec:bb:70:b8:5b:d5:94:78:
7e:d7:63:b0:29:68:26:83:a2:39:30:64:d0:2c:43:
3f:e2:32:ec:5c:10:fe:02:d1:aa:40:35:d7:d1:52:
29:19:8d:b6:69:51:44:b1:42:3e:50:4f:c1:61:5c:
c7:57:e5:4a:ad:c0:a8:be:39:19:f1:36:43:c6:fb:
df:a4:4c:3a:0f:79:9e:e1:20:73:5f:5b:a9:b1:bb:
43:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BF:3B:54:BB:D8:03:C4:80:4C:4D:8E:A6:72:C0:AB:66:73:A8:6D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j787VLvYA8SATE2OpnLAq2ZzqG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c88::/29
Signature Algorithm: sha256WithRSAEncryption
4a:fd:d6:a5:9c:8f:84:87:21:92:8b:7b:94:62:22:85:95:4a:
1a:64:44:72:17:98:dc:b6:83:9e:0a:b0:8b:ce:90:52:fc:58:
1b:12:9b:64:e3:34:96:3f:59:ab:10:71:c2:71:66:28:9b:e0:
bc:6d:54:06:76:2a:e2:95:c5:99:b0:0c:59:17:2b:84:36:2c:
af:ed:db:16:02:83:f7:f4:7d:48:a3:9f:9d:5f:91:23:cf:43:
5a:41:1c:42:78:a1:f4:69:da:9f:c4:00:cd:d2:57:a6:9c:e3:
40:bf:1f:7f:91:7b:04:96:f9:c2:11:f6:9c:4e:48:2c:0e:39:
61:34:20:94:a2:62:fa:80:f8:e9:83:74:59:49:ee:43:68:52:
13:f2:6c:a2:7f:9c:89:16:11:95:37:50:32:79:0b:d1:14:3f:
85:01:cf:04:89:a9:77:98:b0:99:fb:0f:c6:60:3d:2c:1b:0e:
a5:2a:e2:67:68:8e:00:33:e8:2a:de:49:11:41:1d:f5:9a:b3:
8c:74:c8:be:e7:15:f6:17:d0:5e:8d:27:28:15:6f:27:aa:1c:
4a:a7:70:4b:10:88:f1:4b:28:3e:c2:ae:4e:81:c2:e3:35:42:
ca:5e:d8:7f:c1:2d:52:21:16:5e:f4:7d:19:27:da:25:21:ad:
ee:c3:4e:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5BPChMurj6njCqPf2kj8Q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzE1MDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmJmM2I1NGJiZDgwM2M0ODA0YzRkOGVhNjcyYzBhYjY2NzNhODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqXCGdEx2oXfCrtOCmhw1+tL4OWa
tHVdVxmZoQDR0uUJyUiUDnvW+sjweal1r3tMNL67CiE1TOzlt1XSp7uyjhatOZ1L
JSoWOBQk7aRSuxzmUvvnutxziqqfag+NS4POZ34LOrJ5YFDH8XPDshNzYkea81WB
fEpqLMQIih19WHtv8skctjNM8gYaJT0b9I5KxOXZ6MFPLH+4cYC7HH24x6b7AIYp
7DZgZO4A7LtwuFvVlHh+12OwKWgmg6I5MGTQLEM/4jLsXBD+AtGqQDXX0VIpGY22
aVFEsUI+UE/BYVzHV+VKrcCovjkZ8TZDxvvfpEw6D3me4SBzX1upsbtDKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI+/O1S72APEgExNjqZywKtmc6htMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvajc4N1ZMdllBOFNBVEUyT3BuTEFxMlp6cUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgAciDAN
BgkqhkiG9w0BAQsFAAOCAQEASv3WpZyPhIchkot7lGIihZVKGmREcheY3LaDngqw
i86QUvxYGxKbZOM0lj9ZqxBxwnFmKJvgvG1UBnYq4pXFmbAMWRcrhDYsr+3bFgKD
9/R9SKOfnV+RI89DWkEcQnih9Gnan8QAzdJXppzjQL8ff5F7BJb5whH2nE5ILA45
YTQglKJi+oD46YN0WUnuQ2hSE/Json+ciRYRlTdQMnkL0RQ/hQHPBImpd5iwmfsP
xmA9LBsOpSriZ2iOADPoKt5JEUEd9ZqzjHTIvucV9hfQXo0nKBVvJ6ocSqdwSxCI
8UsoPsKuToHC4zVCyl7Yf8EtUiEWXvR9GSfaJSGt7sNOdw==
-----END CERTIFICATE-----
Generated at Mon Mar 25 12:45:36 2024 by rpki-client on console-ams.rpki-client.org