Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/Sq8taD2P6XuyRPVmOstkLaNbrvw.roa
File: Sq8taD2P6XuyRPVmOstkLaNbrvw.roa (raw, json)
Hash identifier: t69G0AgkZ7L+CbmzBhIGDW9S4YhO6PuE8jrbYkhEGrE=
Subject key identifier: 4A:AF:2D:68:3D:8F:E9:7B:B2:44:F5:66:3A:CB:64:2D:A3:5B:AE:FC
Certificate issuer: /CN=fa4e405359a2131708fc02438d472568e2c03470
Certificate serial: 0185723A0665755D5AC1F1FFCB8E94529004
Authority key identifier: FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/Sq8taD2P6XuyRPVmOstkLaNbrvw.roa
Signing time: Mon 02 Jan 2023 11:24:43 +0000
ROA not before: Mon 02 Jan 2023 11:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31743
IP address blocks: 2a10:8800::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:06:65:75:5d:5a:c1:f1:ff:cb:8e:94:52:90:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa4e405359a2131708fc02438d472568e2c03470
Validity
Not Before: Jan 2 11:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aaf2d683d8fe97bb244f5663acb642da35baefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:20:e5:11:5c:c0:63:00:35:04:34:8b:de:
ee:a0:fd:d2:37:c6:44:96:e3:4b:7c:2e:aa:2d:b7:
2c:dc:6e:60:d7:1b:03:e3:31:65:b3:38:26:32:20:
fa:36:92:5b:eb:1a:83:5e:a0:e8:d1:fe:42:b3:0b:
a2:6a:35:0d:7d:e3:a8:ef:bc:55:cd:de:14:91:50:
99:20:40:fa:10:50:13:60:b9:f0:ba:36:86:04:40:
73:77:2c:ed:08:cd:c6:26:d4:37:05:9e:ae:34:ec:
e8:34:79:df:63:c0:08:ad:98:d3:34:b0:7c:af:64:
9c:92:24:9d:f3:7e:36:9b:03:bd:c1:d7:be:63:8f:
e4:57:3f:5f:f9:ce:c2:97:31:2f:34:a9:2c:f2:9a:
fe:49:9c:fe:67:e6:2b:0f:65:0f:dd:7f:7e:6a:55:
51:09:b9:24:e2:2c:8e:01:c8:f8:38:d6:2c:ed:ff:
47:7e:1f:0c:f7:cf:f0:08:21:37:5a:77:55:11:47:
42:3a:be:c2:08:ec:c6:70:74:8f:a0:80:dc:37:4d:
c2:7a:55:c9:b1:a8:f6:c4:81:88:9d:02:a9:a9:34:
18:af:f5:76:be:0e:a8:6a:76:24:9f:11:7a:4d:44:
a0:35:10:f5:88:21:3a:18:ca:4a:04:26:71:6c:de:
47:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AF:2D:68:3D:8F:E9:7B:B2:44:F5:66:3A:CB:64:2D:A3:5B:AE:FC
X509v3 Authority Key Identifier:
keyid:FA:4E:40:53:59:A2:13:17:08:FC:02:43:8D:47:25:68:E2:C0:34:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-k5AU1miExcI_AJDjUclaOLANHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/Sq8taD2P6XuyRPVmOstkLaNbrvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6a3f35-35b8-49e0-9f44-b818faecb717/1/1-k5AU1miExcI_AJDjUclaOLANHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8800::/29
Signature Algorithm: sha256WithRSAEncryption
2b:2a:0f:45:e7:80:3e:02:fd:e9:40:18:e0:5b:ab:bf:67:f5:
a5:2d:3f:5f:8f:01:3d:3d:3b:54:3d:17:ff:16:e6:6a:5c:0a:
34:f5:77:47:3b:c1:9f:ab:56:11:b4:f5:12:95:70:3c:96:8f:
8d:4f:e5:1e:2c:36:96:41:e3:d6:7b:05:45:ce:21:50:3a:57:
ed:2d:f9:8b:0a:be:e7:fd:ed:f0:b2:f8:0c:0c:7c:49:10:7e:
48:9e:11:a2:87:70:00:72:f4:e9:61:76:f1:d2:7d:41:0f:2a:
2c:b0:50:35:c9:e0:f4:a2:30:45:4a:f0:95:27:33:79:c1:21:
f3:a4:8a:8e:b5:53:f1:88:d0:70:ad:c3:89:5b:c5:19:7f:59:
67:e6:a7:8e:3f:cb:dc:98:54:67:60:87:3d:47:e1:98:61:78:
11:b9:7e:22:64:55:29:53:5e:b3:9b:be:03:4d:c6:87:ed:9f:
81:40:ec:47:27:31:43:09:55:07:00:8c:a4:f1:08:08:59:26:
2c:3a:7e:12:0b:e2:79:00:ee:41:e7:5b:68:9b:32:ae:06:b5:
8b:f9:20:bf:72:47:ff:0b:24:2a:7a:ce:95:9e:25:85:d4:3a:
a3:52:b3:d1:e3:3e:0e:1e:da:c6:76:07:a4:83:08:72:9d:b6:
f5:64:59:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyOgZldV1awfH/y46UUpAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNGU0MDUzNTlhMjEzMTcwOGZjMDI0MzhkNDcyNTY4ZTJj
MDM0NzAwHhcNMjMwMTAyMTEyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFmMmQ2ODNkOGZlOTdiYjI0NGY1NjYzYWNiNjQyZGEzNWJhZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTgg5RFcwGMANQQ0i97uoP3SN8ZE
luNLfC6qLbcs3G5g1xsD4zFlszgmMiD6NpJb6xqDXqDo0f5CswuiajUNfeOo77xV
zd4UkVCZIED6EFATYLnwujaGBEBzdyztCM3GJtQ3BZ6uNOzoNHnfY8AIrZjTNLB8
r2SckiSd8342mwO9wde+Y4/kVz9f+c7ClzEvNKks8pr+SZz+Z+YrD2UP3X9+alVR
Cbkk4iyOAcj4ONYs7f9Hfh8M98/wCCE3WndVEUdCOr7CCOzGcHSPoIDcN03CelXJ
saj2xIGInQKpqTQYr/V2vg6oanYknxF6TUSgNRD1iCE6GMpKBCZxbN5HpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEqvLWg9j+l7skT1ZjrLZC2jW678MB8GA1UdIwQY
MBaAFPpOQFNZohMXCPwCQ41HJWjiwDRwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rNUFVMW1pRXhjSV9BSkRqVWNsYU9MQU5IQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0
LWI4MThmYWVjYjcxNy8xL1NxOHRhRDJQNlh1eVJQVm1Pc3RrTGFOYnJ2dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvNmEzZjM1LTM1YjgtNDllMC05ZjQ0LWI4MThmYWVjYjcx
Ny8xLzEtazVBVTFtaUV4Y0lfQUpEalVjbGFPTEFOSEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqEIgA
MA0GCSqGSIb3DQEBCwUAA4IBAQArKg9F54A+Av3pQBjgW6u/Z/WlLT9fjwE9PTtU
PRf/FuZqXAo09XdHO8Gfq1YRtPUSlXA8lo+NT+UeLDaWQePWewVFziFQOlftLfmL
Cr7n/e3wsvgMDHxJEH5InhGih3AAcvTpYXbx0n1BDyossFA1yeD0ojBFSvCVJzN5
wSHzpIqOtVPxiNBwrcOJW8UZf1ln5qeOP8vcmFRnYIc9R+GYYXgRuX4iZFUpU16z
m74DTcaH7Z+BQOxHJzFDCVUHAIyk8QgIWSYsOn4SC+J5AO5B51tomzKuBrWL+SC/
ckf/CyQqes6VniWF1DqjUrPR4z4OHtrGdgekgwhynbb1ZFkC
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:22 2024 by rpki-client on console-ams.rpki-client.org