Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4fbwtZCYED9ZzNQKh-uFIiH8tnc.roa
File: 4fbwtZCYED9ZzNQKh-uFIiH8tnc.roa (raw, json)
Hash identifier: 8GyzUnwBqMwXWDitun1YdepZ1NyD1FJWytYxoacJ82o=
Subject key identifier: E1:F6:F0:B5:90:98:10:3F:59:CC:D4:0A:87:EB:85:22:21:FC:B6:77
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018BAEB2378C842251ED43D8B2F9A9695DCA
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4fbwtZCYED9ZzNQKh-uFIiH8tnc.roa
Signing time: Wed 08 Nov 2023 11:29:57 +0000
ROA not before: Wed 08 Nov 2023 11:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208626
IP address blocks: 2a11:5a41::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:b2:37:8c:84:22:51:ed:43:d8:b2:f9:a9:69:5d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Nov 8 11:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f6f0b59098103f59ccd40a87eb852221fcb677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3e:6a:42:d9:be:ce:79:be:ef:d3:ed:f2:6d:
ff:a9:76:ec:30:e1:c6:de:a0:ba:39:b2:50:ae:2d:
61:38:e6:43:38:8f:5e:76:f9:82:dd:47:18:ae:80:
eb:67:ad:20:79:ec:ab:17:a4:d9:17:a0:94:fe:80:
c5:95:f4:c3:bc:66:cf:d4:79:0e:6b:3f:e8:13:98:
ac:8c:07:2b:e6:26:79:b3:b9:93:d7:55:84:22:19:
fe:be:a4:b6:f8:33:2d:5d:b0:11:f9:78:8e:0f:7a:
b3:26:e6:cd:70:d7:92:2c:aa:c8:91:6c:32:14:88:
d2:16:0b:07:50:98:46:1f:f0:1a:05:71:77:39:d6:
72:83:52:e2:d6:18:9e:37:3c:6c:c7:85:c1:9e:12:
22:e4:bc:5f:cf:ed:30:d2:e6:c3:0b:a2:40:27:27:
98:67:26:28:2a:75:9a:e6:9b:db:e9:75:1d:5a:95:
aa:cc:71:54:ec:06:53:2e:c3:bc:77:55:0c:c0:e5:
42:70:3f:2b:71:a2:3d:13:06:e7:f5:ce:6f:2c:08:
26:80:d3:00:3a:b3:43:06:ec:47:ec:2d:7b:15:a8:
ed:18:a8:5c:0e:99:9c:17:e2:69:30:de:b1:90:f1:
56:13:ad:63:67:ec:84:29:e4:0a:24:9c:94:12:88:
f0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F6:F0:B5:90:98:10:3F:59:CC:D4:0A:87:EB:85:22:21:FC:B6:77
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/4fbwtZCYED9ZzNQKh-uFIiH8tnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5a41::/32
Signature Algorithm: sha256WithRSAEncryption
39:fe:9f:60:c1:e4:f6:4b:c5:33:49:f3:f7:39:b5:97:26:28:
73:d4:11:a0:44:43:e9:ef:b0:51:3a:41:42:d3:cd:88:b4:42:
cc:87:8f:0f:57:79:99:64:a1:e9:cc:1a:a2:4e:a8:19:06:d7:
1f:74:e2:73:03:e9:95:9a:0e:1c:4e:25:b7:39:62:ac:c1:f5:
95:66:6e:f3:98:ea:20:48:a7:80:d4:a5:b0:e2:8a:8f:98:b3:
4e:86:fe:dc:ad:4f:99:83:89:9e:55:1d:a4:70:6b:39:cb:a2:
4a:21:75:99:12:a4:c5:d1:eb:cf:14:1f:c8:86:38:ab:81:ff:
be:c1:1b:a8:0e:5b:d2:d5:5f:81:a3:ef:e8:c8:d3:ed:bb:2a:
a5:99:31:17:1e:71:76:34:57:bc:a8:89:b2:d5:f3:ab:51:6c:
c4:1f:2d:4f:09:65:af:e5:a5:0b:67:8f:4b:14:fe:9d:82:f8:
0e:98:33:ef:58:e2:95:e5:ed:cc:43:b9:4c:2a:75:5a:4c:36:
0a:71:e9:df:95:1c:84:d8:1a:d4:08:40:1f:3b:d7:b7:a3:5b:
fc:b4:89:2c:cb:56:16:ff:e1:3e:fa:49:c4:ca:c0:c4:34:b0:
cc:2d:55:7a:4e:ab:93:0a:31:7d:de:8a:43:44:07:06:29:55:
83:42:5e:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuusjeMhCJR7UPYsvmpaV3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMxMTA4MTEyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY2ZjBiNTkwOTgxMDNmNTljY2Q0MGE4N2ViODUyMjIxZmNiNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT5qQtm+znm+79Pt8m3/qXbsMOHG
3qC6ObJQri1hOOZDOI9edvmC3UcYroDrZ60geeyrF6TZF6CU/oDFlfTDvGbP1HkO
az/oE5isjAcr5iZ5s7mT11WEIhn+vqS2+DMtXbAR+XiOD3qzJubNcNeSLKrIkWwy
FIjSFgsHUJhGH/AaBXF3OdZyg1Li1hieNzxsx4XBnhIi5Lxfz+0w0ubDC6JAJyeY
ZyYoKnWa5pvb6XUdWpWqzHFU7AZTLsO8d1UMwOVCcD8rcaI9Ewbn9c5vLAgmgNMA
OrNDBuxH7C17FajtGKhcDpmcF+JpMN6xkPFWE61jZ+yEKeQKJJyUEojwHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOH28LWQmBA/WczUCofrhSIh/LZ3MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvNGZid3RaQ1lFRDlaek5RS2gtdUZJaUg4dG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFaQTAN
BgkqhkiG9w0BAQsFAAOCAQEAOf6fYMHk9kvFM0nz9zm1lyYoc9QRoERD6e+wUTpB
QtPNiLRCzIePD1d5mWSh6cwaok6oGQbXH3TicwPplZoOHE4ltzlirMH1lWZu85jq
IEingNSlsOKKj5izTob+3K1PmYOJnlUdpHBrOcuiSiF1mRKkxdHrzxQfyIY4q4H/
vsEbqA5b0tVfgaPv6MjT7bsqpZkxFx5xdjRXvKiJstXzq1FsxB8tTwllr+WlC2eP
SxT+nYL4Dpgz71jileXtzEO5TCp1Wkw2CnHp35UchNga1AhAHzvXt6Nb/LSJLMtW
Fv/hPvpJxMrAxDSwzC1Vek6rkwoxfd6KQ0QHBilVg0JeJg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:16 2024 by rpki-client on console-fra.rpki-client.org