Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pa2ws45b1qgkhlxfr4H_o097fDo.roa
File: pa2ws45b1qgkhlxfr4H_o097fDo.roa (raw, json)
Hash identifier: Gj0OAFPhJXch+XOwfFe+XesIIcVR0iK9cp2cnbNJbkM=
Subject key identifier: A5:AD:B0:B3:8E:5B:D6:A8:24:86:5C:5F:AF:81:FF:A3:4F:7B:7C:3A
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 01915B849C558B4EC07882747C444F598838
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pa2ws45b1qgkhlxfr4H_o097fDo.roa
Signing time: Fri 16 Aug 2024 14:08:22 +0000
ROA not before: Fri 16 Aug 2024 14:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:35c0::/29 maxlen: 29
2a12:41c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Aug 2024 21:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:84:9c:55:8b:4e:c0:78:82:74:7c:44:4f:59:88:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Aug 16 14:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5adb0b38e5bd6a824865c5faf81ffa34f7b7c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ff:b6:13:a0:78:7f:a6:0d:bf:9a:cf:ef:72:
15:04:4e:93:c7:2e:97:1c:ac:5b:ed:48:67:a5:5d:
eb:0d:37:f6:14:92:0e:18:9b:a4:65:ee:7b:00:61:
c6:14:ee:3a:96:d8:b6:26:9d:16:a8:d0:f8:3a:a0:
49:d0:7a:b9:31:65:50:7c:20:82:cd:03:31:6a:b7:
20:01:b4:c7:60:e8:5e:13:6c:f6:43:1a:73:17:e2:
93:72:4d:b1:62:59:d0:8e:c2:07:0f:d4:86:8e:44:
23:73:b1:21:86:49:2c:4d:d4:b8:8f:d8:cc:83:ab:
23:0f:b3:b6:b0:a0:dc:d3:b5:0d:73:60:4e:84:1e:
bd:5f:8c:dc:2a:15:0d:c0:49:60:40:5f:a7:8e:53:
fb:b3:06:d2:32:43:23:33:a6:ec:31:13:59:90:b9:
76:73:d1:84:03:14:5c:3d:ec:44:f2:51:fb:90:b8:
0b:5b:27:9d:d5:00:43:32:4f:e4:a1:bb:e9:c1:25:
fc:4c:20:41:ec:bb:7b:a6:79:68:f0:3f:80:48:36:
12:bf:fb:49:19:15:35:e8:31:79:b4:97:75:5a:53:
ed:98:4a:8a:a8:dd:ce:f6:12:16:b9:37:4f:52:52:
79:77:1a:2b:99:71:76:4b:1e:6e:7b:4b:d2:3f:ea:
29:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:B0:B3:8E:5B:D6:A8:24:86:5C:5F:AF:81:FF:A3:4F:7B:7C:3A
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/pa2ws45b1qgkhlxfr4H_o097fDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:35c0::/29
2a12:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
cc:9b:1c:15:90:7c:67:20:19:7c:72:db:87:32:bd:31:d7:8c:
0c:8e:39:e7:2a:5a:eb:4c:ba:69:eb:2d:82:9b:5d:89:e1:dc:
d5:c2:32:ff:65:5d:d5:57:4f:e8:e8:02:b9:b2:dd:ac:e0:50:
1a:ec:82:f2:31:d2:fd:49:9f:69:d3:de:da:1d:9e:73:f3:3e:
84:1f:75:a1:1b:6e:80:14:6c:c0:73:7d:75:6d:9b:de:07:f4:
6e:45:a1:df:a2:c9:cd:09:a0:df:2c:16:1f:39:56:2d:47:ba:
fd:54:ab:31:9f:30:e2:1e:cb:61:34:51:32:25:c8:10:de:b8:
f5:5b:6e:ac:16:c8:29:25:d3:e3:20:4d:6d:36:c8:2f:b9:26:
51:fb:34:93:dc:c1:d3:de:1a:f2:ac:73:3c:db:92:0c:bf:1f:
c0:0d:58:fa:c1:3e:84:0e:84:cc:27:e6:93:c4:d2:c9:14:46:
f8:f3:40:26:63:cc:22:fa:1c:bf:53:27:54:1a:55:aa:b9:ca:
a3:cf:5c:b1:78:8a:2b:53:f2:75:d5:05:40:77:51:0a:f3:5f:
ac:3c:f8:2b:db:3c:94:35:9e:27:96:f2:db:dd:e4:f3:94:bf:
c8:2f:9f:fd:fb:7c:2b:48:6f:b0:de:a5:2f:58:e7:6e:d8:13:
8e:fc:f4:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFbhJxVi07AeIJ0fERPWYg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwODE2MTQwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFkYjBiMzhlNWJkNmE4MjQ4NjVjNWZhZjgxZmZhMzRmN2I3YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP+2E6B4f6YNv5rP73IVBE6Txy6X
HKxb7UhnpV3rDTf2FJIOGJukZe57AGHGFO46lti2Jp0WqND4OqBJ0Hq5MWVQfCCC
zQMxarcgAbTHYOheE2z2QxpzF+KTck2xYlnQjsIHD9SGjkQjc7EhhkksTdS4j9jM
g6sjD7O2sKDc07UNc2BOhB69X4zcKhUNwElgQF+njlP7swbSMkMjM6bsMRNZkLl2
c9GEAxRcPexE8lH7kLgLWyed1QBDMk/kobvpwSX8TCBB7Lt7pnlo8D+ASDYSv/tJ
GRU16DF5tJd1WlPtmEqKqN3O9hIWuTdPUlJ5dxormXF2Sx5ue0vSP+opiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKWtsLOOW9aoJIZcX6+B/6NPe3w6MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvcGEyd3M0NWIxcWdraGx4ZnI0SF9vMDk3ZkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhI1wAMF
AyoSQcAwDQYJKoZIhvcNAQELBQADggEBAMybHBWQfGcgGXxy24cyvTHXjAyOOecq
WutMumnrLYKbXYnh3NXCMv9lXdVXT+joArmy3azgUBrsgvIx0v1Jn2nT3todnnPz
PoQfdaEbboAUbMBzfXVtm94H9G5Fod+iyc0JoN8sFh85Vi1Huv1UqzGfMOIey2E0
UTIlyBDeuPVbbqwWyCkl0+MgTW02yC+5JlH7NJPcwdPeGvKsczzbkgy/H8ANWPrB
PoQOhMwn5pPE0skURvjzQCZjzCL6HL9TJ1QaVaq5yqPPXLF4iitT8nXVBUB3UQrz
X6w8+CvbPJQ1nieW8tvd5POUv8gvn/37fCtIb7DepS9Y527YE4789Lg=
-----END CERTIFICATE-----
Generated at Mon Aug 19 23:51:28 2024 by rpki-client on console-ams.rpki-client.org