Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/a5wKBjn2tsWUe5O4k0Qjk_b5RsY.roa
File: a5wKBjn2tsWUe5O4k0Qjk_b5RsY.roa (raw, json)
Hash identifier: 0tJCAq0AchfcqMwtAtOgKUZ+KsX/NRdoZyh9UPLskqg=
Subject key identifier: 6B:9C:0A:06:39:F6:B6:C5:94:7B:93:B8:93:44:23:93:F6:F9:46:C6
Certificate issuer: /CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Certificate serial: 0186E529309133A1C3548463C9E4A7EF51F0
Authority key identifier: AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/a5wKBjn2tsWUe5O4k0Qjk_b5RsY.roa
Signing time: Wed 15 Mar 2023 12:05:27 +0000
ROA not before: Wed 15 Mar 2023 12:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3292
IP address blocks: 2a00:8200::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Mar 2023 15:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:29:30:91:33:a1:c3:54:84:63:c9:e4:a7:ef:51:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Validity
Not Before: Mar 15 12:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9c0a0639f6b6c5947b93b893442393f6f946c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:4b:33:bd:c1:00:c7:e2:97:84:5a:72:a1:
89:24:bb:c0:0b:50:5c:65:2c:cd:c7:c2:5e:35:ea:
c8:01:d8:35:c2:b7:19:2e:b4:40:24:9e:e0:5a:97:
9f:fe:50:7f:db:69:8d:30:39:63:7b:02:50:5f:c3:
af:19:20:aa:b3:bc:6a:f8:ea:2f:20:82:9d:9d:ac:
66:74:83:5e:4b:65:87:79:9b:55:15:11:22:80:54:
e4:de:11:50:e8:78:f2:44:57:56:e9:46:10:43:cd:
bb:b4:66:f7:2f:27:4d:c3:02:ea:80:2c:ff:77:e1:
53:9a:83:31:ef:43:3c:68:70:da:18:e1:ec:f1:25:
cf:a2:46:5e:b4:a0:e4:96:44:44:0b:dc:14:77:c2:
66:a3:ef:16:8b:53:bc:d8:ad:a3:6e:86:d2:58:5c:
34:c6:f3:13:d3:f0:8e:64:97:66:66:c8:0d:b8:88:
2b:b8:37:ca:2e:75:4a:77:99:30:cb:91:dc:48:fb:
2a:75:bc:2e:af:94:11:e9:a9:eb:16:6c:d4:cb:0c:
51:ff:84:9d:4a:5b:7c:88:ab:58:79:79:cb:25:99:
b9:ae:63:18:70:0e:13:05:cf:1e:b0:00:d4:52:a0:
61:1e:63:89:b8:15:37:a3:ae:ff:5c:35:f0:aa:a9:
0b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9C:0A:06:39:F6:B6:C5:94:7B:93:B8:93:44:23:93:F6:F9:46:C6
X509v3 Authority Key Identifier:
keyid:AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/a5wKBjn2tsWUe5O4k0Qjk_b5RsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8200::/32
Signature Algorithm: sha256WithRSAEncryption
80:34:99:2f:fb:88:2f:fb:97:b9:83:d9:0c:b4:e8:4f:1b:2d:
19:65:28:6f:c4:76:4e:e4:2f:82:bb:52:a1:05:c4:e6:70:cd:
b0:50:12:86:20:81:4b:d6:e6:0b:87:ce:d5:84:83:75:77:82:
5b:50:a4:95:21:a9:6a:8a:47:0b:81:9f:68:07:83:5a:81:0f:
a9:1b:4f:fe:6e:90:44:1a:2c:be:60:6c:f0:10:b9:a4:a4:bf:
31:5a:4b:d1:e5:b0:9d:5d:81:65:3a:d7:6b:48:bf:2b:9b:93:
92:e5:9b:dd:8d:1c:46:e2:ad:df:38:e8:0b:28:11:d9:ed:a4:
ad:01:fc:29:53:5e:25:60:4d:7b:bd:7f:78:d2:48:66:9b:9c:
8f:84:99:38:16:d8:6c:45:97:7b:0a:4d:c2:88:1f:3f:6b:bf:
53:15:01:75:7a:38:3d:e7:2a:00:cc:09:e3:73:3f:c5:3a:48:
26:06:f1:5f:4c:78:86:3a:cc:3d:6c:4e:01:f6:5c:6d:08:5e:
c9:7f:84:62:1f:55:79:4b:12:90:38:fb:49:55:7b:8a:51:27:
1a:7a:11:f7:a6:34:6a:4f:10:97:ab:c6:7b:d8:50:38:4d:2f:
e3:c5:da:12:12:0b:3f:b4:18:32:8a:53:42:90:1d:c8:ac:dc:
98:7a:6f:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYblKTCRM6HDVIRjyeSn71HwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTdlYjk2NzQzOGZmYzRlYjY2NjMzZGQ4YzAzNTAxODkz
NjY3ZjcwHhcNMjMwMzE1MTIwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjljMGEwNjM5ZjZiNmM1OTQ3YjkzYjg5MzQ0MjM5M2Y2Zjk0NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhVLM73BAMfil4RacqGJJLvAC1Bc
ZSzNx8JeNerIAdg1wrcZLrRAJJ7gWpef/lB/22mNMDljewJQX8OvGSCqs7xq+Oov
IIKdnaxmdINeS2WHeZtVFREigFTk3hFQ6HjyRFdW6UYQQ827tGb3LydNwwLqgCz/
d+FTmoMx70M8aHDaGOHs8SXPokZetKDklkREC9wUd8Jmo+8Wi1O82K2jbobSWFw0
xvMT0/COZJdmZsgNuIgruDfKLnVKd5kwy5HcSPsqdbwur5QR6anrFmzUywxR/4Sd
Slt8iKtYeXnLJZm5rmMYcA4TBc8esADUUqBhHmOJuBU3o67/XDXwqqkLEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGucCgY59rbFlHuTuJNEI5P2+UbGMB8GA1UdIwQY
MBaAFKyX65Z0OP/E62ZjPdjANQGJNmf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEt
Y2YxOTk3YzAyNTBkLzEvYTV3S0JqbjJ0c1dVZTVPNGswUWprX2I1UnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEtY2YxOTk3YzAyNTBk
LzEvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCCADAN
BgkqhkiG9w0BAQsFAAOCAQEAgDSZL/uIL/uXuYPZDLToTxstGWUob8R2TuQvgrtS
oQXE5nDNsFAShiCBS9bmC4fO1YSDdXeCW1CklSGpaopHC4GfaAeDWoEPqRtP/m6Q
RBosvmBs8BC5pKS/MVpL0eWwnV2BZTrXa0i/K5uTkuWb3Y0cRuKt3zjoCygR2e2k
rQH8KVNeJWBNe71/eNJIZpucj4SZOBbYbEWXewpNwogfP2u/UxUBdXo4PecqAMwJ
43M/xTpIJgbxX0x4hjrMPWxOAfZcbQheyX+EYh9VeUsSkDj7SVV7ilEnGnoR96Y0
ak8Ql6vGe9hQOE0v48XaEhILP7QYMopTQpAdyKzcmHpvXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org