Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa
File: fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa (raw, json)
Hash identifier: 6t1dziR8EmgjHQ/z7TmpCwXAwSstafEQJFw/h6QqQMA=
Subject key identifier: 7F:0A:82:8B:E2:92:E4:24:76:66:C9:30:C1:D8:B5:D4:12:7F:9A:BF
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 01856F54A69F5213D87C73AFD9C0F53C550F
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207945
IP address blocks: 2a0f:6b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Sep 2023 19:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a6:9f:52:13:d8:7c:73:af:d9:c0:f5:3c:55:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f0a828be292e4247666c930c1d8b5d4127f9abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:3e:8e:98:30:e2:af:33:48:06:bf:93:bd:
ba:f1:de:78:1d:6b:02:ca:2c:5f:a5:bf:dc:91:e1:
5c:8d:f5:ba:75:b9:fc:86:d1:c9:0c:a4:e1:ab:9c:
83:b1:2a:e5:63:0f:cc:5a:22:d6:5d:00:26:3f:65:
d6:75:65:b4:6a:04:51:0b:22:db:d1:4c:b6:57:81:
76:8c:24:a4:05:70:c0:52:04:55:05:0f:86:52:04:
65:8b:8a:d9:7f:ac:35:ec:b8:a9:3f:5c:e6:7a:02:
78:fc:38:b0:97:a3:2b:01:31:2d:4f:27:f4:70:74:
3e:b2:d0:db:15:15:ff:19:d4:7c:d4:08:3f:25:59:
96:fb:43:48:01:ee:8d:3c:82:e4:9b:40:ae:72:06:
c3:f3:cc:12:ee:af:34:bd:d3:07:1a:9b:68:74:0a:
8d:b0:6b:bd:8f:f4:bd:c0:a8:be:f0:da:3c:63:95:
4b:0e:1d:24:fa:5f:36:b0:da:6d:49:42:a8:76:fa:
a2:84:42:3b:ff:da:8f:58:e4:b9:8a:b2:6f:7d:d9:
b9:be:f7:7f:7e:56:b7:17:30:48:40:38:02:f7:46:
97:3b:9f:be:75:d5:bf:4a:36:3f:ed:59:e6:b5:df:
47:0b:3b:3b:95:e0:73:e3:7b:53:86:fe:58:81:f5:
25:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0A:82:8B:E2:92:E4:24:76:66:C9:30:C1:D8:B5:D4:12:7F:9A:BF
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/fwqCi-KS5CR2Zskwwdi11BJ_mr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
40:50:f6:86:62:be:04:08:e6:18:13:67:86:83:aa:18:a1:8c:
d8:62:be:59:9a:65:e5:99:b1:45:51:e3:ec:05:ec:18:b6:82:
4a:ea:b9:3d:f5:37:3e:0f:2e:03:45:22:55:2a:e1:51:fc:53:
4e:2a:3d:13:e6:73:97:59:f5:22:6a:c9:bd:8d:5b:50:0b:5d:
a7:70:78:d5:ef:82:f2:3b:66:b8:99:1f:86:c6:11:d0:cd:14:
40:9f:f3:a4:c9:9d:46:87:95:91:05:b5:01:99:bf:c1:28:8e:
a7:4e:a4:97:84:8f:51:b6:04:ee:d5:b7:44:53:c3:8a:6a:31:
90:91:fa:cc:7f:74:6d:0b:18:61:73:e9:62:1b:f3:26:90:b3:
9b:f2:61:10:ff:56:98:98:1a:99:01:db:da:af:44:ff:d2:82:
49:d9:8a:dc:1a:fd:8d:97:5f:d7:99:6f:7f:6b:64:62:f3:c4:
cc:22:4a:61:6a:aa:5a:19:7e:78:c8:a9:57:11:6e:a9:fb:72:
55:6c:31:f3:1e:e9:d6:f0:34:ef:4b:98:0f:fd:69:83:69:d2:
c4:fb:71:b0:b7:21:e6:05:8d:f7:d2:a8:42:8b:d5:05:1b:be:
60:3c:ff:6f:f7:74:57:d6:a3:75:1e:be:16:62:02:2e:e9:05:
e2:e0:59:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvVKafUhPYfHOv2cD1PFUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBhODI4YmUyOTJlNDI0NzY2NmM5MzBjMWQ4YjVkNDEyN2Y5YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMU+jpgw4q8zSAa/k7268d54HWsC
yixfpb/ckeFcjfW6dbn8htHJDKThq5yDsSrlYw/MWiLWXQAmP2XWdWW0agRRCyLb
0Uy2V4F2jCSkBXDAUgRVBQ+GUgRli4rZf6w17LipP1zmegJ4/Diwl6MrATEtTyf0
cHQ+stDbFRX/GdR81Ag/JVmW+0NIAe6NPILkm0CucgbD88wS7q80vdMHGptodAqN
sGu9j/S9wKi+8No8Y5VLDh0k+l82sNptSUKodvqihEI7/9qPWOS5irJvfdm5vvd/
fla3FzBIQDgC90aXO5++ddW/SjY/7Vnmtd9HCzs7leBz43tThv5YgfUlVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH8KgovikuQkdmbJMMHYtdQSf5q/MB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvZndxQ2ktS1M1Q1IyWnNrd3dkaTExQkpfbXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9rgDAN
BgkqhkiG9w0BAQsFAAOCAQEAQFD2hmK+BAjmGBNnhoOqGKGM2GK+WZpl5ZmxRVHj
7AXsGLaCSuq5PfU3Pg8uA0UiVSrhUfxTTio9E+Zzl1n1ImrJvY1bUAtdp3B41e+C
8jtmuJkfhsYR0M0UQJ/zpMmdRoeVkQW1AZm/wSiOp06kl4SPUbYE7tW3RFPDimox
kJH6zH90bQsYYXPpYhvzJpCzm/JhEP9WmJgamQHb2q9E/9KCSdmK3Br9jZdf15lv
f2tkYvPEzCJKYWqqWhl+eMipVxFuqftyVWwx8x7p1vA070uYD/1pg2nSxPtxsLch
5gWN99KoQovVBRu+YDz/b/d0V9ajdR6+FmICLukF4uBZvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org