Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/7iozp-y3WmeozBgSvXH_ZGSLt84.roa
File: 7iozp-y3WmeozBgSvXH_ZGSLt84.roa (raw, json)
Hash identifier: 1eoR+xZCMbXL1HgvRie8OsTS//5LLfjcOuRQYchMw+I=
Subject key identifier: EE:2A:33:A7:EC:B7:5A:67:A8:CC:18:12:BD:71:FF:64:64:8B:B7:CE
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018A07E640FEAC742246D5B956717440F52B
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/7iozp-y3WmeozBgSvXH_ZGSLt84.roa
Signing time: Fri 18 Aug 2023 09:07:25 +0000
ROA not before: Fri 18 Aug 2023 09:07:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197598
IP address blocks: 2a13:c800::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:e6:40:fe:ac:74:22:46:d5:b9:56:71:74:40:f5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Aug 18 09:07:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee2a33a7ecb75a67a8cc1812bd71ff64648bb7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:24:d2:e8:1f:e1:83:ba:8f:d8:43:79:3b:
81:68:5a:9a:45:f9:f3:c5:f5:d9:b8:3c:41:2d:3d:
ef:78:6f:92:e0:58:75:be:8d:d9:ab:06:b1:13:4c:
be:63:ea:72:2c:21:01:9c:00:cf:9b:20:e6:ab:4c:
db:b7:97:bf:10:22:7d:59:66:02:f1:9c:f5:5f:4c:
a6:c1:a6:59:94:5d:b7:27:a7:13:ff:45:53:53:06:
13:33:f9:d7:ca:24:3f:b5:cc:b9:97:ac:cd:4f:44:
6b:d5:57:66:78:9e:af:d6:58:3a:81:e3:85:3e:e1:
55:31:4c:3c:43:9a:ce:6a:58:90:1c:55:9e:ba:84:
5d:e6:cd:85:3f:10:f3:d9:45:a4:fb:47:5b:b0:bb:
e8:94:7e:9d:25:14:75:e4:32:d7:30:49:0a:2d:18:
7a:29:1c:8d:83:74:7a:28:cc:8f:51:06:ef:76:b2:
0d:89:ba:a9:e5:22:19:93:ba:b4:93:c3:b6:97:b3:
df:1a:9a:6a:0f:9c:48:81:02:8a:36:a5:f7:2f:58:
e0:03:6c:fa:aa:b5:de:9f:e6:25:37:a6:0e:ed:f1:
6f:74:f6:80:60:66:0c:22:bd:bf:4f:50:86:65:7a:
ae:15:dc:f4:00:c1:7f:67:e4:94:72:12:2a:a8:86:
b8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2A:33:A7:EC:B7:5A:67:A8:CC:18:12:BD:71:FF:64:64:8B:B7:CE
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/7iozp-y3WmeozBgSvXH_ZGSLt84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
02:60:71:9e:a4:89:f8:eb:ab:a7:25:73:84:ad:d1:a7:96:fb:
33:c9:76:09:3d:48:88:1d:f8:bf:d0:a7:80:bf:12:57:11:6e:
af:60:99:dd:e3:49:d1:b4:23:84:e4:3b:94:b8:59:1c:e9:f8:
ae:fb:f8:5e:f1:1e:44:3e:4a:ed:a6:a2:2a:bf:bf:90:0d:c6:
90:9b:e6:18:54:0a:60:9c:d6:c7:84:38:cc:7f:dc:b3:c7:ab:
8d:17:9f:8d:03:89:66:40:c4:1b:a7:71:9b:27:d0:be:dc:8f:
9f:70:92:7d:97:df:43:5d:c2:c6:e5:58:66:8e:41:eb:4f:ae:
f5:4a:7e:52:e6:f2:cb:78:96:fe:43:e0:31:53:8d:80:65:d7:
6a:94:d6:2a:c0:de:35:f3:5c:3a:26:b0:26:37:e3:f4:da:26:
c8:b3:5a:01:a6:95:54:60:86:73:dd:dd:35:19:65:82:9d:50:
3e:79:3b:32:ac:7f:f7:c6:11:5f:09:c2:e5:9e:a5:dd:3f:e3:
6e:07:7f:dd:1a:96:4c:d8:49:17:1f:d1:30:01:bb:ad:92:34:
35:0e:8d:b5:5a:b7:23:c3:9e:19:20:cd:01:e9:05:85:91:69:
42:71:d6:f3:2a:99:10:9b:b5:ba:8b:d6:f5:92:fd:e7:f5:81:
1d:ed:94:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoH5kD+rHQiRtW5VnF0QPUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE4MDkwNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTJhMzNhN2VjYjc1YTY3YThjYzE4MTJiZDcxZmY2NDY0OGJiN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUIk0ugf4YO6j9hDeTuBaFqaRfnz
xfXZuDxBLT3veG+S4Fh1vo3ZqwaxE0y+Y+pyLCEBnADPmyDmq0zbt5e/ECJ9WWYC
8Zz1X0ymwaZZlF23J6cT/0VTUwYTM/nXyiQ/tcy5l6zNT0Rr1VdmeJ6v1lg6geOF
PuFVMUw8Q5rOaliQHFWeuoRd5s2FPxDz2UWk+0dbsLvolH6dJRR15DLXMEkKLRh6
KRyNg3R6KMyPUQbvdrINibqp5SIZk7q0k8O2l7PfGppqD5xIgQKKNqX3L1jgA2z6
qrXen+YlN6YO7fFvdPaAYGYMIr2/T1CGZXquFdz0AMF/Z+SUchIqqIa4MwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO4qM6fst1pnqMwYEr1x/2Rki7fOMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvN2lvenAteTNXbWVvekJnU3ZYSF9aR1NMdDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPIADAN
BgkqhkiG9w0BAQsFAAOCAQEAAmBxnqSJ+OurpyVzhK3Rp5b7M8l2CT1IiB34v9Cn
gL8SVxFur2CZ3eNJ0bQjhOQ7lLhZHOn4rvv4XvEeRD5K7aaiKr+/kA3GkJvmGFQK
YJzWx4Q4zH/cs8erjRefjQOJZkDEG6dxmyfQvtyPn3CSfZffQ13CxuVYZo5B60+u
9Up+Uubyy3iW/kPgMVONgGXXapTWKsDeNfNcOiawJjfj9NomyLNaAaaVVGCGc93d
NRllgp1QPnk7Mqx/98YRXwnC5Z6l3T/jbgd/3RqWTNhJFx/RMAG7rZI0NQ6NtVq3
I8OeGSDNAekFhZFpQnHW8yqZEJu1uovW9ZL95/WBHe2Umw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org