Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/spF1bbEmIUfBgSXyQD3kagygNjA.roa
File: spF1bbEmIUfBgSXyQD3kagygNjA.roa (raw, json)
Hash identifier: w9PFDTJKduKkZEmoT29bPrvF2kf+41k+HikHyFRUfQ4=
Subject key identifier: B2:91:75:6D:B1:26:21:47:C1:81:25:F2:40:3D:E4:6A:0C:A0:36:30
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 018B131FA9458F5C7D7CF8ADFFC6AEE0E793
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/spF1bbEmIUfBgSXyQD3kagygNjA.roa
Signing time: Mon 09 Oct 2023 06:28:43 +0000
ROA not before: Mon 09 Oct 2023 06:28:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212786
IP address blocks: 2a05:e600::/29 maxlen: 29
2a09:c280::/29 maxlen: 29
2a09:cac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Oct 2023 08:42:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:1f:a9:45:8f:5c:7d:7c:f8:ad:ff:c6:ae:e0:e7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Oct 9 06:28:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b291756db1262147c18125f2403de46a0ca03630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cb:28:fb:8b:cf:7c:81:d7:8d:18:8c:b9:01:
86:d4:09:04:62:2e:13:30:a8:5a:70:9c:30:e8:aa:
26:64:86:10:84:77:f8:f2:51:f4:4f:13:00:27:eb:
c9:56:df:13:cc:82:07:47:d3:0d:4d:5d:de:92:53:
87:d2:05:c3:39:36:56:a1:fd:8c:9e:6e:02:c6:1b:
30:47:d8:a6:89:15:98:24:30:38:80:4a:a8:8e:0b:
06:ad:9f:d4:f4:0f:52:0f:f6:4a:d5:84:d1:1e:53:
9e:18:06:01:08:98:eb:ac:a8:4e:7c:fe:d2:f7:e4:
3a:0b:9d:81:e4:36:2b:f0:83:cd:32:63:95:59:1b:
bc:77:b7:32:47:a0:03:c5:69:a7:aa:4b:ad:c8:cb:
cb:b8:f2:70:69:8d:bf:2d:f5:2f:89:37:3c:df:c8:
e8:b8:b1:ae:fd:7e:fb:dc:82:93:ab:0d:bb:42:5f:
af:84:cf:ce:76:74:a5:98:9a:a9:74:9f:d4:b0:de:
a3:6b:c1:2d:49:15:40:8a:f3:aa:76:eb:e5:be:9e:
74:2a:f2:64:82:1d:c6:4c:32:2a:7e:5c:1f:62:f1:
23:36:b5:64:32:95:52:ab:67:72:10:7d:b3:e5:1c:
65:c5:3d:ab:46:17:90:22:57:76:74:b3:85:66:88:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:91:75:6D:B1:26:21:47:C1:81:25:F2:40:3D:E4:6A:0C:A0:36:30
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/spF1bbEmIUfBgSXyQD3kagygNjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:e600::/29
2a09:c280::/29
2a09:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
31:67:c8:e9:1c:16:5d:11:21:e5:fd:0b:08:99:dd:db:af:73:
1f:55:62:38:ef:b9:9c:5e:75:77:e4:54:97:91:5b:75:33:e3:
0f:43:03:14:04:13:6b:43:fa:27:c7:d0:31:23:e3:df:36:21:
4f:31:59:bc:4e:e7:47:1c:26:47:d6:83:10:97:96:7d:90:fb:
e6:35:6a:48:b3:2c:59:0c:ac:c8:5f:74:4c:8f:d8:40:ec:0f:
21:fc:26:a9:72:58:f2:f1:57:1d:a0:99:72:7c:cb:3e:29:e2:
a5:c4:c3:63:40:6b:84:83:83:96:26:7f:e8:2e:3b:2b:94:41:
90:21:a3:21:1c:a1:b9:2d:9e:e6:e1:b7:4b:7f:0b:42:c7:66:
15:ff:73:b3:0e:fc:b2:83:48:0c:01:62:08:c2:e7:5c:28:54:
e0:ef:84:f2:d2:20:f4:17:da:3a:7b:82:7d:0b:fc:ac:3b:19:
cb:6b:8a:0d:58:66:5f:11:ba:5f:97:0d:a3:f4:75:7a:4a:b2:
2e:23:d7:4e:7b:8b:69:c5:a3:48:99:2d:f7:c6:02:fd:46:b9:
22:f9:e2:2c:0e:ec:0c:d7:76:bb:5e:bc:45:d0:b9:f9:f2:ab:
b0:b4:83:10:61:44:d6:37:a7:2d:8d:5d:9e:25:b7:75:3e:d3:
a5:4a:3c:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsTH6lFj1x9fPit/8au4OeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMxMDA5MDYyODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkxNzU2ZGIxMjYyMTQ3YzE4MTI1ZjI0MDNkZTQ2YTBjYTAzNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Mso+4vPfIHXjRiMuQGG1AkEYi4T
MKhacJww6KomZIYQhHf48lH0TxMAJ+vJVt8TzIIHR9MNTV3eklOH0gXDOTZWof2M
nm4CxhswR9imiRWYJDA4gEqojgsGrZ/U9A9SD/ZK1YTRHlOeGAYBCJjrrKhOfP7S
9+Q6C52B5DYr8IPNMmOVWRu8d7cyR6ADxWmnqkutyMvLuPJwaY2/LfUviTc838jo
uLGu/X773IKTqw27Ql+vhM/OdnSlmJqpdJ/UsN6ja8EtSRVAivOqduvlvp50KvJk
gh3GTDIqflwfYvEjNrVkMpVSq2dyEH2z5RxlxT2rRheQIld2dLOFZogwIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLKRdW2xJiFHwYEl8kA95GoMoDYwMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvc3BGMWJiRW1JVWZCZ1NYeVFEM2thZ3lnTmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgXmAAMF
AyoJwoADBQMqCcrAMA0GCSqGSIb3DQEBCwUAA4IBAQAxZ8jpHBZdESHl/QsImd3b
r3MfVWI477mcXnV35FSXkVt1M+MPQwMUBBNrQ/onx9AxI+PfNiFPMVm8TudHHCZH
1oMQl5Z9kPvmNWpIsyxZDKzIX3RMj9hA7A8h/Capcljy8VcdoJlyfMs+KeKlxMNj
QGuEg4OWJn/oLjsrlEGQIaMhHKG5LZ7m4bdLfwtCx2YV/3OzDvyyg0gMAWIIwudc
KFTg74Ty0iD0F9o6e4J9C/ysOxnLa4oNWGZfEbpflw2j9HV6SrIuI9dOe4tpxaNI
mS33xgL9Rrki+eIsDuwM13a7XrxF0Ln58quwtIMQYUTWN6ctjV2eJbd1PtOlSjyG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org