Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/f8qd1ti2x37cYgr0JWXvenGM2rc.roa
File: f8qd1ti2x37cYgr0JWXvenGM2rc.roa (raw, json)
Hash identifier: +udgSmggWegkFEQNhBu891tWGIbtdWx+nx1lmHM6Q8E=
Subject key identifier: 7F:CA:9D:D6:D8:B6:C7:7E:DC:62:0A:F4:25:65:EF:7A:71:8C:DA:B7
Certificate issuer: /CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Certificate serial: 018C43A32763F420CA6063E777748AF2F044
Authority key identifier: 31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/f8qd1ti2x37cYgr0JWXvenGM2rc.roa
Signing time: Thu 07 Dec 2023 09:36:54 +0000
ROA not before: Thu 07 Dec 2023 09:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33988
IP address blocks: 2a0b:8f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:a3:27:63:f4:20:ca:60:63:e7:77:74:8a:f2:f0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Validity
Not Before: Dec 7 09:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fca9dd6d8b6c77edc620af42565ef7a718cdab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8c:02:8d:d9:d2:bb:4d:3a:40:26:00:a9:af:
03:9e:bd:83:5e:4f:05:46:0b:fe:66:bb:de:0d:ca:
e3:84:42:99:18:22:1a:ab:d4:b3:72:f6:38:40:7e:
cc:77:cb:c8:65:e3:e3:a2:41:4c:20:8b:d0:54:4a:
25:1b:49:23:ff:5f:64:76:b3:41:66:a5:71:56:42:
59:04:eb:74:4d:44:f7:52:f2:91:05:47:c8:06:41:
e8:85:1d:63:52:e5:d4:76:0a:17:97:3e:f5:9b:08:
e5:2d:d4:96:1a:cc:99:cf:f3:f8:02:40:df:8c:53:
d5:5b:cb:75:1a:a5:e3:52:33:1f:71:7c:c3:41:f1:
c1:6c:32:b5:53:17:5d:88:42:52:75:72:a6:df:8e:
3e:f9:54:f2:06:29:ff:8a:96:40:c6:32:e4:d6:f9:
4e:55:bf:ee:94:7b:b4:94:c8:79:9c:da:8b:0c:41:
f7:3b:8e:db:cb:14:5e:33:1b:2e:4b:e4:d6:2f:5c:
20:b1:93:94:89:eb:9b:95:8c:8e:be:86:b9:23:25:
51:3c:14:5e:6c:2d:03:b0:53:23:1a:0e:bd:b3:61:
01:41:27:d5:e8:3c:5d:d4:05:6a:5a:75:60:e8:a2:
3c:06:4e:52:4c:3b:e4:84:a7:3f:77:96:8b:9e:6c:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CA:9D:D6:D8:B6:C7:7E:DC:62:0A:F4:25:65:EF:7A:71:8C:DA:B7
X509v3 Authority Key Identifier:
keyid:31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/f8qd1ti2x37cYgr0JWXvenGM2rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
9d:c2:86:30:4b:2f:9b:89:f5:c9:93:d0:70:75:d6:cf:f1:29:
07:64:52:c5:bb:32:32:7a:4d:22:60:ec:bd:c0:54:9c:8e:99:
ed:8f:ec:39:e7:f5:27:3b:b8:b1:a2:4a:d6:22:ba:75:cf:63:
0a:a6:c4:ca:33:6b:87:58:09:8f:0a:32:92:35:83:dc:c9:f2:
d0:49:6a:4b:a9:42:33:ca:43:9e:1a:a1:30:4e:ee:d5:5d:70:
37:bc:6d:3e:fb:21:02:19:3e:05:d0:a2:fd:6d:06:02:45:da:
f9:1e:53:31:97:85:75:3b:7f:8a:73:b3:21:d7:6a:41:55:70:
dc:c3:e0:ee:10:44:84:98:51:d4:63:8b:b3:8b:6c:3c:ed:38:
7b:70:c7:05:32:d5:13:ca:44:bd:85:38:8c:43:32:ee:b6:14:
c4:f7:1e:f8:f1:91:ea:e4:3b:45:ae:ef:64:84:82:4f:25:e8:
9e:00:e8:78:90:02:5d:9b:02:ac:f9:a9:ff:12:7f:70:d9:e9:
63:2a:95:0d:61:4d:b5:70:89:b0:75:56:1b:a0:df:8d:4e:fe:
cc:cd:19:43:21:2d:09:2c:2a:bd:f5:54:4b:94:d6:19:08:6e:
23:86:f2:01:68:e6:ff:36:7e:58:cd:27:25:ee:71:f3:11:33:
ac:1e:46:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxDoydj9CDKYGPnd3SK8vBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODhmYWUzZWJiYjNkNzRmZWVkZGNmNTA3ZjgzZTY3ZGI4
ODUwYTIwHhcNMjMxMjA3MDkzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNhOWRkNmQ4YjZjNzdlZGM2MjBhZjQyNTY1ZWY3YTcxOGNkYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYwCjdnSu006QCYAqa8Dnr2DXk8F
Rgv+ZrveDcrjhEKZGCIaq9SzcvY4QH7Md8vIZePjokFMIIvQVEolG0kj/19kdrNB
ZqVxVkJZBOt0TUT3UvKRBUfIBkHohR1jUuXUdgoXlz71mwjlLdSWGsyZz/P4AkDf
jFPVW8t1GqXjUjMfcXzDQfHBbDK1UxddiEJSdXKm344++VTyBin/ipZAxjLk1vlO
Vb/ulHu0lMh5nNqLDEH3O47byxReMxsuS+TWL1wgsZOUieublYyOvoa5IyVRPBRe
bC0DsFMjGg69s2EBQSfV6Dxd1AVqWnVg6KI8Bk5STDvkhKc/d5aLnmxdvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH/KndbYtsd+3GIK9CVl73pxjNq3MB8GA1UdIwQY
MBaAFDGI+uPruz10/u3c9Qf4PmfbiFCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmIt
Yjg1M2RmZjg3NjVjLzEvZjhxZDF0aTJ4MzdjWWdyMEpXWHZlbkdNMnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmItYjg1M2RmZjg3NjVj
LzEvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguPADAN
BgkqhkiG9w0BAQsFAAOCAQEAncKGMEsvm4n1yZPQcHXWz/EpB2RSxbsyMnpNImDs
vcBUnI6Z7Y/sOef1Jzu4saJK1iK6dc9jCqbEyjNrh1gJjwoykjWD3Mny0ElqS6lC
M8pDnhqhME7u1V1wN7xtPvshAhk+BdCi/W0GAkXa+R5TMZeFdTt/inOzIddqQVVw
3MPg7hBEhJhR1GOLs4tsPO04e3DHBTLVE8pEvYU4jEMy7rYUxPce+PGR6uQ7Ra7v
ZISCTyXongDoeJACXZsCrPmp/xJ/cNnpYyqVDWFNtXCJsHVWG6DfjU7+zM0ZQyEt
CSwqvfVUS5TWGQhuI4byAWjm/zZ+WM0nJe5x8xEzrB5GAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org