Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/aXkSKhF4iwdaq7TOnQuEN-SybNg.roa
File: aXkSKhF4iwdaq7TOnQuEN-SybNg.roa (raw, json)
Hash identifier: BkBT6kU4n9HgL+Bl4AUHPkYI/VJ8TgZmiZRCrC4ORDQ=
Subject key identifier: 69:79:12:2A:11:78:8B:07:5A:AB:B4:CE:9D:0B:84:37:E4:B2:6C:D8
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018CC500DB29E389615BA9684E39A252BE85
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/aXkSKhF4iwdaq7TOnQuEN-SybNg.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 192.40.79.0/24 maxlen: 24
2a06:f044::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 08:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:db:29:e3:89:61:5b:a9:68:4e:39:a2:52:be:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6979122a11788b075aabb4ce9d0b8437e4b26cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:ee:88:44:49:62:5c:46:d9:d7:0b:d1:10:
32:d1:f0:94:c9:20:b1:d6:57:03:f3:3d:3a:f5:ec:
99:a4:79:f6:e7:dc:7a:43:67:68:2a:07:62:08:5a:
3c:b5:96:92:42:a7:8b:39:61:02:52:64:84:8b:f6:
a5:8f:24:42:20:d3:5d:b7:16:c8:70:ac:08:ab:d0:
29:36:40:66:13:3d:de:39:89:6f:0a:7c:33:b7:94:
35:c9:cb:d7:9a:8c:29:c0:c5:1c:c5:c8:47:7e:1f:
4b:96:59:35:37:56:3d:58:e8:d2:a5:b4:41:25:31:
27:3e:31:00:2e:d0:a9:e7:58:ba:46:1c:58:7a:9b:
66:8e:50:c5:ae:6c:ab:6d:03:1c:4b:83:60:ca:72:
51:b1:a1:4d:e8:cd:92:e6:cb:d8:b9:3a:49:69:0b:
d7:42:03:62:aa:8f:fd:2e:3e:d8:0d:b0:51:c2:3e:
d3:61:8c:29:64:19:cd:69:eb:6b:f6:9f:5e:93:5e:
84:69:b6:57:b0:7b:44:96:7d:b8:b2:a2:3f:ab:49:
9b:a7:58:73:ed:1e:21:d4:f0:97:d6:67:fe:08:00:
b9:9c:4d:82:f5:98:6f:3c:45:51:39:49:11:60:bd:
87:ba:d9:71:e0:d7:8c:ad:75:f5:38:a7:ba:ea:32:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:79:12:2A:11:78:8B:07:5A:AB:B4:CE:9D:0B:84:37:E4:B2:6C:D8
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/aXkSKhF4iwdaq7TOnQuEN-SybNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.79.0/24
IPv6:
2a06:f044::/48
Signature Algorithm: sha256WithRSAEncryption
1a:2d:df:47:b7:c1:9e:1a:b5:5c:b9:87:74:a6:33:5e:2d:b5:
4b:4a:a2:4f:a4:3c:ad:99:a5:91:18:38:60:66:bd:48:41:78:
ab:cf:d4:a1:13:a9:8e:93:c4:89:34:53:1f:61:b3:73:5e:63:
60:bd:40:76:5b:35:9e:9d:bd:41:01:7f:b5:f7:64:65:d1:33:
34:42:09:32:e4:e8:03:22:32:7b:c2:e4:25:96:a2:ed:f1:19:
55:df:00:e9:f4:1c:8c:40:3c:5b:05:70:64:f9:0b:7a:34:5e:
64:ae:3c:bb:ad:9c:ca:ee:45:77:52:86:43:10:dc:db:9d:f7:
e5:e6:5c:fd:13:4c:c8:a4:8e:3f:45:c3:c6:d3:90:51:ab:f5:
f6:05:6e:9b:84:5c:8f:ac:03:db:45:94:4d:7f:1a:3b:a2:9a:
09:ca:c1:e6:9e:d3:42:a8:6a:e0:83:37:28:6e:62:ca:5f:9e:
24:0c:6a:fb:28:06:36:03:c2:f7:a2:6b:34:02:16:ff:ab:e0:
14:3f:60:15:74:22:41:83:8d:90:cb:70:06:fc:0d:88:08:24:
c8:6b:6c:ca:8f:67:9d:c7:c7:a0:0e:e1:93:b0:5d:9b:da:5d:
84:5c:14:d4:10:08:91:08:f1:34:b1:1c:6e:24:40:0b:47:10:
db:65:14:88
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzFANsp44lhW6loTjmiUr6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5MTIyYTExNzg4YjA3NWFhYmI0Y2U5ZDBiODQzN2U0YjI2Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv7uiERJYlxG2dcL0RAy0fCUySCx
1lcD8z069eyZpHn259x6Q2doKgdiCFo8tZaSQqeLOWECUmSEi/aljyRCINNdtxbI
cKwIq9ApNkBmEz3eOYlvCnwzt5Q1ycvXmowpwMUcxchHfh9Lllk1N1Y9WOjSpbRB
JTEnPjEALtCp51i6RhxYeptmjlDFrmyrbQMcS4NgynJRsaFN6M2S5svYuTpJaQvX
QgNiqo/9Lj7YDbBRwj7TYYwpZBnNaetr9p9ek16EabZXsHtEln24sqI/q0mbp1hz
7R4h1PCX1mf+CAC5nE2C9ZhvPEVROUkRYL2Hutlx4NeMrXX1OKe66jL3EQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFGl5EioReIsHWqu0zp0LhDfksmzYMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL2FYa1NLaEY0aXdkYXE3VE9uUXVFTi1TeWJOZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADAKE8w
DwQCAAIwCQMHACoG8EQAADANBgkqhkiG9w0BAQsFAAOCAQEAGi3fR7fBnhq1XLmH
dKYzXi21S0qiT6Q8rZmlkRg4YGa9SEF4q8/UoROpjpPEiTRTH2Gzc15jYL1Adls1
np29QQF/tfdkZdEzNEIJMuToAyIye8LkJZai7fEZVd8A6fQcjEA8WwVwZPkLejRe
ZK48u62cyu5Fd1KGQxDc25335eZc/RNMyKSOP0XDxtOQUav19gVum4Rcj6wD20WU
TX8aO6KaCcrB5p7TQqhq4IM3KG5iyl+eJAxq+ygGNgPC96JrNAIW/6vgFD9gFXQi
QYONkMtwBvwNiAgkyGtsyo9nncfHoA7hk7Bdm9pdhFwU1BAIkQjxNLEcbiRAC0cQ
22UUiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org