Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/8BzBAcYsZhK3EaxIWUYsNT0fyiA.roa
File: 8BzBAcYsZhK3EaxIWUYsNT0fyiA.roa (raw, json)
Hash identifier: 2c8pDj/C9spRLdh2T3tbmJvkPR1JOaYFidHkLnU52/g=
Subject key identifier: F0:1C:C1:01:C6:2C:66:12:B7:11:AC:48:59:46:2C:35:3D:1F:CA:20
Certificate issuer: /CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Certificate serial: 0185718C2DA1E4223AA81259AB45D9CEA4DC
Authority key identifier: AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/8BzBAcYsZhK3EaxIWUYsNT0fyiA.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60505
IP address blocks: 2a11:a500::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2d:a1:e4:22:3a:a8:12:59:ab:45:d9:ce:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01cc101c62c6612b711ac4859462c353d1fca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ee:30:99:ec:39:68:ee:de:4e:8f:29:65:4b:
a1:cc:44:49:52:a2:f7:43:0e:cf:cc:56:93:85:08:
cd:7b:fa:2a:d1:20:bb:0c:ca:22:1e:fe:18:35:37:
a4:e3:f2:9b:35:9b:91:8f:d9:6b:e5:c8:70:14:55:
d5:07:59:2e:97:dc:50:c0:f8:fd:59:13:37:3a:2a:
d9:c0:97:43:98:36:a3:42:7c:9e:83:66:42:48:ad:
93:ab:7d:34:9e:02:96:77:e1:af:b7:9e:c0:b6:fe:
06:4b:96:a0:c5:c3:42:2b:e5:24:07:71:10:01:86:
9e:9a:60:fa:b2:bc:f8:ef:5a:72:42:12:2b:19:af:
b8:4d:d2:8b:c6:74:e2:6b:7c:28:ec:fc:4f:86:f2:
af:c9:3c:fc:8c:80:45:f0:f8:20:d8:9b:ef:99:3a:
45:57:ac:d0:86:52:53:20:b5:a2:c5:d2:58:c8:b9:
e7:9e:7d:73:7c:9d:b2:2d:b8:50:41:01:47:69:af:
1c:61:94:07:9a:0f:64:f8:90:fa:7d:5c:00:3f:0c:
94:64:10:cb:71:32:77:dd:0b:d9:f1:0f:3c:b8:4f:
7f:c3:58:f9:d2:e2:04:f5:3e:21:e3:20:c3:e4:d3:
1c:34:e2:a2:55:27:ae:1d:17:21:98:c4:d7:f5:88:
39:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1C:C1:01:C6:2C:66:12:B7:11:AC:48:59:46:2C:35:3D:1F:CA:20
X509v3 Authority Key Identifier:
keyid:AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/8BzBAcYsZhK3EaxIWUYsNT0fyiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a500::/32
Signature Algorithm: sha256WithRSAEncryption
18:11:7b:d1:5c:d3:8e:91:31:a4:75:12:a8:02:59:cd:b9:0b:
6c:04:e3:73:89:e6:b6:1e:cf:f1:f8:60:c7:df:71:6f:dc:86:
ae:74:9c:59:b4:36:ca:36:35:2b:18:83:da:67:8a:e3:44:5e:
24:d2:7a:50:12:e2:1c:23:10:fe:f1:53:51:60:ab:8a:68:27:
29:d7:d8:46:f6:68:e6:f0:d2:e7:2a:3a:86:0f:73:e2:e7:5e:
9d:3b:a2:8d:fb:b5:d7:81:32:cb:54:d9:40:f1:4e:ca:b7:13:
43:23:91:7b:24:53:bc:86:3c:80:a4:5f:c1:ff:d5:e4:2b:86:
55:3b:ff:60:10:d4:64:98:77:5f:a1:1a:b7:0b:46:bb:66:96:
d9:30:d5:9a:c6:5b:15:46:b8:15:e5:90:0a:62:eb:5f:08:40:
02:66:c2:0c:f3:9a:f0:a9:ec:3c:1b:5a:e8:37:db:f0:87:29:
14:e8:48:d2:c3:07:94:81:3b:62:f8:16:07:ad:f2:0f:b2:0a:
e1:01:36:9f:fa:5a:81:4b:a1:b6:97:19:b7:f4:48:91:c2:e4:
50:d6:90:b9:cd:4d:65:91:92:82:dc:67:92:ad:8c:e0:9a:43:
87:be:55:c8:3a:64:60:7f:1b:03:ed:e8:2d:5b:94:a7:b6:04:
fc:60:8b:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxjC2h5CI6qBJZq0XZzqTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzY3MDY5OGNmYWVmMjY0N2ZiYzlhMDZmNzM4MDg1NmUy
YjMwMjcwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFjYzEwMWM2MmM2NjEyYjcxMWFjNDg1OTQ2MmMzNTNkMWZjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe4wmew5aO7eTo8pZUuhzERJUqL3
Qw7PzFaThQjNe/oq0SC7DMoiHv4YNTek4/KbNZuRj9lr5chwFFXVB1kul9xQwPj9
WRM3OirZwJdDmDajQnyeg2ZCSK2Tq300ngKWd+Gvt57Atv4GS5agxcNCK+UkB3EQ
AYaemmD6srz471pyQhIrGa+4TdKLxnTia3wo7PxPhvKvyTz8jIBF8Pgg2JvvmTpF
V6zQhlJTILWixdJYyLnnnn1zfJ2yLbhQQQFHaa8cYZQHmg9k+JD6fVwAPwyUZBDL
cTJ33QvZ8Q88uE9/w1j50uIE9T4h4yDD5NMcNOKiVSeuHRchmMTX9Yg5jwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPAcwQHGLGYStxGsSFlGLDU9H8ogMB8GA1UdIwQY
MBaAFKx2cGmM+u8mR/vJoG9zgIVuKzAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYt
OWUwNDQwOTJiODI2LzEvOEJ6QkFjWXNaaEszRWF4SVdVWXNOVDBmeWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82OGY2NTEtZjNhNi00MjUyLTlmYWYtOWUwNDQwOTJiODI2
LzEvckhad2FZejY3eVpILThtZ2IzT0FoVzRyTUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGlADAN
BgkqhkiG9w0BAQsFAAOCAQEAGBF70VzTjpExpHUSqAJZzbkLbATjc4nmth7P8fhg
x99xb9yGrnScWbQ2yjY1KxiD2meK40ReJNJ6UBLiHCMQ/vFTUWCrimgnKdfYRvZo
5vDS5yo6hg9z4udenTuijfu114Eyy1TZQPFOyrcTQyOReyRTvIY8gKRfwf/V5CuG
VTv/YBDUZJh3X6EatwtGu2aW2TDVmsZbFUa4FeWQCmLrXwhAAmbCDPOa8KnsPBta
6Dfb8IcpFOhI0sMHlIE7YvgWB63yD7IK4QE2n/pagUuhtpcZt/RIkcLkUNaQuc1N
ZZGSgtxnkq2M4JpDh75VyDpkYH8bA+3oLVuUp7YE/GCLWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:45 2024 by rpki-client on console-ams.rpki-client.org