Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/jBEntTTwOxHcUDH_8jOChC_I2R8.roa
File: jBEntTTwOxHcUDH_8jOChC_I2R8.roa (raw, json)
Hash identifier: KUUU2JLuIZu/33O51L5OLgHfNYaRQRZBphSLeHv78/4=
Subject key identifier: 8C:11:27:B5:34:F0:3B:11:DC:50:31:FF:F2:33:82:84:2F:C8:D9:1F
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018C8BE1C4CBA0D30AFF2651D23EF43E9033
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/jBEntTTwOxHcUDH_8jOChC_I2R8.roa
Signing time: Thu 21 Dec 2023 10:17:58 +0000
ROA not before: Thu 21 Dec 2023 10:17:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:92c6::/32 maxlen: 32
2a13:92c0::/29 maxlen: 48
2a13:92c4::/32 maxlen: 32
2a13:92c0::/32 maxlen: 32
2a13:92c3::/32 maxlen: 32
2a13:92c7::/32 maxlen: 32
2a13:92c2::/32 maxlen: 32
2a13:92c1::/32 maxlen: 32
2a13:92c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 22 Dec 2023 08:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:e1:c4:cb:a0:d3:0a:ff:26:51:d2:3e:f4:3e:90:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Dec 21 10:17:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1127b534f03b11dc5031fff23382842fc8d91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:16:dd:dc:7f:fe:60:43:98:d3:c4:70:dd:
cb:96:2c:79:e3:91:f9:6c:65:f1:30:f0:fd:f1:f1:
49:4c:88:10:43:d6:9d:18:74:e6:98:d8:38:a8:ea:
f0:8e:81:62:49:45:2c:e9:42:b3:95:f0:61:37:06:
b4:42:35:c5:44:97:60:14:ef:60:71:01:a5:47:88:
34:45:e0:55:83:7e:69:30:20:4c:75:64:01:5b:46:
b8:34:6c:a7:8e:da:6d:35:bc:90:93:2b:e6:fc:ed:
51:79:57:11:59:60:96:cd:c6:8a:17:b5:5f:9f:a7:
11:54:2b:67:2c:6e:98:3c:47:fc:22:21:c5:1b:ff:
6d:e0:dd:06:2f:d4:9f:15:c1:5b:a0:e2:56:6e:de:
67:05:0a:5b:94:4f:27:94:86:09:26:e4:23:d7:a4:
5d:03:3a:11:7f:1f:eb:6c:4e:e5:d2:5e:83:b0:c3:
9c:f5:4d:71:12:2c:2e:ca:61:79:91:53:50:da:15:
41:b3:48:a1:0f:a4:53:26:99:7c:d3:68:74:8c:86:
89:a4:4d:ee:0a:c5:7a:3e:6a:97:64:57:ed:66:c8:
f1:fd:e8:6f:a8:6e:39:b6:bd:d1:7c:53:9d:fd:f1:
4a:01:ee:4b:ec:1b:9e:0e:4b:0b:72:24:7c:e9:93:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:11:27:B5:34:F0:3B:11:DC:50:31:FF:F2:33:82:84:2F:C8:D9:1F
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/jBEntTTwOxHcUDH_8jOChC_I2R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
63:64:ee:0f:ce:f8:69:6a:bb:fb:fe:97:a5:63:fc:be:cc:5f:
5c:0c:73:40:9d:43:12:3f:ba:40:7b:e1:b8:fa:2e:0e:9b:87:
80:a3:b4:56:10:cd:1e:0b:45:b4:0b:bb:18:24:01:06:06:c8:
80:9d:39:67:88:16:da:f2:de:63:b9:5e:be:0f:20:01:d4:30:
20:7f:95:21:cd:ad:ea:42:1a:d8:8b:24:0b:9c:7a:c4:fd:d7:
30:3e:bd:df:39:00:a5:05:6f:83:1e:a4:ed:47:0b:29:30:0f:
59:78:73:48:a6:56:aa:bd:ca:ab:a0:4c:e8:64:51:e2:fd:a7:
d8:e0:4a:83:92:5f:08:29:41:fa:54:2f:c2:ec:d3:aa:91:c3:
f4:a2:22:8f:cd:60:b0:99:8d:cc:36:d7:ae:b3:69:29:16:d2:
e6:2f:13:81:aa:c7:83:18:7a:cd:6d:3e:91:57:c1:ea:d4:26:
19:73:1e:43:2d:f3:d0:03:84:7c:71:20:dd:55:4d:ab:7b:93:
3e:7e:26:fe:8c:7b:c7:86:27:2e:65:ec:23:86:1d:bb:c5:34:
1f:61:4d:14:c4:45:5e:83:20:9a:6a:43:61:6a:8c:ae:e9:dd:
f6:fd:9a:56:10:ca:3a:9b:f4:73:9a:5a:a0:94:68:c6:e8:11:
c9:95:a1:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyL4cTLoNMK/yZR0j70PpAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjMxMjIxMTAxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzExMjdiNTM0ZjAzYjExZGM1MDMxZmZmMjMzODI4NDJmYzhkOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/oW3dx//mBDmNPEcN3Llix545H5
bGXxMPD98fFJTIgQQ9adGHTmmNg4qOrwjoFiSUUs6UKzlfBhNwa0QjXFRJdgFO9g
cQGlR4g0ReBVg35pMCBMdWQBW0a4NGynjtptNbyQkyvm/O1ReVcRWWCWzcaKF7Vf
n6cRVCtnLG6YPEf8IiHFG/9t4N0GL9SfFcFboOJWbt5nBQpblE8nlIYJJuQj16Rd
AzoRfx/rbE7l0l6DsMOc9U1xEiwuymF5kVNQ2hVBs0ihD6RTJpl802h0jIaJpE3u
CsV6PmqXZFftZsjx/ehvqG45tr3RfFOd/fFKAe5L7BueDksLciR86ZMtbwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIwRJ7U08DsR3FAx//IzgoQvyNkfMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvakJFbnRUVHdPeEhjVURIXzhqT0NoQ19JMlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOSwDAN
BgkqhkiG9w0BAQsFAAOCAQEAY2TuD874aWq7+/6XpWP8vsxfXAxzQJ1DEj+6QHvh
uPouDpuHgKO0VhDNHgtFtAu7GCQBBgbIgJ05Z4gW2vLeY7levg8gAdQwIH+VIc2t
6kIa2IskC5x6xP3XMD693zkApQVvgx6k7UcLKTAPWXhzSKZWqr3Kq6BM6GRR4v2n
2OBKg5JfCClB+lQvwuzTqpHD9KIij81gsJmNzDbXrrNpKRbS5i8TgarHgxh6zW0+
kVfB6tQmGXMeQy3z0AOEfHEg3VVNq3uTPn4m/ox7x4YnLmXsI4Ydu8U0H2FNFMRF
XoMgmmpDYWqMrund9v2aVhDKOpv0c5paoJRoxugRyZWhpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:46 2024 by rpki-client on console-ams.rpki-client.org