Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/fW49p6FSTe6mEPYkVCsYiuRvk7M.roa
File: fW49p6FSTe6mEPYkVCsYiuRvk7M.roa (raw, json)
Hash identifier: UkZgd2dqhpYBrlQ2WiKpfJ1dnZxtNo5BYE4/hp2J3aE=
Subject key identifier: 7D:6E:3D:A7:A1:52:4D:EE:A6:10:F6:24:54:2B:18:8A:E4:6F:93:B3
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 01871A241D76BB9054D6BADE1B006C72E167
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/fW49p6FSTe6mEPYkVCsYiuRvk7M.roa
Signing time: Sat 25 Mar 2023 18:59:47 +0000
ROA not before: Sat 25 Mar 2023 18:59:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac1::/32 maxlen: 48
2a12:8ac0::/29 maxlen: 48
2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Mar 2023 10:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:24:1d:76:bb:90:54:d6:ba:de:1b:00:6c:72:e1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Mar 25 18:59:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d6e3da7a1524deea610f624542b188ae46f93b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6a:53:7c:8d:6c:df:58:db:e0:ee:ad:c4:ed:
73:2e:62:87:18:29:af:95:e7:8b:76:45:3f:d7:bd:
40:92:15:e7:bc:74:42:d7:50:23:16:49:78:00:f0:
63:5e:f9:62:d9:c4:4e:72:1c:06:78:0d:6f:88:43:
fb:4a:7b:b7:4f:a5:56:6d:a1:91:71:06:50:ad:eb:
23:59:89:82:05:3e:47:72:2f:d3:a4:db:ed:a3:47:
16:e0:18:be:c2:08:4c:ce:b9:b2:25:98:d0:73:67:
16:58:6c:f8:19:46:4f:0b:e7:62:92:e4:4c:11:a9:
00:ee:a6:20:01:41:7f:aa:46:97:9f:e4:2b:82:87:
54:a9:86:f7:ff:dd:41:93:57:13:f2:73:8d:52:51:
14:8c:0c:41:aa:40:ca:4f:cf:08:88:b7:f6:cd:55:
aa:7f:d4:70:fd:5e:1f:7c:8c:00:fd:6d:32:8d:ba:
f1:48:f8:ef:cc:21:2b:47:21:c9:65:c1:9b:df:92:
6f:87:01:b6:42:51:92:0c:f2:27:25:ec:24:2a:05:
87:33:38:a1:fa:fe:60:d0:c8:39:ff:e8:2b:b0:1f:
22:49:0f:5c:96:e3:4c:8f:73:fe:44:ea:2e:1b:e5:
57:98:83:c9:07:0d:a2:4b:91:0c:eb:13:6d:10:93:
aa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:6E:3D:A7:A1:52:4D:EE:A6:10:F6:24:54:2B:18:8A:E4:6F:93:B3
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/fW49p6FSTe6mEPYkVCsYiuRvk7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
12:13:93:7f:d3:05:61:cc:f3:6b:ae:14:b1:0f:48:4d:a8:3d:
c2:b6:17:f1:52:1d:12:9f:dc:7f:5d:8f:e8:aa:cd:78:66:37:
5f:8c:00:4a:30:9b:ca:0a:1c:60:85:bf:4a:62:85:4a:00:3b:
e4:be:a4:39:03:42:66:55:65:04:45:02:2c:f3:75:53:fc:39:
f9:58:56:3f:3e:0c:c9:d4:da:7c:6d:54:e6:85:81:6d:ef:22:
81:c9:f8:3f:7e:1c:26:e0:e0:5e:c3:2a:01:c2:b1:da:d5:c4:
10:c9:37:9b:4d:86:0a:7b:49:f9:b4:30:55:e4:cd:96:23:33:
2a:bc:f4:7a:a6:0b:b5:2e:31:77:eb:ee:fd:3e:a0:76:14:5d:
b7:4b:ed:2e:42:0c:62:72:db:e7:29:6d:3d:05:37:30:f3:fd:
37:fd:23:b2:09:74:56:d5:82:33:aa:f3:e5:9c:46:dd:cf:f7:
5a:39:88:7d:79:b3:7e:c3:a0:3d:7c:b5:96:4c:d9:f6:6f:6d:
cd:93:4c:a4:9b:e5:cf:20:26:25:49:fb:31:24:e9:a7:bb:3b:
b1:96:b8:80:ce:29:7a:a0:29:7a:3e:df:89:43:f4:d5:09:a0:
99:d8:93:5c:a4:5e:9e:21:08:d2:aa:f7:16:77:ed:27:5d:1f:
b0:f8:a5:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcaJB12u5BU1rreGwBscuFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjMwMzI1MTg1OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDZlM2RhN2ExNTI0ZGVlYTYxMGY2MjQ1NDJiMTg4YWU0NmY5M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2pTfI1s31jb4O6txO1zLmKHGCmv
leeLdkU/171AkhXnvHRC11AjFkl4APBjXvli2cROchwGeA1viEP7Snu3T6VWbaGR
cQZQresjWYmCBT5Hci/TpNvto0cW4Bi+wghMzrmyJZjQc2cWWGz4GUZPC+dikuRM
EakA7qYgAUF/qkaXn+QrgodUqYb3/91Bk1cT8nONUlEUjAxBqkDKT88IiLf2zVWq
f9Rw/V4ffIwA/W0yjbrxSPjvzCErRyHJZcGb35JvhwG2QlGSDPInJewkKgWHMzih
+v5g0Mg5/+grsB8iSQ9cluNMj3P+ROouG+VXmIPJBw2iS5EM6xNtEJOqsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH1uPaehUk3uphD2JFQrGIrkb5OzMB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvZlc0OXA2RlNUZTZtRVBZa1ZDc1lpdVJ2azdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEhOTf9MFYczza64UsQ9ITag9wrYX8VIdEp/cf12P
6KrNeGY3X4wASjCbygocYIW/SmKFSgA75L6kOQNCZlVlBEUCLPN1U/w5+VhWPz4M
ydTafG1U5oWBbe8igcn4P34cJuDgXsMqAcKx2tXEEMk3m02GCntJ+bQwVeTNliMz
Krz0eqYLtS4xd+vu/T6gdhRdt0vtLkIMYnLb5yltPQU3MPP9N/0jsgl0VtWCM6rz
5ZxG3c/3WjmIfXmzfsOgPXy1lkzZ9m9tzZNMpJvlzyAmJUn7MSTpp7s7sZa4gM4p
eqApej7fiUP01QmgmdiTXKReniEI0qr3FnftJ10fsPilWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:23 2024 by rpki-client on console-ams.rpki-client.org