Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/hXSnr2Bb4dXN1xWtdTxZw5z1q74.roa
File: hXSnr2Bb4dXN1xWtdTxZw5z1q74.roa (raw, json)
Hash identifier: caggX6cYU9K9f4bOjWe6SjbVxZeMckmPWL6rr7OzarE=
Subject key identifier: 85:74:A7:AF:60:5B:E1:D5:CD:D7:15:AD:75:3C:59:C3:9C:F5:AB:BE
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 018A31C8D4459CEDEFD7970FD577ADA65A97
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/hXSnr2Bb4dXN1xWtdTxZw5z1q74.roa
Signing time: Sat 26 Aug 2023 12:19:19 +0000
ROA not before: Sat 26 Aug 2023 12:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac1::/32 maxlen: 48
2a12:8ac0::/29 maxlen: 48
2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:31:c8:d4:45:9c:ed:ef:d7:97:0f:d5:77:ad:a6:5a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Aug 26 12:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8574a7af605be1d5cdd715ad753c59c39cf5abbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ee:65:43:78:a2:d2:7a:9e:66:e0:2a:c9:17:
97:78:84:1b:c5:56:29:4e:0a:ac:22:78:41:1d:03:
d0:c2:c3:08:f8:06:77:54:cb:28:05:a4:5c:df:d2:
60:de:93:dc:31:e7:3c:08:5a:14:ab:e2:22:ad:7c:
54:67:a2:f1:33:55:d9:39:35:42:38:7b:be:6f:90:
26:c7:87:b5:d8:40:d6:ab:98:df:0b:c1:70:b8:2d:
8a:71:43:de:27:6a:d1:9f:3f:a5:69:f8:7b:ff:85:
f1:8c:6e:32:fe:bf:13:8f:4e:67:a7:4d:e8:14:b5:
8a:93:42:4d:ef:ab:30:b5:5d:4a:31:a1:f8:a3:6e:
62:49:5d:c1:96:22:9e:53:27:58:a8:40:5c:42:bc:
4f:81:cd:78:de:41:77:6f:25:4a:be:99:36:60:12:
40:64:af:39:8b:6b:d0:c2:0e:16:e8:5f:91:03:3a:
96:5a:b9:40:53:13:07:54:ac:76:4a:f4:b8:15:59:
92:ea:53:fb:61:ff:11:55:aa:a9:55:fd:05:41:4f:
01:81:3f:80:a5:f5:4e:90:68:b4:73:85:be:25:e8:
34:ce:52:a3:30:a1:5f:78:1d:1f:ad:a4:4c:af:c6:
b9:1c:2d:d6:71:8a:3a:27:78:f5:1c:e7:20:7f:48:
55:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:74:A7:AF:60:5B:E1:D5:CD:D7:15:AD:75:3C:59:C3:9C:F5:AB:BE
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/hXSnr2Bb4dXN1xWtdTxZw5z1q74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
51:4d:bc:5c:8d:c9:ac:94:d6:db:f7:02:2e:f5:4d:44:4b:15:
49:e9:11:a2:5b:f8:6a:3d:73:0d:b1:7b:5c:54:41:5b:55:41:
5d:e3:28:c3:02:c1:bb:34:57:cb:6f:63:7f:4a:52:9f:b3:71:
32:ff:36:97:a4:5f:f1:94:a7:0e:ce:6c:47:49:a8:02:ca:7f:
9c:e9:e4:94:0d:93:50:90:6c:0a:2a:3f:95:3c:31:b9:24:99:
65:0d:5a:73:47:50:94:c1:b6:d8:b3:d7:71:1d:81:ac:cb:90:
b8:80:e6:e2:9e:9d:d9:ee:3f:f9:a2:b9:fa:8c:63:0e:f6:29:
8f:81:9a:ef:be:07:70:e2:ab:aa:c8:ad:c8:b5:56:91:55:40:
57:63:df:06:35:1c:8f:69:e2:0e:5a:e7:33:dd:9e:e2:9c:8b:
8e:cb:6f:72:d3:fe:c4:4a:18:97:75:fa:8b:42:c4:1f:b3:ac:
1d:24:79:d0:7d:c3:48:e3:f6:2e:83:31:c6:bb:91:c4:d3:18:
39:54:3c:80:3c:93:78:9c:aa:56:b4:37:c1:5b:f3:c6:1d:e9:
b4:d3:f7:c9:f2:5f:90:c3:f4:9c:af:3c:5e:bf:c0:39:81:90:
3e:5e:bb:e1:44:59:cb:c5:c6:51:c4:5d:36:6e:80:0b:4a:06:
f2:73:4f:c6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoxyNRFnO3v15cP1XetplqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjMwODI2MTIxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc0YTdhZjYwNWJlMWQ1Y2RkNzE1YWQ3NTNjNTljMzljZjVhYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO5lQ3ii0nqeZuAqyReXeIQbxVYp
TgqsInhBHQPQwsMI+AZ3VMsoBaRc39Jg3pPcMec8CFoUq+IirXxUZ6LxM1XZOTVC
OHu+b5Amx4e12EDWq5jfC8FwuC2KcUPeJ2rRnz+lafh7/4XxjG4y/r8Tj05np03o
FLWKk0JN76swtV1KMaH4o25iSV3BliKeUydYqEBcQrxPgc143kF3byVKvpk2YBJA
ZK85i2vQwg4W6F+RAzqWWrlAUxMHVKx2SvS4FVmS6lP7Yf8RVaqpVf0FQU8BgT+A
pfVOkGi0c4W+Jeg0zlKjMKFfeB0fraRMr8a5HC3WcYo6J3j1HOcgf0hVowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIV0p69gW+HVzdcVrXU8WcOc9au+MB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvaFhTbnIyQmI0ZFhOMXhXdGRUeFp3NXoxcTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUU28XI3JrJTW2/cCLvVNREsVSekRolv4aj1zDbF7
XFRBW1VBXeMowwLBuzRXy29jf0pSn7NxMv82l6Rf8ZSnDs5sR0moAsp/nOnklA2T
UJBsCio/lTwxuSSZZQ1ac0dQlMG22LPXcR2BrMuQuIDm4p6d2e4/+aK5+oxjDvYp
j4Ga774HcOKrqsityLVWkVVAV2PfBjUcj2niDlrnM92e4pyLjstvctP+xEoYl3X6
i0LEH7OsHSR50H3DSOP2LoMxxruRxNMYOVQ8gDyTeJyqVrQ3wVvzxh3ptNP3yfJf
kMP0nK88Xr/AOYGQPl674URZy8XGUcRdNm6AC0oG8nNPxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org