Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/0onWFNUY-EzHhagKAyKqC4x61k4.roa
File: 0onWFNUY-EzHhagKAyKqC4x61k4.roa (raw, json)
Hash identifier: Yhvdb7pR6kQLFsI1qqkbaHnsjqM+3LHH/Th/A1v1VNY=
Subject key identifier: D2:89:D6:14:D5:18:F8:4C:C7:85:A8:0A:03:22:AA:0B:8C:7A:D6:4E
Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439
Certificate serial: 018AF477E131AA3ACF825310D3DDA88C6BD3
Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/0onWFNUY-EzHhagKAyKqC4x61k4.roa
Signing time: Tue 03 Oct 2023 07:36:51 +0000
ROA not before: Tue 03 Oct 2023 07:36:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34820
IP address blocks: 2a0c:2540::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 03 Oct 2023 08:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:77:e1:31:aa:3a:cf:82:53:10:d3:dd:a8:8c:6b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439
Validity
Not Before: Oct 3 07:36:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d289d614d518f84cc785a80a0322aa0b8c7ad64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3e:a0:97:b5:ed:99:6f:11:1a:93:c9:c8:f4:
8e:7f:a1:50:43:df:7e:e1:df:27:81:8d:6d:ec:de:
99:18:15:a4:19:69:31:48:1f:9c:59:9e:5b:ce:cc:
5d:b4:c6:ee:f9:9e:13:77:10:7c:a8:57:a2:f6:df:
d9:1b:a8:c1:62:3d:20:6d:5a:88:8c:0e:03:8c:fa:
ad:fc:31:90:a8:32:d2:9d:93:18:73:d0:51:39:2d:
a2:6b:ec:34:d6:c1:1b:a1:8c:50:28:04:b9:2d:4d:
97:cf:af:b2:f9:f0:72:b4:35:4c:2c:32:ee:aa:3c:
ca:ac:80:3d:21:fc:80:ea:f1:70:3a:e8:7a:47:e3:
a1:6f:81:94:97:c5:b7:21:8f:0e:05:5d:a5:70:b1:
d7:3a:48:4d:62:b2:18:b3:41:59:3b:7f:87:1c:ca:
8c:35:0b:87:3d:c5:9b:94:d2:20:64:c9:eb:82:28:
76:1a:13:47:29:65:87:67:e7:ba:55:60:2a:26:15:
e4:91:a5:42:ac:13:46:74:7a:d2:4f:c1:19:ec:c0:
61:bb:c2:83:48:50:3e:4c:4d:c1:03:b0:58:8d:26:
06:6a:d5:5c:a9:5d:93:b7:27:88:00:55:dc:8b:a2:
4f:3c:cc:a2:84:46:ab:39:a5:ef:1a:1b:ad:bf:47:
16:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:D6:14:D5:18:F8:4C:C7:85:A8:0A:03:22:AA:0B:8C:7A:D6:4E
X509v3 Authority Key Identifier:
keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/0onWFNUY-EzHhagKAyKqC4x61k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:2540::/29
Signature Algorithm: sha256WithRSAEncryption
20:03:3a:af:b3:09:18:10:e7:90:6e:d6:66:cd:fe:4a:2d:9c:
8d:68:3d:bd:c6:4a:49:84:5e:75:55:13:37:e0:b6:57:d1:d4:
b8:a1:61:52:58:28:93:24:e4:65:0e:56:12:d6:c6:75:dc:2d:
34:1a:f3:10:f3:24:91:1c:73:d0:b4:ed:de:e7:9a:5c:df:61:
55:06:0b:6d:88:53:e7:d9:94:e6:87:e2:ef:e8:82:00:a5:5e:
38:99:ff:52:c0:eb:25:fb:d4:74:43:cf:72:3f:6f:b6:48:94:
90:0c:20:5f:65:92:c7:7c:f1:80:fb:f6:e4:fc:e4:31:98:73:
ba:a3:bd:59:80:c8:6b:19:82:30:9e:f2:dc:15:b8:9e:2e:65:
bf:44:ee:fa:cb:cc:46:1c:97:16:24:58:8b:97:14:29:4e:cc:
34:27:1f:f1:52:a3:0b:28:e1:de:a7:f3:ee:36:ba:75:59:0f:
74:0e:6a:05:e4:7c:3a:29:71:67:03:01:72:9d:6a:e8:c6:1c:
6d:f6:96:5f:8f:91:2c:14:45:58:0f:7e:d9:b4:8c:24:44:cf:
f3:81:eb:94:41:52:79:ad:98:0d:63:c6:5b:83:cc:b6:09:60:
3a:49:f2:d5:45:21:1c:0e:4b:c5:0d:1d:57:82:99:60:b3:9b:
fa:44:79:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYr0d+ExqjrPglMQ092ojGvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0
YTA0MzkwHhcNMjMxMDAzMDczNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg5ZDYxNGQ1MThmODRjYzc4NWE4MGEwMzIyYWEwYjhjN2FkNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8T6gl7XtmW8RGpPJyPSOf6FQQ99+
4d8ngY1t7N6ZGBWkGWkxSB+cWZ5bzsxdtMbu+Z4TdxB8qFei9t/ZG6jBYj0gbVqI
jA4DjPqt/DGQqDLSnZMYc9BROS2ia+w01sEboYxQKAS5LU2Xz6+y+fBytDVMLDLu
qjzKrIA9IfyA6vFwOuh6R+Ohb4GUl8W3IY8OBV2lcLHXOkhNYrIYs0FZO3+HHMqM
NQuHPcWblNIgZMnrgih2GhNHKWWHZ+e6VWAqJhXkkaVCrBNGdHrST8EZ7MBhu8KD
SFA+TE3BA7BYjSYGatVcqV2TtyeIAFXci6JPPMyihEarOaXvGhutv0cWRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNKJ1hTVGPhMx4WoCgMiqguMetZOMB8GA1UdIwQY
MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz
LTEzMDQ0NTRiZjI5ZC8xLzBvbldGTlVZLUV6SGhhZ0tBeUtxQzR4NjFrNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5
ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqDCVA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgAzqvswkYEOeQbtZmzf5KLZyNaD29xkpJhF51
VRM34LZX0dS4oWFSWCiTJORlDlYS1sZ13C00GvMQ8ySRHHPQtO3e55pc32FVBgtt
iFPn2ZTmh+Lv6IIApV44mf9SwOsl+9R0Q89yP2+2SJSQDCBfZZLHfPGA+/bk/OQx
mHO6o71ZgMhrGYIwnvLcFbieLmW/RO76y8xGHJcWJFiLlxQpTsw0Jx/xUqMLKOHe
p/PuNrp1WQ90DmoF5Hw6KXFnAwFynWroxhxt9pZfj5EsFEVYD37ZtIwkRM/zgeuU
QVJ5rZgNY8Zbg8y2CWA6SfLVRSEcDkvFDR1Xgplgs5v6RHmY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org