Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/onmCSXATgDQUOKXHeGsexvamvJg.roa
File: onmCSXATgDQUOKXHeGsexvamvJg.roa (raw, json)
Hash identifier: CZbuvrRG9HrwX6yfmJxWMaZhx/BsRYUsfkIxO77pWUY=
Subject key identifier: A2:79:82:49:70:13:80:34:14:38:A5:C7:78:6B:1E:C6:F6:A6:BC:98
Certificate issuer: /CN=a37244348e71ec1be5f5007c8d5efe7125920722
Certificate serial: 018CC42516AD3E8A3F8788CFD4DAAE4F5576
Authority key identifier: A3:72:44:34:8E:71:EC:1B:E5:F5:00:7C:8D:5E:FE:71:25:92:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3JENI5x7Bvl9QB8jV7-cSWSByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/onmCSXATgDQUOKXHeGsexvamvJg.roa
Signing time: Mon 01 Jan 2024 08:30:14 +0000
ROA not before: Mon 01 Jan 2024 08:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200617
IP address blocks: 2a13:5840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 14 Feb 2024 06:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:16:ad:3e:8a:3f:87:88:cf:d4:da:ae:4f:55:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a37244348e71ec1be5f5007c8d5efe7125920722
Validity
Not Before: Jan 1 08:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2798249701380341438a5c7786b1ec6f6a6bc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:42:35:ba:92:37:32:2b:6c:82:81:70:55:d5:
b8:51:b3:62:62:85:de:06:0d:2e:06:77:fe:a6:c9:
a0:b1:27:88:60:44:d6:8d:b6:f4:e8:85:dd:0b:91:
f2:13:80:ed:4e:fa:0c:04:29:d3:9b:75:87:af:c8:
1c:1e:c3:b1:c9:29:0b:57:57:6c:c5:8c:66:28:cf:
0a:8a:72:40:93:08:15:ec:35:10:43:3c:25:e7:c4:
9e:b0:67:f9:f7:c5:7d:fa:a5:b0:39:53:d3:78:45:
15:28:e4:9d:ec:22:28:a3:20:b4:47:da:98:72:a6:
ba:89:cc:82:7d:aa:00:c2:c0:f8:c8:17:a6:ed:99:
24:fb:35:c3:38:2c:15:1e:a0:39:bd:7a:45:22:80:
51:0e:1d:1f:29:3a:60:fd:ff:0c:60:3e:6d:20:bd:
76:d9:27:66:33:f7:25:9d:d8:58:71:23:56:25:c2:
46:24:af:fb:96:58:f4:6a:fa:50:5b:0b:ff:98:03:
44:e5:dc:ed:87:a8:13:51:68:6d:40:24:50:5e:1e:
02:e4:ef:85:07:60:b2:ce:76:a4:42:7d:0a:fd:97:
40:68:71:65:3b:d9:9f:cc:5d:25:67:a8:46:70:03:
97:01:18:2a:f5:44:db:16:cd:19:f0:f5:01:ac:1a:
06:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:79:82:49:70:13:80:34:14:38:A5:C7:78:6B:1E:C6:F6:A6:BC:98
X509v3 Authority Key Identifier:
keyid:A3:72:44:34:8E:71:EC:1B:E5:F5:00:7C:8D:5E:FE:71:25:92:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3JENI5x7Bvl9QB8jV7-cSWSByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/onmCSXATgDQUOKXHeGsexvamvJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b4ad85-16a8-487a-8a77-8852a532ad45/1/o3JENI5x7Bvl9QB8jV7-cSWSByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5840::/29
Signature Algorithm: sha256WithRSAEncryption
8f:e5:37:1b:23:6c:9b:cc:e8:77:36:d6:cb:91:f5:a2:c1:00:
32:41:91:11:8d:d0:e0:ca:62:e7:30:d3:90:9b:7e:98:18:a2:
b0:30:1d:93:6d:1f:d0:b2:89:89:ed:52:3e:41:4a:e0:4c:1f:
4b:0b:b7:f9:4d:e9:7f:0d:78:f8:f8:6e:79:e4:e5:78:a2:67:
e4:c7:84:aa:f8:b6:14:51:7f:b9:60:23:c8:8c:02:5c:65:14:
d9:15:17:2a:ab:31:f5:c9:4b:b4:b0:a6:8b:7e:97:f2:55:97:
7c:40:c5:d5:4c:7c:eb:d7:fe:49:56:25:a1:ae:be:d2:ef:56:
70:f1:08:65:56:8e:4d:f0:aa:34:dc:d3:c1:26:34:64:cf:9e:
aa:a5:af:6a:3d:73:4d:a3:fb:0a:93:ab:42:b5:22:bf:2b:72:
ac:a8:e2:36:89:d1:14:97:5b:04:14:3d:c0:9d:b1:01:be:d1:
04:ed:60:36:3f:df:2c:06:82:3a:17:ae:c2:fb:5c:ef:0a:b1:
fd:3f:b6:11:ff:a2:73:76:31:92:eb:a8:00:fd:79:5e:6c:0c:
ad:ed:26:4e:89:26:15:a2:91:d9:10:26:84:bf:e5:b3:7b:29:
2b:e8:eb:c2:10:be:c1:8f:ae:cd:59:b6:74:54:7f:df:3d:bf:
8f:a7:5d:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJRatPoo/h4jP1NquT1V2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzI0NDM0OGU3MWVjMWJlNWY1MDA3YzhkNWVmZTcxMjU5
MjA3MjIwHhcNMjQwMTAxMDgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc5ODI0OTcwMTM4MDM0MTQzOGE1Yzc3ODZiMWVjNmY2YTZiYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0I1upI3MitsgoFwVdW4UbNiYoXe
Bg0uBnf+psmgsSeIYETWjbb06IXdC5HyE4DtTvoMBCnTm3WHr8gcHsOxySkLV1ds
xYxmKM8KinJAkwgV7DUQQzwl58SesGf598V9+qWwOVPTeEUVKOSd7CIooyC0R9qY
cqa6icyCfaoAwsD4yBem7Zkk+zXDOCwVHqA5vXpFIoBRDh0fKTpg/f8MYD5tIL12
2SdmM/clndhYcSNWJcJGJK/7llj0avpQWwv/mANE5dzth6gTUWhtQCRQXh4C5O+F
B2CyznakQn0K/ZdAaHFlO9mfzF0lZ6hGcAOXARgq9UTbFs0Z8PUBrBoGHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKJ5gklwE4A0FDilx3hrHsb2pryYMB8GA1UdIwQY
MBaAFKNyRDSOcewb5fUAfI1e/nElkgciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNKRU5JNXg3QnZsOVFCOGpWNy1jU1dTQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iNGFkODUtMTZhOC00ODdhLThhNzct
ODg1MmE1MzJhZDQ1LzEvb25tQ1NYQVRnRFFVT0tYSGVHc2V4dmFtdkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iNGFkODUtMTZhOC00ODdhLThhNzctODg1MmE1MzJhZDQ1
LzEvbzNKRU5JNXg3QnZsOVFCOGpWNy1jU1dTQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNYQDAN
BgkqhkiG9w0BAQsFAAOCAQEAj+U3GyNsm8zodzbWy5H1osEAMkGREY3Q4Mpi5zDT
kJt+mBiisDAdk20f0LKJie1SPkFK4EwfSwu3+U3pfw14+PhueeTleKJn5MeEqvi2
FFF/uWAjyIwCXGUU2RUXKqsx9clLtLCmi36X8lWXfEDF1Ux869f+SVYloa6+0u9W
cPEIZVaOTfCqNNzTwSY0ZM+eqqWvaj1zTaP7CpOrQrUivytyrKjiNonRFJdbBBQ9
wJ2xAb7RBO1gNj/fLAaCOheuwvtc7wqx/T+2Ef+ic3YxkuuoAP15XmwMre0mTokm
FaKR2RAmhL/ls3spK+jrwhC+wY+uzVm2dFR/3z2/j6dd8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org