Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/5hZcn6vs0ksadM4BipicGuapymk.roa
File: 5hZcn6vs0ksadM4BipicGuapymk.roa (raw, json)
Hash identifier: zusYm5QiNmqJASC0It8WJTR+y6W2t1lOojvGDO9zo6g=
Subject key identifier: E6:16:5C:9F:AB:EC:D2:4B:1A:74:CE:01:8A:98:9C:1A:E6:A9:CA:69
Certificate issuer: /CN=f279a3e854f01015e9d0e03e89d8070cc9ebcf89
Certificate serial: 01857195383AF0A789BFF6D9E6F52CD9536F
Authority key identifier: F2:79:A3:E8:54:F0:10:15:E9:D0:E0:3E:89:D8:07:0C:C9:EB:CF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nmj6FTwEBXp0OA-idgHDMnrz4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/5hZcn6vs0ksadM4BipicGuapymk.roa
Signing time: Mon 02 Jan 2023 08:24:42 +0000
ROA not before: Mon 02 Jan 2023 08:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30847
IP address blocks: 2a01:8900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:38:3a:f0:a7:89:bf:f6:d9:e6:f5:2c:d9:53:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f279a3e854f01015e9d0e03e89d8070cc9ebcf89
Validity
Not Before: Jan 2 08:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6165c9fabecd24b1a74ce018a989c1ae6a9ca69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:51:e8:24:a6:e4:fe:f6:d2:c6:77:ed:77:
d8:84:e3:2f:39:21:e1:8a:45:75:17:41:08:bf:98:
22:05:ef:10:f9:6f:f0:eb:40:31:98:c9:38:a8:b3:
05:f1:a1:e7:39:69:b1:bc:54:72:d5:9c:71:6d:b7:
3f:0f:d9:8a:5e:49:c6:3b:14:f8:4f:66:ee:6d:39:
2a:63:e2:21:99:01:30:1d:ee:8a:ad:64:86:7a:14:
4f:56:fd:de:a5:47:8e:b1:cb:d1:68:43:ae:47:44:
29:c2:6d:1e:72:f3:7f:71:db:4c:54:a9:64:dd:af:
b0:02:d0:10:39:24:b6:3e:d8:d8:a1:80:b1:80:93:
65:26:c6:32:f2:d2:e9:dc:43:fd:4f:20:93:c4:1b:
c6:70:27:ba:64:68:40:ea:41:a2:19:14:df:34:d8:
db:e2:c0:f0:ba:c5:3a:f6:43:0d:eb:f4:cc:5e:98:
9e:ce:29:72:a0:0a:88:01:61:91:ad:61:09:fc:22:
ab:0e:07:96:cf:64:b4:a9:ad:f3:52:e5:cc:ba:df:
28:5d:a3:b7:fa:d1:75:09:b1:5a:e0:c2:14:8e:d2:
a0:a7:38:d0:a1:67:ec:75:31:d5:f1:62:e9:9d:89:
f7:59:36:33:b4:7a:a7:83:00:a3:0f:27:0b:59:60:
fe:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:16:5C:9F:AB:EC:D2:4B:1A:74:CE:01:8A:98:9C:1A:E6:A9:CA:69
X509v3 Authority Key Identifier:
keyid:F2:79:A3:E8:54:F0:10:15:E9:D0:E0:3E:89:D8:07:0C:C9:EB:CF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nmj6FTwEBXp0OA-idgHDMnrz4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/5hZcn6vs0ksadM4BipicGuapymk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/8nmj6FTwEBXp0OA-idgHDMnrz4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8900::/32
Signature Algorithm: sha256WithRSAEncryption
64:f5:64:91:31:1e:48:0e:79:41:70:7c:5b:43:f0:b6:32:75:
b7:01:09:39:a4:f3:bc:37:18:06:92:0e:2e:8a:11:d2:8b:d6:
70:b6:d3:d9:21:66:20:14:0c:b8:e2:32:59:47:2b:0b:08:0b:
22:33:3a:23:bb:5f:ef:a7:b7:1a:1b:4e:70:8d:cb:ca:7c:4a:
b1:cd:77:89:c6:0e:7e:76:07:1f:37:0b:cd:6c:02:2a:b7:ff:
29:fd:8f:70:9a:d2:da:56:ec:da:3f:67:32:5e:88:5e:9b:28:
43:4a:1c:9e:b1:dd:84:40:1e:7b:4f:5a:cb:3c:1a:78:96:2c:
63:d0:c3:0c:70:c3:c1:c1:73:2f:fd:63:68:0f:62:61:1c:1f:
29:95:3b:7c:06:c9:20:fb:33:07:e2:d1:33:fb:8c:e7:9b:0b:
96:03:af:e9:1d:5f:49:ca:97:b5:71:31:a4:bb:7b:d3:0d:de:
ba:fb:73:72:5c:72:f1:3f:2b:f3:ad:35:68:ef:4b:ba:09:f2:
20:97:c8:b5:49:18:b3:20:9e:f4:7e:2b:d2:ea:b5:67:d1:41:
ce:a5:3b:e1:37:db:fe:0c:12:2e:b6:9c:43:ae:7a:c3:f3:36:
77:2a:70:7f:fe:49:75:3f:18:08:09:fc:55:cb:3b:80:9b:0b:
37:86:1c:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxlTg68KeJv/bZ5vUs2VNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNzlhM2U4NTRmMDEwMTVlOWQwZTAzZTg5ZDgwNzBjYzll
YmNmODkwHhcNMjMwMTAyMDgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE2NWM5ZmFiZWNkMjRiMWE3NGNlMDE4YTk4OWMxYWU2YTljYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/5R6CSm5P720sZ37XfYhOMvOSHh
ikV1F0EIv5giBe8Q+W/w60AxmMk4qLMF8aHnOWmxvFRy1Zxxbbc/D9mKXknGOxT4
T2bubTkqY+IhmQEwHe6KrWSGehRPVv3epUeOscvRaEOuR0Qpwm0ecvN/cdtMVKlk
3a+wAtAQOSS2PtjYoYCxgJNlJsYy8tLp3EP9TyCTxBvGcCe6ZGhA6kGiGRTfNNjb
4sDwusU69kMN6/TMXpiezilyoAqIAWGRrWEJ/CKrDgeWz2S0qa3zUuXMut8oXaO3
+tF1CbFa4MIUjtKgpzjQoWfsdTHV8WLpnYn3WTYztHqngwCjDycLWWD+bQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOYWXJ+r7NJLGnTOAYqYnBrmqcppMB8GA1UdIwQY
MBaAFPJ5o+hU8BAV6dDgPonYBwzJ68+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5tajZGVHdFQlhwME9BLWlkZ0hETW5yejRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MzhkYjItMGM4OC00ZmY0LWI5YmMt
OGJhZTdlOWZkNzVjLzEvNWhaY242dnMwa3NhZE00QmlwaWNHdWFweW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MzhkYjItMGM4OC00ZmY0LWI5YmMtOGJhZTdlOWZkNzVj
LzEvOG5tajZGVHdFQlhwME9BLWlkZ0hETW5yejRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgGJADAN
BgkqhkiG9w0BAQsFAAOCAQEAZPVkkTEeSA55QXB8W0PwtjJ1twEJOaTzvDcYBpIO
LooR0ovWcLbT2SFmIBQMuOIyWUcrCwgLIjM6I7tf76e3GhtOcI3LynxKsc13icYO
fnYHHzcLzWwCKrf/Kf2PcJrS2lbs2j9nMl6IXpsoQ0ocnrHdhEAee09ayzwaeJYs
Y9DDDHDDwcFzL/1jaA9iYRwfKZU7fAbJIPszB+LRM/uM55sLlgOv6R1fScqXtXEx
pLt70w3euvtzclxy8T8r8601aO9LugnyIJfItUkYsyCe9H4r0uq1Z9FBzqU74Tfb
/gwSLracQ656w/M2dypwf/5JdT8YCAn8Vcs7gJsLN4YcBw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:50 2024 by rpki-client on console-ams.rpki-client.org