Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/jh3BKiA5GML0-t5TrhBVOEXgCx8.roa
File: jh3BKiA5GML0-t5TrhBVOEXgCx8.roa (raw, json)
Hash identifier: VuSC8s9vh/WOq/ZH4A/FbjnR+3LS3Mp2QAbZMo4STg8=
Subject key identifier: 8E:1D:C1:2A:20:39:18:C2:F4:FA:DE:53:AE:10:55:38:45:E0:0B:1F
Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Certificate serial: 018E0022DC27CE504AB5EAD19CE3090BA99C
Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/jh3BKiA5GML0-t5TrhBVOEXgCx8.roa
Signing time: Sat 02 Mar 2024 17:07:48 +0000
ROA not before: Sat 02 Mar 2024 17:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a13:aac7::/44 maxlen: 44
Validation: Failed, certificate revoked on Sun 03 Mar 2024 14:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:22:dc:27:ce:50:4a:b5:ea:d1:9c:e3:09:0b:a9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Validity
Not Before: Mar 2 17:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e1dc12a203918c2f4fade53ae10553845e00b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e6:87:12:ac:71:4f:2c:3c:cf:95:54:26:27:
20:a3:68:60:fb:78:8d:58:17:a9:ae:c3:f2:c2:0d:
6f:f2:17:ab:37:95:43:93:90:56:1d:fa:83:25:17:
82:ff:71:a8:8a:c9:c5:9e:2a:32:fa:21:95:68:ab:
7d:e5:c8:24:e1:2c:75:99:fd:a7:fc:72:06:d7:38:
9f:dd:27:4d:12:60:66:05:f8:f6:d4:79:98:9e:c0:
99:50:4d:9a:ee:51:9f:23:08:bf:49:8d:bc:20:43:
06:af:a5:aa:1b:be:a9:4c:15:e0:4a:1b:cf:5b:eb:
10:cc:d3:25:6c:4e:4f:70:5d:3e:64:f6:32:6b:17:
3f:aa:d5:5e:09:eb:4c:18:93:a7:43:be:c6:43:ea:
f2:86:6c:62:e2:d0:b4:25:d8:17:2f:fa:a4:7a:dd:
9a:f7:24:d1:c9:48:66:22:e3:0e:68:1c:77:72:a8:
45:d0:04:14:3a:38:65:4d:42:32:72:00:3b:5b:fc:
75:1d:83:39:f5:b7:fc:03:e3:45:ac:29:68:74:09:
a2:4f:83:dd:be:81:2e:df:e5:80:3c:25:1e:24:1e:
a9:23:60:d0:a0:e1:7b:d9:ee:7d:b6:08:31:a2:7e:
71:08:61:24:2a:e2:51:3c:78:0d:a6:be:86:7c:d5:
1f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1D:C1:2A:20:39:18:C2:F4:FA:DE:53:AE:10:55:38:45:E0:0B:1F
X509v3 Authority Key Identifier:
keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/jh3BKiA5GML0-t5TrhBVOEXgCx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:aac7::/44
Signature Algorithm: sha256WithRSAEncryption
56:53:45:70:d9:77:b0:57:21:e9:98:ac:db:a0:e9:bb:03:bf:
38:5c:1d:ea:3e:6d:9e:63:9b:cd:b0:ce:81:0f:64:98:a2:8f:
6b:7e:f8:b6:e7:a0:6c:34:56:ca:70:13:62:33:ca:81:73:f5:
62:49:f7:4e:c6:88:9b:fa:6d:b4:db:21:11:bb:f6:00:a3:36:
30:dd:a6:ad:1e:a6:17:16:1d:cb:a2:b1:8f:c2:65:3d:89:54:
92:b7:86:0c:e7:d5:0e:b3:4a:d8:83:aa:35:71:26:ce:80:cb:
09:14:73:3a:5d:b9:09:4a:7d:c4:f0:e6:a1:77:53:04:14:b3:
44:29:19:4c:46:ee:fd:26:17:fc:e4:ab:02:13:ae:43:ab:a1:
b0:63:fd:e1:17:b9:55:6a:d7:bc:ac:1c:0c:43:a9:e0:45:b5:
09:c1:86:cc:6b:55:86:45:74:33:48:de:9c:5e:42:5b:91:f7:
10:a3:a2:88:4b:5b:b7:98:f0:fa:39:65:33:ba:ad:92:14:76:
e2:61:17:15:d9:ac:51:71:db:bb:84:0d:1e:29:2f:f0:92:a5:
77:64:fa:62:f7:9a:0d:12:ec:56:5e:04:14:29:0f:e5:cd:e1:
a9:9b:cf:b7:c8:b2:17:fe:d7:26:ea:36:33:de:0e:f7:13:15:
76:88:b5:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY4AItwnzlBKterRnOMJC6mcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz
NmE4YTcwHhcNMjQwMzAyMTcwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFkYzEyYTIwMzkxOGMyZjRmYWRlNTNhZTEwNTUzODQ1ZTAwYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOaHEqxxTyw8z5VUJicgo2hg+3iN
WBeprsPywg1v8herN5VDk5BWHfqDJReC/3GoisnFnioy+iGVaKt95cgk4Sx1mf2n
/HIG1zif3SdNEmBmBfj21HmYnsCZUE2a7lGfIwi/SY28IEMGr6WqG76pTBXgShvP
W+sQzNMlbE5PcF0+ZPYyaxc/qtVeCetMGJOnQ77GQ+ryhmxi4tC0JdgXL/qket2a
9yTRyUhmIuMOaBx3cqhF0AQUOjhlTUIycgA7W/x1HYM59bf8A+NFrClodAmiT4Pd
voEu3+WAPCUeJB6pI2DQoOF72e59tggxon5xCGEkKuJRPHgNpr6GfNUftQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI4dwSogORjC9PreU64QVThF4AsfMB8GA1UdIwQY
MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt
N2IzNTM5N2FmMmY3LzEvamgzQktpQTVHTUwwLXQ1VHJoQlZPRVhnQ3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3
LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhOqxwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBWU0Vw2XewVyHpmKzboOm7A784XB3qPm2eY5vN
sM6BD2SYoo9rfvi256BsNFbKcBNiM8qBc/ViSfdOxoib+m202yERu/YAozYw3aat
HqYXFh3LorGPwmU9iVSSt4YM59UOs0rYg6o1cSbOgMsJFHM6XbkJSn3E8Oahd1ME
FLNEKRlMRu79Jhf85KsCE65Dq6GwY/3hF7lVate8rBwMQ6ngRbUJwYbMa1WGRXQz
SN6cXkJbkfcQo6KIS1u3mPD6OWUzuq2SFHbiYRcV2axRcdu7hA0eKS/wkqV3ZPpi
95oNEuxWXgQUKQ/lzeGpm8+3yLIX/tcm6jYz3g73ExV2iLWo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:21 2024 by rpki-client on console-fra.rpki-client.org