Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/9fLVwGt9v-eZmuxdoHLvudp8sBc.roa
File: 9fLVwGt9v-eZmuxdoHLvudp8sBc.roa (raw, json)
Hash identifier: 3drWNyGY575rL6VyM59RaspkFMcAagB2iyQRd+h7ehE=
Subject key identifier: F5:F2:D5:C0:6B:7D:BF:E7:99:9A:EC:5D:A0:72:EF:B9:DA:7C:B0:17
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 01856D6F7359F9DCA574099C2329BFCBC545
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/9fLVwGt9v-eZmuxdoHLvudp8sBc.roa
Signing time: Sun 01 Jan 2023 13:04:58 +0000
ROA not before: Sun 01 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Jun 2023 08:43:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:73:59:f9:dc:a5:74:09:9c:23:29:bf:cb:c5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5f2d5c06b7dbfe7999aec5da072efb9da7cb017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7d:d1:7e:02:0a:b2:80:72:97:e9:c1:19:5c:
90:b8:69:19:a6:77:bf:33:4f:39:ab:60:f0:0d:df:
54:c5:03:c9:23:c5:34:bd:93:55:be:f9:2b:25:03:
85:b9:67:8b:e0:08:f1:5a:58:26:9c:0d:f5:94:f1:
79:fb:1f:c8:ab:b4:be:55:df:c1:ec:94:1b:0e:f7:
5e:7d:a9:77:ce:cd:80:4e:f3:de:f3:76:59:cd:98:
a3:4d:cc:b6:33:40:af:85:4f:a6:f5:5c:7e:3c:c4:
c5:19:20:94:6b:c3:b4:36:a8:76:d3:2c:ea:6b:95:
51:12:81:76:7b:94:73:0d:05:7b:0b:1f:10:75:e6:
5e:cd:87:ec:88:ef:39:5e:10:c8:d9:4f:35:42:f6:
10:ff:35:cf:24:a6:dd:08:c9:e0:4c:fc:71:a6:95:
a9:f9:e9:f4:5f:ba:b7:33:90:eb:39:e4:d8:9c:11:
c5:5a:22:8e:d1:1d:d4:be:25:3a:4b:25:9c:3c:77:
14:b1:92:54:24:62:ab:a9:06:7f:de:2b:9c:ae:a2:
a4:d9:9f:e3:d0:1e:e2:dd:95:e7:6a:74:81:2e:6c:
57:42:fb:62:0c:b6:2d:d4:b1:82:c8:86:b7:5c:cd:
e1:39:36:4e:a1:0f:f0:f6:b7:e9:11:bc:f6:51:b6:
fd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F2:D5:C0:6B:7D:BF:E7:99:9A:EC:5D:A0:72:EF:B9:DA:7C:B0:17
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/9fLVwGt9v-eZmuxdoHLvudp8sBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
Signature Algorithm: sha256WithRSAEncryption
08:89:6a:f1:af:75:49:cf:b9:78:f6:b1:90:82:35:6d:ce:d0:
e0:6b:21:14:1c:d4:ee:5c:b1:f6:22:83:a1:13:4c:65:7b:bc:
1f:9c:c4:47:60:4b:c5:c7:1d:39:17:34:a6:fe:23:9f:8e:40:
87:34:f2:33:8d:db:64:47:c7:bc:85:a0:6a:46:12:b2:dd:e6:
db:44:7d:d3:ed:37:43:fa:5b:7b:f7:36:a5:d2:1b:fa:0a:51:
ef:c1:a6:86:0b:ae:57:95:07:2c:91:5e:0a:42:e4:95:d6:41:
7b:d6:ce:f4:7b:ba:86:8f:31:0b:79:1a:71:7b:50:60:87:99:
c8:b3:12:c2:4d:a9:0a:73:10:0a:56:e6:80:98:cc:65:5e:b3:
59:ae:04:ea:c7:41:9d:cf:01:69:53:d9:30:23:85:59:f8:87:
f9:f8:6a:7e:33:f4:ea:51:5b:92:1c:b0:57:ea:fa:6c:9c:c4:
b6:4c:2f:0b:3f:66:27:3e:45:f2:29:fa:9f:6d:c9:73:02:c1:
0b:6f:ba:86:07:3b:5e:e9:47:c4:1f:08:a9:a4:7e:f8:77:9e:
cf:3e:88:9c:3d:5a:97:79:b2:f4:2d:9b:79:04:3b:ac:0d:1e:
e3:bb:46:99:9d:8c:09:8b:3c:c7:b2:2c:d3:f5:f4:4d:0e:57:
74:d5:6a:5f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVtb3NZ+dyldAmcIym/y8VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwMTAxMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWYyZDVjMDZiN2RiZmU3OTk5YWVjNWRhMDcyZWZiOWRhN2NiMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH3RfgIKsoByl+nBGVyQuGkZpne/
M085q2DwDd9UxQPJI8U0vZNVvvkrJQOFuWeL4AjxWlgmnA31lPF5+x/Iq7S+Vd/B
7JQbDvdefal3zs2ATvPe83ZZzZijTcy2M0CvhU+m9Vx+PMTFGSCUa8O0Nqh20yzq
a5VREoF2e5RzDQV7Cx8QdeZezYfsiO85XhDI2U81QvYQ/zXPJKbdCMngTPxxppWp
+en0X7q3M5DrOeTYnBHFWiKO0R3UviU6SyWcPHcUsZJUJGKrqQZ/3iucrqKk2Z/j
0B7i3ZXnanSBLmxXQvtiDLYt1LGCyIa3XM3hOTZOoQ/w9rfpEbz2Ubb9YwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPXy1cBrfb/nmZrsXaBy77nafLAXMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvOWZMVndHdDl2LWVabXV4ZG9ITHZ1ZHA4c0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgBLwCAA
AwYAKgBLwCEwDQYJKoZIhvcNAQELBQADggEBAAiJavGvdUnPuXj2sZCCNW3O0OBr
IRQc1O5csfYig6ETTGV7vB+cxEdgS8XHHTkXNKb+I5+OQIc08jON22RHx7yFoGpG
ErLd5ttEfdPtN0P6W3v3NqXSG/oKUe/BpoYLrleVByyRXgpC5JXWQXvWzvR7uoaP
MQt5GnF7UGCHmcizEsJNqQpzEApW5oCYzGVes1muBOrHQZ3PAWlT2TAjhVn4h/n4
an4z9OpRW5IcsFfq+mycxLZMLws/Zic+RfIp+p9tyXMCwQtvuoYHO17pR8QfCKmk
fvh3ns8+iJw9Wpd5svQtm3kEO6wNHuO7RpmdjAmLPMeyLNP19E0OV3TVal8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org