Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/akRZ2gG9EqfnUhV0RS606eanC3A.roa
File: akRZ2gG9EqfnUhV0RS606eanC3A.roa (raw, json)
Hash identifier: 7zJ33HGIBsHuAMDMBYH08x16ER2zbJMv9LLQoRLSpug=
Subject key identifier: 6A:44:59:DA:01:BD:12:A7:E7:52:15:74:45:2E:B4:E9:E6:A7:0B:70
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC2BD09AE9B8A2B47ADAE0FD18DF841AB
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/akRZ2gG9EqfnUhV0RS606eanC3A.roa
Signing time: Tue 09 Apr 2024 12:02:32 +0000
ROA not before: Tue 09 Apr 2024 12:02:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a0d:8cc0::/29 maxlen: 29
2a11:e8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Apr 2024 20:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:bd:09:ae:9b:8a:2b:47:ad:ae:0f:d1:8d:f8:41:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 12:02:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a4459da01bd12a7e7521574452eb4e9e6a70b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fa:ca:66:bf:b5:68:7e:a7:71:92:f2:c9:82:
14:18:d6:79:73:6c:de:3c:c8:01:60:f6:0c:61:87:
8d:cb:15:04:79:70:81:fa:2e:03:4f:6b:70:8a:13:
4d:a3:4a:50:8e:c7:44:0e:e3:17:9b:87:e5:89:fc:
0b:bb:b1:97:74:59:d6:43:3c:9f:f1:ba:01:d2:23:
82:71:00:65:c3:a9:e4:c2:1a:9e:24:e4:35:a4:8a:
82:33:2c:40:96:a6:e9:e7:32:15:c2:53:37:70:10:
22:86:d4:6b:df:c5:b6:26:d2:ff:c8:30:f3:b7:e3:
11:f8:a7:aa:71:05:9d:82:cf:ac:b6:bb:8f:13:8f:
41:d1:16:61:d0:99:f6:fb:46:84:9b:c5:1e:a2:ef:
3c:da:ae:e4:38:56:af:af:9d:bc:07:0f:5d:9c:42:
7e:0c:fe:02:0b:68:74:6e:c8:d1:f4:ba:1b:10:ff:
1b:9c:3e:54:80:a9:92:03:44:db:ee:a0:fb:66:b6:
81:21:81:92:73:ca:04:0b:7a:59:95:68:b7:73:e3:
de:d9:9b:4a:1b:11:8d:e8:16:ec:5a:1e:b8:d0:bb:
01:a5:25:d0:c1:ad:95:c1:d1:de:c7:cd:1f:b8:4d:
38:da:a6:38:34:29:ca:c8:51:1a:a0:c3:69:01:5f:
70:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:44:59:DA:01:BD:12:A7:E7:52:15:74:45:2E:B4:E9:E6:A7:0B:70
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/akRZ2gG9EqfnUhV0RS606eanC3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8cc0::/29
2a11:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:96:ef:52:d9:12:8a:71:71:ea:10:f9:8a:a4:4b:47:9e:58:
94:88:46:a1:cf:f4:17:e3:90:40:77:07:26:48:e7:df:7c:60:
42:fe:6c:fb:c2:50:29:ae:63:5d:6c:3e:66:92:d6:72:ce:b7:
24:88:ce:39:11:fd:10:fa:8c:c6:66:b7:ea:81:74:15:e9:fa:
6e:00:03:ae:df:7e:db:d0:4a:a7:fe:5e:c1:d9:00:11:ae:ec:
a7:43:76:e9:3f:ca:1f:68:d1:0f:25:2b:e5:89:09:ab:1e:50:
78:22:d4:ee:79:bc:56:25:fb:b6:ef:92:75:4a:7b:e8:3f:52:
66:3f:76:c3:b6:33:a3:12:4f:3a:73:9a:82:b3:31:b9:fe:1a:
29:5e:a4:bd:77:d1:e6:56:f1:5c:f7:d0:f7:0a:87:73:58:d8:
f0:2e:ff:9f:e3:37:7c:4a:5f:e8:3b:b8:d5:2c:9b:d2:2f:b3:
a8:b5:30:f0:11:da:ce:4f:3b:f2:03:40:29:2f:11:f6:17:90:
b0:22:0b:e4:12:9b:92:bc:32:48:75:38:14:c1:2c:5e:06:74:
59:72:91:7d:76:36:58:ce:61:3c:32:03:d3:be:56:3e:d7:3e:
20:f7:7e:e4:71:e3:c5:ed:2f:c8:db:a9:2e:ee:01:b1:b2:d4:
8a:72:52:42
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY7CvQmum4orR62uD9GN+EGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA5MTIwMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ0NTlkYTAxYmQxMmE3ZTc1MjE1NzQ0NTJlYjRlOWU2YTcwYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvrKZr+1aH6ncZLyyYIUGNZ5c2ze
PMgBYPYMYYeNyxUEeXCB+i4DT2twihNNo0pQjsdEDuMXm4flifwLu7GXdFnWQzyf
8boB0iOCcQBlw6nkwhqeJOQ1pIqCMyxAlqbp5zIVwlM3cBAihtRr38W2JtL/yDDz
t+MR+KeqcQWdgs+struPE49B0RZh0Jn2+0aEm8Ueou882q7kOFavr528Bw9dnEJ+
DP4CC2h0bsjR9LobEP8bnD5UgKmSA0Tb7qD7ZraBIYGSc8oEC3pZlWi3c+Pe2ZtK
GxGN6BbsWh640LsBpSXQwa2VwdHex80fuE042qY4NCnKyFEaoMNpAV9w9QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGpEWdoBvRKn51IVdEUutOnmpwtwMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYWtSWjJnRzlFcWZuVWhWMFJTNjA2ZWFuQzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg2MwAMF
AyoR6MAwDQYJKoZIhvcNAQELBQADggEBAFKW71LZEopxceoQ+YqkS0eeWJSIRqHP
9BfjkEB3ByZI5998YEL+bPvCUCmuY11sPmaS1nLOtySIzjkR/RD6jMZmt+qBdBXp
+m4AA67fftvQSqf+XsHZABGu7KdDduk/yh9o0Q8lK+WJCaseUHgi1O55vFYl+7bv
knVKe+g/UmY/dsO2M6MSTzpzmoKzMbn+GilepL130eZW8Vz30PcKh3NY2PAu/5/j
N3xKX+g7uNUsm9Ivs6i1MPAR2s5PO/IDQCkvEfYXkLAiC+QSm5K8Mkh1OBTBLF4G
dFlykX12NljOYTwyA9O+Vj7XPiD3fuRx48XtL8jbqS7uAbGy1IpyUkI=
-----END CERTIFICATE-----
Generated at Tue Apr 9 23:23:21 2024 by rpki-client on console-ams.rpki-client.org