Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BW83An4TeEi8f2qxIIXM7_gQtg.roa
File: 8BW83An4TeEi8f2qxIIXM7_gQtg.roa (raw, json)
Hash identifier: ejSUanOcM1Z7oThmdruDH2mKFVPu2q2V5q116FibcD4=
Subject key identifier: F0:15:BC:DC:09:F8:4D:E1:22:F1:FD:AA:C4:82:17:33:BF:E0:42:D8
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018B7FD9E9E83FC0D929AD821F7DD5A50AB5
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BW83An4TeEi8f2qxIIXM7_gQtg.roa
Signing time: Mon 30 Oct 2023 09:11:09 +0000
ROA not before: Mon 30 Oct 2023 09:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210107
IP address blocks: 2a06:e902::/32 maxlen: 32
2a06:e900::/32 maxlen: 32
2a06:e906::/32 maxlen: 32
2a06:e901::/32 maxlen: 32
2a06:e905::/32 maxlen: 32
2a06:e903::/32 maxlen: 32
2a06:e907::/32 maxlen: 32
2a06:e904::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:d9:e9:e8:3f:c0:d9:29:ad:82:1f:7d:d5:a5:0a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Oct 30 09:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f015bcdc09f84de122f1fdaac4821733bfe042d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:45:76:ba:15:d8:0c:e9:3f:2b:51:36:5b:3f:
a2:d4:0a:6a:a6:2d:6e:44:e5:13:b7:ab:db:8c:de:
21:e7:67:3b:02:a6:1a:7f:e1:3a:e0:56:24:67:ce:
a2:1c:f3:72:50:2a:4e:f7:f7:d7:aa:46:f3:cc:5c:
6a:98:9e:1b:95:d8:fa:e0:3d:c7:f3:fb:0e:32:e2:
11:54:50:f0:96:0b:b5:bd:97:58:b0:c1:e9:c5:4c:
f0:0c:21:66:f2:ab:2b:22:06:41:94:a8:56:6c:2e:
ea:0a:bc:f4:72:dc:da:9f:e6:82:77:c7:b5:d7:f1:
24:fb:2c:bf:cf:65:a8:ab:9b:b4:70:ef:26:6b:72:
4d:11:c3:10:d6:7c:bc:32:e6:2a:fb:dc:2c:79:03:
6d:f6:37:37:5b:61:a5:1f:ea:fd:3a:c7:9b:75:14:
91:54:16:4c:e1:99:46:72:5a:66:84:61:fe:7f:5b:
84:5a:38:ab:f7:05:1a:da:e4:91:97:bb:ce:1d:28:
2e:15:88:d3:36:e1:3c:94:8f:8a:87:f1:c2:38:35:
31:b2:ff:a6:d0:e1:5b:5b:b3:69:94:94:2b:52:d3:
3a:c4:fc:6b:a1:c0:83:02:f6:91:85:34:bd:a2:51:
46:59:8c:8b:e1:94:ea:69:ce:1e:be:11:7f:66:8b:
62:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:15:BC:DC:09:F8:4D:E1:22:F1:FD:AA:C4:82:17:33:BF:E0:42:D8
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/8BW83An4TeEi8f2qxIIXM7_gQtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e900::/29
Signature Algorithm: sha256WithRSAEncryption
17:77:0e:9a:e9:d4:e9:c1:ae:8d:9f:2e:66:46:32:eb:b0:f9:
9b:04:1e:4a:8b:65:cb:c0:ec:14:8d:46:f3:a9:52:8e:5b:aa:
29:e6:a4:a7:46:0d:e0:15:fa:71:7e:03:f3:ad:0e:a1:e8:40:
5d:e3:ed:ea:c7:6f:e8:bb:d7:ca:74:a5:f6:b6:b6:6d:8e:41:
fc:74:5c:74:68:db:37:ea:7b:e9:cf:f0:29:f5:69:88:ad:64:
81:3a:29:50:88:f3:b6:1b:c3:ba:53:a8:39:34:52:e8:5b:be:
6b:ae:e7:88:5b:31:f7:df:20:fa:b4:26:29:3e:29:af:58:78:
6c:55:63:10:e5:76:ff:8f:29:0c:8a:e7:fa:86:27:dc:30:91:
ee:99:5e:90:43:e4:2e:86:c5:3b:e8:18:08:5a:22:22:39:83:
29:7f:81:3e:38:ce:48:e6:4d:51:e1:50:16:7e:60:08:36:11:
d3:58:24:dc:ec:40:c3:1c:94:ec:92:94:ce:fb:49:df:ef:fb:
e8:74:07:50:18:05:ef:09:38:d7:5c:dd:ce:b2:47:62:78:25:
4f:3a:b1:d5:9a:cb:c2:1f:47:fd:3f:94:d3:08:43:90:db:f3:
3a:58:7e:81:b6:23:c7:44:0c:84:71:4e:7c:bd:c6:25:37:43:
70:e6:b8:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYt/2enoP8DZKa2CH33VpQq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjMxMDMwMDkxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE1YmNkYzA5Zjg0ZGUxMjJmMWZkYWFjNDgyMTczM2JmZTA0MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70V2uhXYDOk/K1E2Wz+i1Apqpi1u
ROUTt6vbjN4h52c7AqYaf+E64FYkZ86iHPNyUCpO9/fXqkbzzFxqmJ4bldj64D3H
8/sOMuIRVFDwlgu1vZdYsMHpxUzwDCFm8qsrIgZBlKhWbC7qCrz0ctzan+aCd8e1
1/Ek+yy/z2Woq5u0cO8ma3JNEcMQ1ny8MuYq+9wseQNt9jc3W2GlH+r9OsebdRSR
VBZM4ZlGclpmhGH+f1uEWjir9wUa2uSRl7vOHSguFYjTNuE8lI+Kh/HCODUxsv+m
0OFbW7NplJQrUtM6xPxrocCDAvaRhTS9olFGWYyL4ZTqac4evhF/ZotiPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPAVvNwJ+E3hIvH9qsSCFzO/4ELYMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvOEJXODNBbjRUZUVpOGYycXhJSVhNN19nUXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbpADAN
BgkqhkiG9w0BAQsFAAOCAQEAF3cOmunU6cGujZ8uZkYy67D5mwQeSotly8DsFI1G
86lSjluqKeakp0YN4BX6cX4D860OoehAXePt6sdv6LvXynSl9ra2bY5B/HRcdGjb
N+p76c/wKfVpiK1kgTopUIjzthvDulOoOTRS6Fu+a67niFsx998g+rQmKT4pr1h4
bFVjEOV2/48pDIrn+oYn3DCR7plekEPkLobFO+gYCFoiIjmDKX+BPjjOSOZNUeFQ
Fn5gCDYR01gk3OxAwxyU7JKUzvtJ3+/76HQHUBgF7wk411zdzrJHYnglTzqx1ZrL
wh9H/T+U0whDkNvzOlh+gbYjx0QMhHFOfL3GJTdDcOa4cQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:44 2024 by rpki-client on console-fra.rpki-client.org