Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/8h7akv9vN0PDKxOCDr8GSEzx2qc.roa
File: 8h7akv9vN0PDKxOCDr8GSEzx2qc.roa (raw, json)
Hash identifier: ol52aK89Uy7blVMicDXogVsv+TXsd03ifyqHPI6X/58=
Subject key identifier: F2:1E:DA:92:FF:6F:37:43:C3:2B:13:82:0E:BF:06:48:4C:F1:DA:A7
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 018AA930EB601307E9E35F685D95008E23C8
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/8h7akv9vN0PDKxOCDr8GSEzx2qc.roa
Signing time: Mon 18 Sep 2023 16:47:50 +0000
ROA not before: Mon 18 Sep 2023 16:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47526
IP address blocks: 2a13:ccc0::/29 maxlen: 29
2a13:ccc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Dec 2023 11:59:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a9:30:eb:60:13:07:e9:e3:5f:68:5d:95:00:8e:23:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Sep 18 16:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21eda92ff6f3743c32b13820ebf06484cf1daa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f0:e3:ab:9f:a3:4f:69:b0:b2:24:be:37:05:
3a:60:f4:2e:ad:19:30:7f:bf:ac:ad:29:aa:4a:4f:
90:b6:d6:f8:f0:ea:a4:5c:7d:95:de:21:fb:49:ad:
5f:22:c6:0e:15:87:91:99:fb:9d:83:e9:00:c8:9c:
be:f5:30:67:81:0e:a7:62:91:ac:04:ce:04:47:bb:
62:a9:1a:72:35:70:b8:7d:91:ab:db:eb:08:e5:d8:
be:0a:1c:81:6b:e7:1e:b8:92:9b:af:d5:12:a3:ad:
b9:fb:0f:71:6f:15:17:ec:d9:3d:d4:38:8e:21:8d:
37:4a:47:70:47:77:2a:9f:50:2d:89:b3:f5:73:ca:
a8:8e:7c:da:6d:36:ed:00:a1:c3:f0:7e:bd:74:88:
ca:5b:ad:35:af:08:ee:05:52:b4:73:4e:e1:61:dc:
5f:0a:c6:08:48:e6:97:3c:b2:95:9c:e4:04:39:4c:
2c:47:15:2c:e4:a6:77:dc:82:86:c1:0c:6f:4f:f7:
56:aa:f9:e2:68:b4:df:90:c3:10:75:5f:fc:f3:73:
b7:7d:e2:98:aa:9b:a0:9a:e8:20:6b:74:38:97:f7:
8c:2d:99:e5:4b:cf:93:9e:66:a9:df:1d:3d:a7:1f:
65:0a:5a:b9:e6:36:21:46:5e:d0:dd:f2:1b:34:3f:
5a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1E:DA:92:FF:6F:37:43:C3:2B:13:82:0E:BF:06:48:4C:F1:DA:A7
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/8h7akv9vN0PDKxOCDr8GSEzx2qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
72:d1:0e:5a:fa:9d:20:9b:d8:50:a7:e1:9e:dd:88:01:28:13:
db:10:9d:7f:0d:94:cc:9a:87:0a:10:b4:b2:19:3d:bb:e9:9c:
54:3a:2c:f1:ff:ed:7f:87:4d:9b:bb:cb:c2:65:e4:d2:01:d9:
2c:73:2e:97:6a:e6:52:3f:00:0e:a6:61:d0:db:27:44:14:d5:
91:c8:54:a2:4d:e6:6a:fa:2d:ca:ec:41:78:66:25:75:4f:89:
ec:af:2d:03:c6:6f:57:44:4b:28:7e:01:8e:a0:2a:54:e9:34:
9f:61:a0:f6:02:39:e1:68:db:ce:c2:bb:33:bd:65:44:b7:a7:
18:42:6e:c9:d4:d5:f9:39:4b:f3:12:23:70:47:2d:79:c9:fe:
50:83:57:6d:d2:1b:7b:0e:e0:a3:dd:a5:d0:4b:a9:86:ca:cf:
98:88:41:b7:de:9c:56:fa:a9:e0:c6:f2:6f:d7:2b:cd:3d:f2:
0a:d8:03:2f:a6:81:4f:94:8b:ce:ad:d3:b2:b9:b3:d1:eb:b2:
29:09:05:60:6f:b6:2c:b7:73:bf:7a:22:19:44:be:d1:b0:7b:
a0:a5:d9:7e:0e:a7:ff:8a:ae:f1:4b:3d:63:bc:02:2c:b9:e6:
92:ee:53:47:2a:43:ff:c2:52:c5:43:30:fb:70:97:0d:96:79:
a4:22:4f:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqpMOtgEwfp419oXZUAjiPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjMwOTE4MTY0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFlZGE5MmZmNmYzNzQzYzMyYjEzODIwZWJmMDY0ODRjZjFkYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPDjq5+jT2mwsiS+NwU6YPQurRkw
f7+srSmqSk+Qttb48OqkXH2V3iH7Sa1fIsYOFYeRmfudg+kAyJy+9TBngQ6nYpGs
BM4ER7tiqRpyNXC4fZGr2+sI5di+ChyBa+ceuJKbr9USo625+w9xbxUX7Nk91DiO
IY03SkdwR3cqn1AtibP1c8qojnzabTbtAKHD8H69dIjKW601rwjuBVK0c07hYdxf
CsYISOaXPLKVnOQEOUwsRxUs5KZ33IKGwQxvT/dWqvniaLTfkMMQdV/883O3feKY
qpugmugga3Q4l/eMLZnlS8+Tnmap3x09px9lClq55jYhRl7Q3fIbND9aJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPIe2pL/bzdDwysTgg6/BkhM8dqnMB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvOGg3YWt2OXZOMFBES3hPQ0RyOEdTRXp4MnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPMwDAN
BgkqhkiG9w0BAQsFAAOCAQEActEOWvqdIJvYUKfhnt2IASgT2xCdfw2UzJqHChC0
shk9u+mcVDos8f/tf4dNm7vLwmXk0gHZLHMul2rmUj8ADqZh0NsnRBTVkchUok3m
avotyuxBeGYldU+J7K8tA8ZvV0RLKH4BjqAqVOk0n2Gg9gI54WjbzsK7M71lRLen
GEJuydTV+TlL8xIjcEctecn+UINXbdIbew7go92l0EuphsrPmIhBt96cVvqp4Mby
b9crzT3yCtgDL6aBT5SLzq3Tsrmz0euyKQkFYG+2LLdzv3oiGUS+0bB7oKXZfg6n
/4qu8Us9Y7wCLLnmku5TRypD/8JSxUMw+3CXDZZ5pCJPbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:32 2024 by rpki-client on console-ams.rpki-client.org