Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/f7aXZmO3G6KUdlSs7BQrG3olHGI.roa
File: f7aXZmO3G6KUdlSs7BQrG3olHGI.roa (raw, json)
Hash identifier: NnLgYINqM0ZKlAxwMr7LX8QUsxIEB1Uv22cdCKmlAZI=
Subject key identifier: 7F:B6:97:66:63:B7:1B:A2:94:76:54:AC:EC:14:2B:1B:7A:25:1C:62
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 018B039C19B62908FDF123F611BA775AAB9A
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/f7aXZmO3G6KUdlSs7BQrG3olHGI.roa
Signing time: Fri 06 Oct 2023 06:10:43 +0000
ROA not before: Fri 06 Oct 2023 06:10:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:3040:50::/48 maxlen: 48
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:43:ff00::/56 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:9c:19:b6:29:08:fd:f1:23:f6:11:ba:77:5a:ab:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Oct 6 06:10:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fb6976663b71ba2947654acec142b1b7a251c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ea:67:11:8b:6d:2e:cb:c0:93:0f:f2:ef:01:
a4:f3:8e:ac:79:c2:79:38:c4:ce:06:66:50:23:0f:
d6:91:c4:a5:32:de:2c:1d:f6:90:c8:bb:59:df:44:
41:f3:3e:38:3d:7f:e7:3d:4e:7a:d5:06:47:39:dd:
61:52:2b:14:8b:71:01:0a:56:5e:dc:36:07:6d:6b:
05:ae:58:68:a7:4a:2f:f7:d9:ce:ac:cf:18:28:75:
5a:d4:27:94:9f:d6:d3:81:91:29:96:14:71:de:0e:
33:b1:92:99:c1:d8:01:26:d3:c7:a4:2a:b9:c2:56:
bf:9e:f8:74:30:a1:6f:7a:26:bd:23:b7:d6:09:b6:
4c:61:66:f6:a8:87:49:9a:03:16:b7:71:aa:82:76:
ef:77:ec:eb:c4:73:02:13:46:b6:0f:e2:5a:86:32:
c5:14:d5:2e:88:52:c5:53:d9:46:ff:3b:f9:c6:8b:
4c:4f:c2:ef:63:25:2b:a4:53:39:b1:b3:21:ed:29:
14:db:05:35:38:7d:69:c9:fa:9c:6e:d7:33:f1:4d:
c6:3f:f4:b3:5f:a7:5c:29:b5:e8:60:d5:aa:27:6d:
b7:73:45:3f:7f:9e:e2:1a:20:2b:ca:b9:81:40:de:
12:fe:32:ae:a9:c2:c1:b7:81:91:be:05:b5:b4:fc:
87:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B6:97:66:63:B7:1B:A2:94:76:54:AC:EC:14:2B:1B:7A:25:1C:62
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/f7aXZmO3G6KUdlSs7BQrG3olHGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4e::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:50::/48
Signature Algorithm: sha256WithRSAEncryption
29:34:bf:06:a8:af:2d:b2:29:11:21:fa:f5:b2:f3:40:7f:f6:
3b:e3:50:5b:f3:a2:d7:69:3f:01:f2:d7:cb:97:5d:13:4a:3f:
c4:46:fa:d4:2a:b6:ab:a3:2c:6d:25:94:2a:cb:8b:75:54:50:
85:0d:04:b2:ea:bb:95:1b:1e:cb:f3:aa:e3:58:7c:8a:3b:62:
c5:76:1d:17:51:f2:84:b1:98:49:60:92:5d:e5:09:11:7f:54:
cc:50:6c:53:81:46:86:9c:4d:de:ac:b9:51:86:90:43:7f:6e:
71:cc:e2:a4:7a:17:c9:ef:b6:ea:14:6e:db:c5:29:07:fb:15:
0b:dc:fa:a1:98:21:65:00:df:be:4f:8f:ad:18:05:31:95:e2:
95:b1:0e:14:81:93:fb:33:ba:4d:0c:12:6d:17:ec:58:e5:bc:
43:b5:45:e4:97:ca:47:4a:78:ff:d7:99:bd:39:00:ef:13:de:
67:c3:17:72:8f:32:59:1f:fb:de:fe:9f:65:a0:91:2a:85:2e:
44:f9:2e:5c:7b:cc:ee:e3:bc:82:5e:46:6e:e4:88:3b:3c:b5:
8e:0a:9b:61:7d:f6:7f:97:3e:e3:8e:66:01:44:01:08:2f:2f:
24:24:94:92:e8:ef:62:56:7b:a9:99:a9:87:6a:56:a0:b5:60:
3d:c5:b2:e2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYsDnBm2KQj98SP2Ebp3WquaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjMxMDA2MDYxMDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmI2OTc2NjYzYjcxYmEyOTQ3NjU0YWNlYzE0MmIxYjdhMjUxYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+pnEYttLsvAkw/y7wGk846secJ5
OMTOBmZQIw/WkcSlMt4sHfaQyLtZ30RB8z44PX/nPU561QZHOd1hUisUi3EBClZe
3DYHbWsFrlhop0ov99nOrM8YKHVa1CeUn9bTgZEplhRx3g4zsZKZwdgBJtPHpCq5
wla/nvh0MKFveia9I7fWCbZMYWb2qIdJmgMWt3Gqgnbvd+zrxHMCE0a2D+JahjLF
FNUuiFLFU9lG/zv5xotMT8LvYyUrpFM5sbMh7SkU2wU1OH1pyfqcbtcz8U3GP/Sz
X6dcKbXoYNWqJ223c0U/f57iGiAryrmBQN4S/jKuqcLBt4GRvgW1tPyHewIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFH+2l2ZjtxuilHZUrOwUKxt6JRxiMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvZjdhWFptTzNHNktVZGxTczdCUXJHM29sSEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwgAKgIwQABD
/zATAwcBKgIwQABOAwgGKgIwQABPAAMHACoCMEAAUDANBgkqhkiG9w0BAQsFAAOC
AQEAKTS/BqivLbIpESH69bLzQH/2O+NQW/Oi12k/AfLXy5ddE0o/xEb61Cq2q6Ms
bSWUKsuLdVRQhQ0Esuq7lRsey/Oq41h8ijtixXYdF1HyhLGYSWCSXeUJEX9UzFBs
U4FGhpxN3qy5UYaQQ39ucczipHoXye+26hRu28UpB/sVC9z6oZghZQDfvk+PrRgF
MZXilbEOFIGT+zO6TQwSbRfsWOW8Q7VF5JfKR0p4/9eZvTkA7xPeZ8MXco8yWR/7
3v6fZaCRKoUuRPkuXHvM7uO8gl5GbuSIOzy1jgqbYX32f5c+445mAUQBCC8vJCSU
kujvYlZ7qZmph2pWoLVgPcWy4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org