Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xF4Ds5rBh5kw1SScPtjcPg95hW4.roa
File: xF4Ds5rBh5kw1SScPtjcPg95hW4.roa (raw, json)
Hash identifier: gGvQ3sApzkfgysIGLYmT6pmvthERi4hCairTrXRY98A=
Subject key identifier: C4:5E:03:B3:9A:C1:87:99:30:D5:24:9C:3E:D8:DC:3E:0F:79:85:6E
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018CC5DD1FBF4FE7B7B269776D59412193F8
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xF4Ds5rBh5kw1SScPtjcPg95hW4.roa
Signing time: Mon 01 Jan 2024 16:30:52 +0000
ROA not before: Mon 01 Jan 2024 16:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47596
IP address blocks: 2a11:8480::/32 maxlen: 32
2a0a:2e82::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:20:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:1f:bf:4f:e7:b7:b2:69:77:6d:59:41:21:93:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Jan 1 16:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c45e03b39ac1879930d5249c3ed8dc3e0f79856e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:81:e4:b7:fe:fc:f1:ed:fa:69:98:9b:c1:
75:64:2e:98:91:18:c0:ce:52:ad:07:b8:71:e8:a1:
f5:7b:08:93:d7:62:b4:d0:46:51:a8:b1:8d:0e:64:
c0:c2:9a:fd:03:a6:1e:b8:bf:51:63:76:a6:5f:32:
b4:40:f3:53:37:bd:d2:10:60:ab:8d:2c:52:33:cf:
13:66:97:50:66:4b:4e:42:86:37:f8:0e:b9:fc:2e:
7d:1f:64:df:fa:a7:1d:ef:dc:a8:f7:83:30:e4:30:
ae:bf:a9:bf:47:0b:b8:c3:6a:de:3b:f6:da:07:85:
25:7c:48:c9:33:6b:44:8c:a9:11:5b:4d:4e:90:d4:
28:aa:c8:aa:3f:fd:57:e5:70:ea:85:43:06:b7:00:
7f:a9:02:0b:a6:fc:10:ec:81:38:ef:28:f9:9a:81:
22:10:d0:3b:71:10:27:c0:09:12:d3:0f:18:9a:94:
7f:9f:5f:c2:ab:0c:95:53:d7:ed:c5:5f:06:31:9d:
52:19:71:b8:96:49:35:f7:44:3a:62:f8:fc:bc:d4:
22:55:db:57:ff:17:6e:f7:99:b0:33:2a:ac:e0:c0:
62:a4:ab:29:70:9c:2b:7d:1b:99:81:41:bb:99:d1:
00:d6:0d:4f:67:8d:52:30:f6:35:42:3f:b9:e2:1a:
1f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5E:03:B3:9A:C1:87:99:30:D5:24:9C:3E:D8:DC:3E:0F:79:85:6E
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/xF4Ds5rBh5kw1SScPtjcPg95hW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2e82::/32
2a11:8480::/32
Signature Algorithm: sha256WithRSAEncryption
6d:02:dd:c0:1e:2d:f6:f8:0e:d1:16:59:5a:c5:d6:87:b1:b6:
43:36:13:8c:4a:f8:7a:6a:21:19:7f:a5:05:61:05:a4:2f:7c:
cb:12:51:d4:d6:fc:ad:83:8f:26:a3:da:22:dd:b3:48:8a:19:
f6:21:99:10:af:b1:47:be:5b:28:36:ff:8f:33:45:1c:1b:b1:
0f:02:6c:0b:a9:3e:98:5f:1b:0d:2c:51:cf:e6:8d:d4:cb:87:
2e:ed:29:e1:74:9b:e8:75:57:45:1a:69:37:9d:39:d6:50:55:
a8:69:64:00:06:b8:d5:5d:cd:f4:90:57:fa:30:c1:b8:d0:29:
8b:08:4d:94:bd:5c:8f:18:fc:e4:b2:b6:1b:26:94:b7:f2:18:
a1:42:60:25:05:37:0f:92:5c:a5:33:e5:80:12:3b:f2:05:24:
35:80:e2:97:f4:61:b2:5e:76:f5:70:89:fd:26:cd:48:63:c0:
df:db:14:d2:63:ea:0a:d8:1e:3a:e0:58:e7:92:ae:89:ba:c3:
1d:19:3c:a1:43:f3:02:07:7b:c0:22:b8:03:75:c5:e0:db:9a:
7e:69:1f:9e:c7:75:4b:b7:47:df:7b:97:8e:a5:5b:4e:b2:ca:
7f:91:4f:35:7a:76:3a:8b:33:91:75:5f:c2:66:f3:4f:aa:a4:
d1:28:77:83
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzF3R+/T+e3sml3bVlBIZP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjQwMTAxMTYzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVlMDNiMzlhYzE4Nzk5MzBkNTI0OWMzZWQ4ZGMzZTBmNzk4NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkOB5Lf+/PHt+mmYm8F1ZC6YkRjA
zlKtB7hx6KH1ewiT12K00EZRqLGNDmTAwpr9A6YeuL9RY3amXzK0QPNTN73SEGCr
jSxSM88TZpdQZktOQoY3+A65/C59H2Tf+qcd79yo94Mw5DCuv6m/Rwu4w2reO/ba
B4UlfEjJM2tEjKkRW01OkNQoqsiqP/1X5XDqhUMGtwB/qQILpvwQ7IE47yj5moEi
ENA7cRAnwAkS0w8YmpR/n1/CqwyVU9ftxV8GMZ1SGXG4lkk190Q6Yvj8vNQiVdtX
/xdu95mwMyqs4MBipKspcJwrfRuZgUG7mdEA1g1PZ41SMPY1Qj+54hofAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMReA7OawYeZMNUknD7Y3D4PeYVuMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEveEY0RHM1ckJoNWt3MVNTY1B0amNQZzk1aFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgouggMF
ACoRhIAwDQYJKoZIhvcNAQELBQADggEBAG0C3cAeLfb4DtEWWVrF1oextkM2E4xK
+HpqIRl/pQVhBaQvfMsSUdTW/K2Djyaj2iLds0iKGfYhmRCvsUe+Wyg2/48zRRwb
sQ8CbAupPphfGw0sUc/mjdTLhy7tKeF0m+h1V0UaaTedOdZQVahpZAAGuNVdzfSQ
V/owwbjQKYsITZS9XI8Y/OSythsmlLfyGKFCYCUFNw+SXKUz5YASO/IFJDWA4pf0
YbJedvVwif0mzUhjwN/bFNJj6grYHjrgWOeSrom6wx0ZPKFD8wIHe8AiuAN1xeDb
mn5pH57HdUu3R997l46lW06yyn+RTzV6djqLM5F1X8Jm80+qpNEod4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:06 2024 by rpki-client on console-fra.rpki-client.org