Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/CBjHDNafG_sL9eZPeBUaLEkCysM.roa
File: CBjHDNafG_sL9eZPeBUaLEkCysM.roa (raw, json)
Hash identifier: D80AjiYs/wWsEDZEDsP81Rxk8UE2ZdBBzniP5A1m/r8=
Subject key identifier: 08:18:C7:0C:D6:9F:1B:FB:0B:F5:E6:4F:78:15:1A:2C:49:02:CA:C3
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 01857295AA9DDA1E8E36C84909F4C7423829
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/CBjHDNafG_sL9eZPeBUaLEkCysM.roa
Signing time: Mon 02 Jan 2023 13:04:49 +0000
ROA not before: Mon 02 Jan 2023 13:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204471
IP address blocks: 2a12:d8c1::/32 maxlen: 32
2a12:d8c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 May 2023 10:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:aa:9d:da:1e:8e:36:c8:49:09:f4:c7:42:38:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: Jan 2 13:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0818c70cd69f1bfb0bf5e64f78151a2c4902cac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:d3:3a:99:6b:30:6f:f9:06:2b:27:bd:b0:
02:5e:a3:ef:e7:b5:da:2d:ce:c6:86:c2:da:3e:58:
2c:e6:f3:9a:00:9c:19:4e:2e:8e:0f:c6:9b:4b:2a:
07:e2:17:de:64:f9:76:62:49:fd:63:7c:d6:ef:54:
50:d2:97:b8:bf:0c:e4:31:8a:76:61:e6:1f:8f:88:
91:b8:da:77:f3:03:15:d0:06:e6:15:90:b8:3d:66:
45:45:66:73:b2:80:12:42:6d:05:31:0a:3f:c8:f9:
2f:a3:33:5c:64:e4:e0:71:27:8f:26:a8:99:1d:6f:
65:91:78:14:95:92:04:16:7d:9c:ce:76:d0:d0:01:
86:78:fb:7f:45:a4:08:0f:ad:3b:c1:e4:09:fe:01:
dd:08:a2:46:19:8b:da:07:0b:3c:c5:8a:da:28:5b:
63:53:c3:03:d0:8d:4d:c5:cd:bd:6e:31:f4:a6:f5:
23:4c:f2:3f:4f:06:bf:86:4a:48:c3:3e:60:ee:69:
f7:b5:02:88:59:99:17:77:99:8d:ea:40:77:46:6a:
9e:de:d4:c3:0f:ca:8d:64:42:25:7d:58:2b:8e:fa:
68:1a:d4:1b:3c:3c:ee:14:34:6e:e9:a7:80:18:ad:
10:49:44:b9:73:00:ce:c0:ce:79:48:54:48:0d:30:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:18:C7:0C:D6:9F:1B:FB:0B:F5:E6:4F:78:15:1A:2C:49:02:CA:C3
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/CBjHDNafG_sL9eZPeBUaLEkCysM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d8c0::/31
Signature Algorithm: sha256WithRSAEncryption
88:6c:13:02:30:ad:1d:53:f9:55:d9:16:e3:62:ba:1d:9d:32:
a8:fa:82:46:f9:fc:f6:a6:7d:13:2d:cf:5e:85:41:08:62:cc:
53:9a:2a:30:e0:27:bd:59:50:90:22:8d:da:c1:b9:d2:60:cd:
0e:01:97:7d:d4:7e:ed:cf:ba:e7:42:1d:c8:14:3c:e2:ab:a2:
65:9d:ca:72:d2:b5:d5:19:fb:ee:00:04:23:03:95:41:2f:3b:
a5:40:66:72:a5:58:42:93:f5:e0:fa:a9:6a:db:9f:59:6d:6d:
2c:24:68:aa:8a:cb:25:11:a9:cd:b4:7f:ab:88:d5:b6:b1:f9:
0c:33:e3:66:54:99:46:13:7a:59:8e:8a:4b:cf:80:2d:f2:a6:
6d:fa:38:23:5d:95:f4:2a:ce:41:de:c6:8b:99:fc:16:d7:82:
b7:af:67:8b:fb:a9:9a:42:a5:2a:61:60:f5:18:7d:cb:c1:24:
ad:cb:d9:0f:8a:e2:2d:3d:71:39:d3:23:ee:d4:96:f1:9a:65:
0e:4d:1f:d7:56:78:34:e8:db:c9:83:e0:47:86:77:7d:7a:7f:
a8:41:54:b8:4e:77:4f:c3:58:ae:80:b7:a3:71:81:ad:4e:f2:
27:d4:06:c0:1c:f5:b7:e3:3a:d7:68:15:0b:e6:d8:09:a0:05:
6f:7c:da:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVylaqd2h6ONshJCfTHQjgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjMwMTAyMTMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE4YzcwY2Q2OWYxYmZiMGJmNWU2NGY3ODE1MWEyYzQ5MDJjYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIfTOplrMG/5BisnvbACXqPv57Xa
Lc7GhsLaPlgs5vOaAJwZTi6OD8abSyoH4hfeZPl2Ykn9Y3zW71RQ0pe4vwzkMYp2
YeYfj4iRuNp38wMV0AbmFZC4PWZFRWZzsoASQm0FMQo/yPkvozNcZOTgcSePJqiZ
HW9lkXgUlZIEFn2cznbQ0AGGePt/RaQID607weQJ/gHdCKJGGYvaBws8xYraKFtj
U8MD0I1Nxc29bjH0pvUjTPI/Twa/hkpIwz5g7mn3tQKIWZkXd5mN6kB3Rmqe3tTD
D8qNZEIlfVgrjvpoGtQbPDzuFDRu6aeAGK0QSUS5cwDOwM55SFRIDTCdzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAgYxwzWnxv7C/XmT3gVGixJAsrDMB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvQ0JqSEROYWZHX3NMOWVaUGVCVWFMRWtDeXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhLYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAiGwTAjCtHVP5VdkW42K6HZ0yqPqCRvn89qZ9Ey3P
XoVBCGLMU5oqMOAnvVlQkCKN2sG50mDNDgGXfdR+7c+650IdyBQ84quiZZ3KctK1
1Rn77gAEIwOVQS87pUBmcqVYQpP14PqpatufWW1tLCRoqorLJRGpzbR/q4jVtrH5
DDPjZlSZRhN6WY6KS8+ALfKmbfo4I12V9CrOQd7Gi5n8FteCt69ni/upmkKlKmFg
9Rh9y8EkrcvZD4riLT1xOdMj7tSW8ZplDk0f11Z4NOjbyYPgR4Z3fXp/qEFUuE53
T8NYroC3o3GBrU7yJ9QGwBz1t+M612gVC+bYCaAFb3zarA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:16 2024 by rpki-client on console-fra.rpki-client.org