Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/0y4SGCKNWlX4Lwv425QZsytyod8.roa
File: 0y4SGCKNWlX4Lwv425QZsytyod8.roa (raw, json)
Hash identifier: OaWDT0Utk0fohgxb23BxPLkqUK0eNkzDkFtWdThAkOI=
Subject key identifier: D3:2E:12:18:22:8D:5A:55:F8:2F:0B:F8:DB:94:19:B3:2B:72:A1:DF
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 0189D5A5C7D7381500FA47821F2C4E4FF069
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/0y4SGCKNWlX4Lwv425QZsytyod8.roa
Signing time: Tue 08 Aug 2023 14:55:58 +0000
ROA not before: Tue 08 Aug 2023 14:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c2::/32 maxlen: 32
2a13:82c0::/32 maxlen: 32
2a13:82c3::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Aug 2023 09:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:a5:c7:d7:38:15:00:fa:47:82:1f:2c:4e:4f:f0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: Aug 8 14:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d32e1218228d5a55f82f0bf8db9419b32b72a1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cd:c9:b8:a1:bd:a8:3b:2e:8e:ae:94:f1:f3:
97:0a:5f:1f:0b:21:9e:10:a6:65:b5:c5:92:01:21:
16:55:a1:1a:d9:94:1b:f5:ec:97:2c:95:a1:66:df:
28:e2:3d:18:cf:0f:1d:fe:ff:fe:5f:61:ac:8f:c7:
f0:b1:f7:ce:0f:54:e7:b2:7e:37:04:e2:61:af:21:
a2:bd:ca:18:e0:70:cf:67:6c:f4:22:7a:ea:04:03:
2e:79:a6:6f:f2:01:fb:4c:cb:83:d2:df:a0:7b:7c:
25:9c:b1:3a:27:bc:ab:13:4c:28:81:93:bc:e8:56:
2d:88:19:3d:77:55:eb:ac:9e:c3:5c:3e:93:f0:0c:
b6:63:9e:14:86:c1:99:2e:af:a4:75:f4:9d:03:55:
a3:2b:de:d2:97:f6:fc:37:ad:8f:af:2c:5c:3b:56:
7e:e8:fa:a9:57:d1:14:db:03:de:88:a6:5a:e0:8d:
f1:56:db:cf:82:dc:78:04:0a:4c:8f:c6:3f:fb:e3:
ca:c1:fe:e5:43:df:55:70:c2:0e:7b:70:9f:07:ae:
7c:79:ec:cc:80:8e:95:bb:86:c8:b8:33:4c:56:49:
a7:b5:ba:59:9b:4e:26:e9:cd:f9:31:25:f0:5c:bd:
17:c3:85:e5:74:70:89:22:9b:e5:b9:16:b6:d5:96:
b7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2E:12:18:22:8D:5A:55:F8:2F:0B:F8:DB:94:19:B3:2B:72:A1:DF
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/0y4SGCKNWlX4Lwv425QZsytyod8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::/30
Signature Algorithm: sha256WithRSAEncryption
04:f4:15:2a:02:a5:b8:49:96:70:20:62:f8:40:3d:28:4d:3b:
a4:b9:5e:85:51:49:18:61:fa:81:aa:ad:d5:7d:78:1a:b5:c0:
82:32:f1:9a:e4:4f:5f:ac:f9:4a:8d:c1:06:22:e8:e1:ac:89:
e7:b7:3a:e8:a7:95:71:43:d3:02:47:86:15:17:93:c8:54:d7:
c8:08:64:af:21:66:42:2e:97:1a:f6:b7:74:08:99:45:6a:e1:
5a:14:b2:b7:9b:7c:ab:ab:ee:97:77:6d:a3:91:04:7c:a4:d0:
e9:36:84:8d:15:0e:ab:0c:57:36:0e:47:82:9e:e6:ec:86:ea:
69:1a:a3:aa:6e:56:45:4a:d8:7a:71:29:59:3b:f2:8b:5d:46:
ee:72:d8:a5:ca:71:df:8e:97:a5:6d:94:58:ec:cf:54:92:39:
48:32:5f:43:5f:4c:9f:4f:b3:92:80:34:40:7a:ad:ec:c8:39:
65:36:14:c2:e6:fd:2f:ff:e7:d5:a7:70:0a:75:4a:d0:b1:bf:
d8:dd:dd:43:cc:e7:44:00:4b:41:0a:0c:07:77:17:00:dd:66:
5d:ec:c1:85:35:80:16:83:49:e0:d6:e6:63:db:3d:49:cb:f1:
ad:50:ad:0a:46:f1:08:21:5f:08:60:46:86:72:45:b6:e6:de:
16:a4:0f:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYnVpcfXOBUA+keCHyxOT/BpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjMwODA4MTQ1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJlMTIxODIyOGQ1YTU1ZjgyZjBiZjhkYjk0MTliMzJiNzJhMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg83JuKG9qDsujq6U8fOXCl8fCyGe
EKZltcWSASEWVaEa2ZQb9eyXLJWhZt8o4j0Yzw8d/v/+X2Gsj8fwsffOD1Tnsn43
BOJhryGivcoY4HDPZ2z0InrqBAMueaZv8gH7TMuD0t+ge3wlnLE6J7yrE0wogZO8
6FYtiBk9d1XrrJ7DXD6T8Ay2Y54UhsGZLq+kdfSdA1WjK97Sl/b8N62PryxcO1Z+
6PqpV9EU2wPeiKZa4I3xVtvPgtx4BApMj8Y/++PKwf7lQ99VcMIOe3CfB658eezM
gI6Vu4bIuDNMVkmntbpZm04m6c35MSXwXL0Xw4XldHCJIpvluRa21Za31QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNMuEhgijVpV+C8L+NuUGbMrcqHfMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvMHk0U0dDS05XbFg0THd2NDI1UVpzeXR5b2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhOCwDAN
BgkqhkiG9w0BAQsFAAOCAQEABPQVKgKluEmWcCBi+EA9KE07pLlehVFJGGH6gaqt
1X14GrXAgjLxmuRPX6z5So3BBiLo4ayJ57c66KeVcUPTAkeGFReTyFTXyAhkryFm
Qi6XGva3dAiZRWrhWhSyt5t8q6vul3dto5EEfKTQ6TaEjRUOqwxXNg5Hgp7m7Ibq
aRqjqm5WRUrYenEpWTvyi11G7nLYpcpx346XpW2UWOzPVJI5SDJfQ19Mn0+zkoA0
QHqt7Mg5ZTYUwub9L//n1adwCnVK0LG/2N3dQ8znRABLQQoMB3cXAN1mXezBhTWA
FoNJ4NbmY9s9ScvxrVCtCkbxCCFfCGBGhnJFtubeFqQPPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org