Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/7YjKBWsJllWHctfwd4VNGN_Svc0.roa
File: 7YjKBWsJllWHctfwd4VNGN_Svc0.roa (raw, json)
Hash identifier: RYzjqjEmpfydMBNZxL06n1Jy/+6eC6zYIAa/kEqFqgE=
Subject key identifier: ED:88:CA:05:6B:09:96:55:87:72:D7:F0:77:85:4D:18:DF:D2:BD:CD
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 018BFC14C7611422716D9BF027C4CA4C2D41
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/7YjKBWsJllWHctfwd4VNGN_Svc0.roa
Signing time: Thu 23 Nov 2023 12:08:22 +0000
ROA not before: Thu 23 Nov 2023 12:08:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c2::/32 maxlen: 32
2a13:82c0::/32 maxlen: 32
2a13:82c7::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Dec 2023 09:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:14:c7:61:14:22:71:6d:9b:f0:27:c4:ca:4c:2d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: Nov 23 12:08:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed88ca056b0996558772d7f077854d18dfd2bdcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:e6:7a:eb:ca:a8:9a:a2:77:94:95:3e:90:
48:42:3d:68:21:ce:54:a7:36:08:5e:c0:bd:a2:6d:
74:df:37:2e:7e:c7:93:e4:49:32:5a:34:22:63:99:
99:ed:65:0c:11:e2:49:6f:4e:fa:54:35:04:42:9f:
6c:f1:b4:c5:a0:e5:4f:86:8e:95:b8:4c:60:55:74:
fb:d6:01:45:11:6a:17:78:3c:cd:03:77:73:c2:cb:
2e:14:4f:4e:44:e5:8f:aa:12:a6:69:f8:36:df:fb:
cb:ee:e4:79:26:43:c6:f8:c4:92:55:12:cb:2f:45:
08:fa:fd:ca:2f:5d:20:b0:9c:45:75:02:d0:ce:db:
45:5f:02:ef:3a:cb:90:82:1b:24:d1:46:ec:38:77:
af:48:88:64:cb:41:8e:39:67:99:9c:91:28:74:11:
88:1b:7a:cb:6b:08:bb:83:1e:9f:02:60:77:83:ae:
bc:92:3d:a1:c8:cc:dd:45:eb:79:4a:c3:38:15:82:
75:3a:74:b3:87:fa:d7:a1:43:da:80:07:ad:a5:d0:
74:b1:07:80:ea:70:3c:63:d9:46:db:0b:03:84:69:
92:08:7e:42:70:3e:71:8d:e6:77:2e:77:5c:3e:75:
c3:f4:d6:5d:17:5e:98:39:13:dc:bd:88:e6:d6:62:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:88:CA:05:6B:09:96:55:87:72:D7:F0:77:85:4D:18:DF:D2:BD:CD
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/7YjKBWsJllWHctfwd4VNGN_Svc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::-2a13:82c2:ffff:ffff:ffff:ffff:ffff:ffff
2a13:82c7::/32
Signature Algorithm: sha256WithRSAEncryption
c8:ff:02:fe:83:fc:cd:ac:c9:57:e9:4f:4f:5d:c1:1f:ec:93:
1c:3d:35:ab:c3:7b:d6:a2:74:06:2f:2f:c7:3d:fa:88:cd:11:
51:59:28:af:55:28:32:7a:35:29:45:ad:de:cf:8d:99:15:22:
6c:b6:6d:62:89:ee:21:4d:71:28:1a:79:9d:5d:7c:7f:67:63:
33:a5:15:3c:28:0e:31:20:29:66:8c:b0:82:bf:0a:f9:7f:d8:
8a:60:5a:8a:43:ed:1c:be:7d:dc:39:6a:3e:c6:81:b3:26:e0:
32:d7:db:a6:fd:ff:8f:7f:5a:1e:6e:69:0d:f6:81:87:bd:84:
f5:fd:22:1e:cc:0b:71:09:3f:25:57:a2:b1:6d:f8:6c:a2:cd:
98:8b:68:b6:f3:d8:58:12:c0:c2:8b:30:a1:d2:a5:6e:a2:04:
07:e9:12:59:70:d2:22:34:34:a0:20:28:25:46:b9:59:16:bb:
8e:e8:9b:79:ac:96:95:4c:a2:fb:b1:de:3d:ec:54:8a:cc:98:
82:8c:39:3c:64:82:c3:50:3b:14:91:f9:f1:77:88:ef:5c:72:
2a:98:de:c8:ba:08:ef:3a:de:72:a1:3d:3f:71:64:1d:4a:f4:
00:f6:4a:d3:35:77:a5:ad:5e:96:8a:21:c2:b2:8b:af:e6:1f:
c9:b5:c6:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv8FMdhFCJxbZvwJ8TKTC1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjMxMTIzMTIwODIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDg4Y2EwNTZiMDk5NjU1ODc3MmQ3ZjA3Nzg1NGQxOGRmZDJiZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFzmeuvKqJqid5SVPpBIQj1oIc5U
pzYIXsC9om103zcufseT5EkyWjQiY5mZ7WUMEeJJb076VDUEQp9s8bTFoOVPho6V
uExgVXT71gFFEWoXeDzNA3dzwssuFE9OROWPqhKmafg23/vL7uR5JkPG+MSSVRLL
L0UI+v3KL10gsJxFdQLQzttFXwLvOsuQghsk0UbsOHevSIhky0GOOWeZnJEodBGI
G3rLawi7gx6fAmB3g668kj2hyMzdRet5SsM4FYJ1OnSzh/rXoUPagAetpdB0sQeA
6nA8Y9lG2wsDhGmSCH5CcD5xjeZ3LndcPnXD9NZdF16YORPcvYjm1mLCwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2IygVrCZZVh3LX8HeFTRjf0r3NMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvN1lqS0JXc0psbFdIY3Rmd2Q0Vk5HTl9TdmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQYqE4LA
AwUAKhOCwgMFACoTgscwDQYJKoZIhvcNAQELBQADggEBAMj/Av6D/M2syVfpT09d
wR/skxw9NavDe9aidAYvL8c9+ojNEVFZKK9VKDJ6NSlFrd7PjZkVImy2bWKJ7iFN
cSgaeZ1dfH9nYzOlFTwoDjEgKWaMsIK/Cvl/2IpgWopD7Ry+fdw5aj7GgbMm4DLX
26b9/49/Wh5uaQ32gYe9hPX9Ih7MC3EJPyVXorFt+GyizZiLaLbz2FgSwMKLMKHS
pW6iBAfpEllw0iI0NKAgKCVGuVkWu47om3mslpVMovux3j3sVIrMmIKMOTxkgsNQ
OxSR+fF3iO9cciqY3si6CO863nKhPT9xZB1K9AD2StM1d6WtXpaKIcKyi6/mH8m1
xv8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org