Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/P5AglktptDEdYi5x0rJJGJyOKj4.roa
File: P5AglktptDEdYi5x0rJJGJyOKj4.roa (raw, json)
Hash identifier: g4uhSKiJykYAHQ+vn5tJlcmyUqNS37tW8fVLBvK7Mag=
Subject key identifier: 3F:90:20:96:4B:69:B4:31:1D:62:2E:71:D2:B2:49:18:9C:8E:2A:3E
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 018C43086D33865FE23FBC5F3983EAB09758
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/P5AglktptDEdYi5x0rJJGJyOKj4.roa
Signing time: Thu 07 Dec 2023 06:47:54 +0000
ROA not before: Thu 07 Dec 2023 06:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c2::/32 maxlen: 32
2a13:82c0::/32 maxlen: 32
2a13:82c5:1000::/36 maxlen: 36
2a13:82c5:2000::/36 maxlen: 36
2a13:82c5::/32 maxlen: 32
2a13:82c7::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 23 Dec 2023 16:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:08:6d:33:86:5f:e2:3f:bc:5f:39:83:ea:b0:97:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: Dec 7 06:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f9020964b69b4311d622e71d2b249189c8e2a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:20:2d:aa:5a:a6:66:07:6d:ad:e2:a6:c3:
f5:6b:bd:c6:32:b1:51:b6:e8:c5:2e:bf:57:79:ab:
57:42:e9:66:28:96:d3:ae:2c:27:ae:47:c1:75:b6:
50:89:db:d8:be:ff:3a:36:10:c3:11:0a:04:6c:fe:
30:c9:04:8d:7d:55:47:50:b5:18:e3:77:e6:5c:04:
13:dc:4d:4b:94:40:7f:01:59:10:ed:00:9a:83:3f:
59:d4:eb:ae:90:70:f9:f1:05:a8:cb:11:8e:54:4f:
b8:2b:d2:ae:a7:f2:19:2c:4e:31:23:2d:f8:f3:d7:
ff:b3:5d:82:47:43:9f:e5:4c:d3:42:76:e3:e8:f2:
84:0d:65:6a:fb:9d:09:9f:4a:12:4b:98:eb:e6:d6:
44:95:92:7c:d2:13:28:a8:d3:67:ee:78:23:27:7a:
8c:e6:d3:5b:7a:d8:01:4c:2e:43:54:8a:7a:03:ca:
b9:b3:a4:ab:99:31:20:7e:31:33:4d:29:87:6e:92:
c5:4e:f5:d0:54:12:77:2b:29:75:00:bb:75:b8:e3:
c4:81:10:7f:4a:71:ab:01:b6:44:c8:03:a8:57:17:
e4:97:f6:31:68:d7:fe:66:53:20:34:6b:0f:a8:76:
0a:35:2d:a0:f4:b7:38:8b:a2:3f:62:ba:bc:9f:4e:
47:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:90:20:96:4B:69:B4:31:1D:62:2E:71:D2:B2:49:18:9C:8E:2A:3E
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/P5AglktptDEdYi5x0rJJGJyOKj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::-2a13:82c2:ffff:ffff:ffff:ffff:ffff:ffff
2a13:82c5::/32
2a13:82c7::/32
Signature Algorithm: sha256WithRSAEncryption
c8:9c:da:d8:39:b2:bf:63:19:1c:7a:b5:7b:a9:71:93:9f:43:
c6:c3:5e:3e:22:5d:42:e7:cc:da:af:83:77:af:a9:6d:cf:db:
d5:24:b5:44:2d:70:b8:cb:49:09:8e:3c:9d:fa:99:a4:65:75:
3a:99:40:27:ff:8f:b8:a2:73:d0:ad:e3:88:82:12:2a:ba:59:
91:1a:15:a6:ed:00:54:84:84:87:b2:16:2e:5c:ef:71:23:31:
74:37:12:75:c8:dc:08:2d:26:77:9c:7c:98:73:37:68:b1:24:
3c:44:4e:dc:0e:4c:a7:c2:b7:1d:62:e0:11:67:ef:55:3d:2c:
dc:2b:c9:93:54:af:08:70:f0:bc:13:d6:15:ab:b2:c3:38:ac:
f7:a2:a9:67:97:42:89:38:4b:2f:62:f6:e5:ca:11:2d:e2:a7:
de:5b:ed:63:82:24:60:8d:9b:e3:3c:33:9b:6f:28:f8:78:15:
98:8d:c1:03:d2:cc:dd:02:50:86:18:7c:79:7d:22:ec:f0:05:
e2:cd:84:6a:90:03:21:76:e3:33:83:aa:9d:bf:08:ec:ef:3c:
25:3f:f0:53:37:c2:41:4c:dd:80:de:52:ca:7c:df:02:a4:4d:
4b:58:98:c6:13:b8:05:e5:72:02:34:79:f0:00:ac:6a:a0:90:
98:39:0d:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxDCG0zhl/iP7xfOYPqsJdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjMxMjA3MDY0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjkwMjA5NjRiNjliNDMxMWQ2MjJlNzFkMmIyNDkxODljOGUyYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlckgLapapmYHba3ipsP1a73GMrFR
tujFLr9XeatXQulmKJbTriwnrkfBdbZQidvYvv86NhDDEQoEbP4wyQSNfVVHULUY
43fmXAQT3E1LlEB/AVkQ7QCagz9Z1OuukHD58QWoyxGOVE+4K9Kup/IZLE4xIy34
89f/s12CR0Of5UzTQnbj6PKEDWVq+50Jn0oSS5jr5tZElZJ80hMoqNNn7ngjJ3qM
5tNbetgBTC5DVIp6A8q5s6SrmTEgfjEzTSmHbpLFTvXQVBJ3Kyl1ALt1uOPEgRB/
SnGrAbZEyAOoVxfkl/YxaNf+ZlMgNGsPqHYKNS2g9Lc4i6I/Yrq8n05H/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD+QIJZLabQxHWIucdKySRicjio+MB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvUDVBZ2xrdHB0REVkWWk1eDBySkpHSnlPS2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQYqE4LA
AwUAKhOCwgMFACoTgsUDBQAqE4LHMA0GCSqGSIb3DQEBCwUAA4IBAQDInNrYObK/
YxkcerV7qXGTn0PGw14+Il1C58zar4N3r6ltz9vVJLVELXC4y0kJjjyd+pmkZXU6
mUAn/4+4onPQreOIghIqulmRGhWm7QBUhISHshYuXO9xIzF0NxJ1yNwILSZ3nHyY
czdosSQ8RE7cDkynwrcdYuARZ+9VPSzcK8mTVK8IcPC8E9YVq7LDOKz3oqlnl0KJ
OEsvYvblyhEt4qfeW+1jgiRgjZvjPDObbyj4eBWYjcED0szdAlCGGHx5fSLs8AXi
zYRqkAMhduMzg6qdvwjs7zwlP/BTN8JBTN2A3lLKfN8CpE1LWJjGE7gF5XICNHnw
AKxqoJCYOQ2m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org