Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/g9HieNmWOeaKrH_BPARhqJ7IG_A.roa
File: g9HieNmWOeaKrH_BPARhqJ7IG_A.roa (raw, json)
Hash identifier: xpZmcgnX3IT9ZN0oAEGkVfvskROw49dHb5xbD9ExoaM=
Subject key identifier: 83:D1:E2:78:D9:96:39:E6:8A:AC:7F:C1:3C:04:61:A8:9E:C8:1B:F0
Certificate issuer: /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial: 018FA93E9741AA841E82B7395E3F396A3284
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/g9HieNmWOeaKrH_BPARhqJ7IG_A.roa
Signing time: Fri 24 May 2024 06:16:42 +0000
ROA not before: Fri 24 May 2024 06:16:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60504
IP address blocks: 2a13:82c0::/32 maxlen: 32
2a13:82c1::/32 maxlen: 32
2a13:82c2::/32 maxlen: 32
2a13:82c3::/32 maxlen: 32
2a13:82c4:1::/48 maxlen: 48
2a13:82c4:2::/48 maxlen: 48
2a13:82c4:3::/48 maxlen: 48
2a13:82c4:fa00::/40 maxlen: 40
2a13:82c4:fb00::/40 maxlen: 40
2a13:82c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Aug 2024 16:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:3e:97:41:aa:84:1e:82:b7:39:5e:3f:39:6a:32:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Validity
Not Before: May 24 06:16:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83d1e278d99639e68aac7fc13c0461a89ec81bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a0:ca:48:2e:d3:27:89:79:fc:f0:7e:07:66:
80:55:b0:94:c2:46:fe:fb:41:c5:77:5e:cc:54:06:
01:3e:4b:3a:78:0b:c5:db:95:91:0e:b4:91:9f:5e:
57:13:ac:fd:30:3a:2b:89:b4:40:99:89:f4:f3:c7:
0d:a8:7a:49:79:91:6d:45:54:c1:79:9a:ba:46:1b:
14:fe:6e:b9:d0:d1:ad:fc:ef:dc:fb:ec:35:f4:f4:
51:3a:a9:6d:9a:0d:81:f3:31:33:8c:90:62:0c:a7:
fa:cc:1a:57:d3:5e:92:e9:45:7c:05:1d:aa:de:9d:
36:dd:e8:50:7a:5b:0f:e2:92:53:c4:79:f0:32:63:
52:4f:6e:33:da:23:61:a9:45:ab:ba:be:37:7d:61:
32:fa:aa:df:b0:f9:3f:35:c8:c3:b8:29:86:31:60:
d1:ec:7a:c5:fe:0c:2a:c6:c5:2f:0f:ca:90:99:0e:
74:5f:d1:47:b7:b0:4c:60:9b:5e:3f:d0:d6:36:e6:
d8:20:e2:03:c4:b2:37:b3:25:dd:b2:37:f6:08:8c:
ac:1d:08:af:ab:1e:70:c6:5b:5f:3a:24:7c:d1:18:
eb:a9:4a:19:9a:68:6b:b2:76:45:a9:ed:9e:7f:b5:
18:8a:86:2e:28:e8:4c:f2:ed:f9:ae:ba:18:54:46:
28:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D1:E2:78:D9:96:39:E6:8A:AC:7F:C1:3C:04:61:A8:9E:C8:1B:F0
X509v3 Authority Key Identifier:
keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/g9HieNmWOeaKrH_BPARhqJ7IG_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:82c0::/30
2a13:82c4:1::-2a13:82c4:3:ffff:ffff:ffff:ffff:ffff
2a13:82c4:fa00::/39
2a13:82c7::/32
Signature Algorithm: sha256WithRSAEncryption
2e:92:7e:77:f6:4c:cb:c7:a8:ce:73:48:10:fc:a8:d5:cc:c9:
62:f6:91:3c:1b:a8:4b:54:47:1c:ea:8d:84:71:f0:40:0d:bd:
98:60:24:fa:fa:7a:b4:bb:8b:5a:70:4e:cd:ca:a9:c2:79:40:
5e:d4:72:06:de:a3:6d:63:a0:1a:42:e2:2b:d4:c4:be:8e:dc:
6c:9a:36:50:e9:23:ad:7e:8d:aa:6c:08:43:c3:46:6c:de:e2:
b9:ee:70:29:ec:c2:b1:4e:01:c5:c8:19:ad:be:9e:45:1b:c8:
93:cd:1d:fc:77:86:6b:c4:b4:4e:de:cf:64:59:a5:1f:b7:7a:
3d:9b:5c:f1:e1:87:e6:cb:af:32:0f:13:66:e2:f6:39:4a:85:
43:22:b0:77:04:7d:70:15:07:cd:20:45:35:7d:2e:c0:d4:87:
94:e3:46:93:00:15:d1:c7:fd:4b:a0:b3:35:d4:4d:b4:45:1c:
26:6f:6e:0a:9f:c0:12:82:09:08:51:df:bb:21:6c:70:c1:23:
0d:6f:eb:6c:4f:db:83:4a:24:85:73:d8:bf:2e:a3:87:cd:86:
dd:76:3d:32:b3:14:2c:25:ec:f7:cf:e9:09:40:6d:3d:6e:24:
5b:a9:f2:f1:f8:cb:b0:a5:f3:09:21:c7:d9:07:c7:81:77:bf:
81:cc:63:f4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+pPpdBqoQegrc5Xj85ajKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjQwNTI0MDYxNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2QxZTI3OGQ5OTYzOWU2OGFhYzdmYzEzYzA0NjFhODllYzgxYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6DKSC7TJ4l5/PB+B2aAVbCUwkb+
+0HFd17MVAYBPks6eAvF25WRDrSRn15XE6z9MDoribRAmYn088cNqHpJeZFtRVTB
eZq6RhsU/m650NGt/O/c++w19PRROqltmg2B8zEzjJBiDKf6zBpX016S6UV8BR2q
3p023ehQelsP4pJTxHnwMmNST24z2iNhqUWrur43fWEy+qrfsPk/NcjDuCmGMWDR
7HrF/gwqxsUvD8qQmQ50X9FHt7BMYJteP9DWNubYIOIDxLI3syXdsjf2CIysHQiv
qx5wxltfOiR80RjrqUoZmmhrsnZFqe2ef7UYioYuKOhM8u35rroYVEYoiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIPR4njZljnmiqx/wTwEYaieyBvwMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvZzlIaWVObVdPZWFLckhfQlBBUmhxSjdJR19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUCKhOCwDAS
AwcAKhOCxAABAwcCKhOCxAAAAwYBKhOCxPoDBQAqE4LHMA0GCSqGSIb3DQEBCwUA
A4IBAQAukn539kzLx6jOc0gQ/KjVzMli9pE8G6hLVEcc6o2EcfBADb2YYCT6+nq0
u4tacE7NyqnCeUBe1HIG3qNtY6AaQuIr1MS+jtxsmjZQ6SOtfo2qbAhDw0Zs3uK5
7nAp7MKxTgHFyBmtvp5FG8iTzR38d4ZrxLRO3s9kWaUft3o9m1zx4Yfmy68yDxNm
4vY5SoVDIrB3BH1wFQfNIEU1fS7A1IeU40aTABXRx/1LoLM11E20RRwmb24Kn8AS
ggkIUd+7IWxwwSMNb+tsT9uDSiSFc9i/LqOHzYbddj0ysxQsJez3z+kJQG09biRb
qfLx+MuwpfMJIcfZB8eBd7+BzGP0
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:03:39 2024 by rpki-client on console-ams.rpki-client.org