Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/5pc0eTTWPw02Wgsdj3TdHqsQXz8.roa
File: 5pc0eTTWPw02Wgsdj3TdHqsQXz8.roa (raw, json)
Hash identifier: WOft4uAWMzR2A6jcAgQm7GAJLmMstuFcZWMuqkGTFUc=
Subject key identifier: E6:97:34:79:34:D6:3F:0D:36:5A:0B:1D:8F:74:DD:1E:AB:10:5F:3F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01862A7E0E3E42A31F9D32AB3EC0044119C8
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/5pc0eTTWPw02Wgsdj3TdHqsQXz8.roa
Signing time: Tue 07 Feb 2023 06:09:09 +0000
ROA not before: Tue 07 Feb 2023 06:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52041
IP address blocks: 2a12:bec1:b00b::/48 maxlen: 48
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Feb 2023 15:17:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:7e:0e:3e:42:a3:1f:9d:32:ab:3e:c0:04:41:19:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 7 06:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e697347934d63f0d365a0b1d8f74dd1eab105f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c5:dd:a3:77:6b:94:c6:34:98:37:dd:6c:0b:
24:fb:66:ca:34:34:6a:e3:14:90:62:c7:09:12:1e:
79:4e:aa:9f:85:e1:88:c0:7f:69:1f:5a:c7:e0:2d:
c5:7a:b7:ec:a4:a2:f9:1b:ee:7e:50:91:2f:b4:83:
d2:64:d2:9d:56:ca:9a:2a:36:d2:bf:3c:6c:0f:51:
dc:bb:7f:5b:7a:38:1b:bd:f8:ae:30:a3:00:4f:71:
d1:02:fc:17:4a:95:a4:da:37:e7:66:58:69:73:bf:
94:18:5f:18:93:f0:73:1f:a1:48:d1:9d:77:3e:82:
0b:9c:0c:de:bc:b2:94:2f:4e:79:d0:b1:8f:ab:a1:
a5:f7:7b:33:e1:89:9b:e8:10:bc:ac:76:41:97:7e:
90:c9:60:91:fa:c8:02:8f:df:49:eb:d2:3e:6b:52:
6b:78:6f:37:12:33:48:31:8d:b7:9b:7d:c9:b9:ec:
2e:4e:cc:2d:07:b5:a7:db:26:dd:fc:15:da:57:b7:
09:c9:86:dc:6a:f6:d2:48:54:bf:a8:2d:cb:ad:00:
87:14:46:bf:80:d1:c8:1c:9e:e9:da:4b:20:02:4b:
82:95:84:8a:85:bd:a1:63:90:e2:04:6f:42:c7:08:
bd:0e:9c:f8:02:68:f0:37:3c:a0:74:33:ce:a8:a5:
48:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:97:34:79:34:D6:3F:0D:36:5A:0B:1D:8F:74:DD:1E:AB:10:5F:3F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/5pc0eTTWPw02Wgsdj3TdHqsQXz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:d0::/44
2a12:bec0:7000::/48
2a12:bec0:b00b::/48
2a12:bec1:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
77:39:18:ae:d9:0d:af:cb:6c:14:c3:30:2b:bb:a9:ef:2b:c2:
b5:da:3a:44:62:9e:80:d1:e5:87:0f:52:a1:07:cd:49:8b:bf:
11:02:d5:c8:c2:00:76:9e:8e:c9:36:e7:30:d1:f9:b2:d5:f5:
22:80:a3:cf:13:3c:a8:9c:a8:c6:bb:21:a2:cc:9b:4c:a5:78:
bf:1f:fa:40:ac:8d:65:c2:c7:2a:3e:91:96:88:01:38:ad:f9:
f9:01:9d:8c:6f:4f:eb:02:1c:3a:aa:39:e3:7a:ca:85:13:33:
a1:63:ec:3c:ce:74:8a:10:b2:86:b0:f0:87:aa:d7:bf:af:71:
ad:61:2f:11:1d:ad:09:26:13:c2:c4:44:8c:2b:cd:8b:db:66:
af:b4:a2:d4:e7:92:99:40:c1:eb:ca:f0:e5:59:8f:5a:26:8f:
39:05:99:d9:aa:07:da:ae:e9:1a:f5:2b:61:2f:5d:fc:0d:9f:
16:1a:6b:35:08:b1:6b:18:3d:e1:33:d5:f3:ad:f7:fe:08:65:
a2:2a:39:47:69:c4:4d:2e:f1:b5:6e:c6:ee:a6:30:95:1c:f7:
d2:2b:77:c6:74:a0:69:26:20:d2:02:e9:4d:4e:71:99:3d:5d:
f1:70:a8:01:17:0b:d9:3a:4f:da:08:99:24:4e:b6:d5:3f:d8:
84:48:40:a6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYqfg4+QqMfnTKrPsAEQRnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMjA3MDYwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk3MzQ3OTM0ZDYzZjBkMzY1YTBiMWQ4Zjc0ZGQxZWFiMTA1ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicXdo3drlMY0mDfdbAsk+2bKNDRq
4xSQYscJEh55TqqfheGIwH9pH1rH4C3FerfspKL5G+5+UJEvtIPSZNKdVsqaKjbS
vzxsD1Hcu39bejgbvfiuMKMAT3HRAvwXSpWk2jfnZlhpc7+UGF8Yk/BzH6FI0Z13
PoILnAzevLKUL0550LGPq6Gl93sz4Ymb6BC8rHZBl36QyWCR+sgCj99J69I+a1Jr
eG83EjNIMY23m33JuewuTswtB7Wn2ybd/BXaV7cJyYbcavbSSFS/qC3LrQCHFEa/
gNHIHJ7p2ksgAkuClYSKhb2hY5DiBG9Cxwi9Dpz4AmjwNzygdDPOqKVI0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOaXNHk01j8NNloLHY903R6rEF8/MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvNXBjMGVUVFdQdzAyV2dzZGozVGRIcXNRWHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKhK+wADQ
AwcAKhK+wHAAAwcAKhK+wLALAwcAKhK+wbALMA0GCSqGSIb3DQEBCwUAA4IBAQB3
ORiu2Q2vy2wUwzAru6nvK8K12jpEYp6A0eWHD1KhB81Ji78RAtXIwgB2no7JNucw
0fmy1fUigKPPEzyonKjGuyGizJtMpXi/H/pArI1lwscqPpGWiAE4rfn5AZ2Mb0/r
Ahw6qjnjesqFEzOhY+w8znSKELKGsPCHqte/r3GtYS8RHa0JJhPCxESMK82L22av
tKLU55KZQMHryvDlWY9aJo85BZnZqgfaruka9SthL138DZ8WGms1CLFrGD3hM9Xz
rff+CGWiKjlHacRNLvG1bsbupjCVHPfSK3fGdKBpJiDSAulNTnGZPV3xcKgBFwvZ
Ok/aCJkkTrbVP9iESECm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org