Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9wh0XXCOuV6pVmtW_AyIi1QfuKI.roa
File: 9wh0XXCOuV6pVmtW_AyIi1QfuKI.roa (raw, json)
Hash identifier: 2oUOB2XxKQ3aIMgnd0bqcgtRGhMW8ean5tZDFt/FkUI=
Subject key identifier: F7:08:74:5D:70:8E:B9:5E:A9:56:6B:56:FC:0C:88:8B:54:1F:B8:A2
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0186B3A8F7E774B1EB5E6049BBCF06E69041
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9wh0XXCOuV6pVmtW_AyIi1QfuKI.roa
Signing time: Sun 05 Mar 2023 21:24:00 +0000
ROA not before: Sun 05 Mar 2023 21:24:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52041
IP address blocks: 2a12:bec0:7002::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Mar 2023 13:59:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b3:a8:f7:e7:74:b1:eb:5e:60:49:bb:cf:06:e6:90:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 5 21:24:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f708745d708eb95ea9566b56fc0c888b541fb8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8b:94:42:a7:44:33:a7:fd:e2:b2:b1:22:94:
f0:6d:fe:64:70:93:74:9f:f9:04:7d:79:59:ad:66:
d9:99:08:a3:04:d8:fa:d1:e3:2b:cd:5e:9c:80:4f:
56:d8:82:94:e9:7c:79:94:e0:a2:e1:92:8a:bb:26:
e6:b3:8a:a7:98:e4:2c:9a:84:1c:a3:50:03:2e:7e:
7e:a5:60:c9:7c:90:2d:77:b0:9c:a1:a5:18:4c:59:
e9:2b:b6:92:b9:7b:a1:ce:c5:82:c5:d6:b2:f5:92:
b9:33:3a:1b:d9:f1:84:1e:03:49:e0:5b:cc:52:13:
78:df:8d:27:7e:4c:ab:a7:78:df:b8:05:c4:7c:78:
a2:c7:be:4c:fd:9d:11:bf:f3:1f:e7:c9:52:f8:21:
c9:e5:fb:36:e8:72:49:4b:dd:f0:8a:4f:08:0e:c9:
b5:4e:58:b1:75:05:be:21:be:25:e8:d1:4b:8d:a8:
08:91:b6:ce:98:67:d6:91:db:dc:20:5f:0b:72:14:
59:5b:cf:e1:6b:a3:c0:18:9c:78:7c:9e:70:24:a4:
d0:2d:31:0b:fe:3f:3e:4e:4b:e1:62:28:91:30:fd:
bd:fb:23:3a:3a:2b:e2:d4:48:aa:60:44:d9:ab:86:
66:4d:b9:a8:6e:49:af:c5:d7:e1:9d:07:da:30:aa:
34:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:08:74:5D:70:8E:B9:5E:A9:56:6B:56:FC:0C:88:8B:54:1F:B8:A2
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9wh0XXCOuV6pVmtW_AyIi1QfuKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:d0::/44
2a12:bec0:7000::-2a12:bec0:7002:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
63:74:8a:56:41:0d:70:35:30:ca:de:eb:1b:c9:e3:fa:19:99:
cf:32:7a:0b:f7:7c:40:45:bc:03:81:f0:ed:8e:8a:fe:54:8c:
67:95:73:36:39:e3:15:4e:19:09:cc:f3:7e:02:47:70:51:a4:
69:5a:60:9c:88:eb:ca:c5:62:3e:cf:f1:8a:e9:84:0f:e5:a7:
6e:a1:39:a5:f5:70:a3:8b:60:1a:d1:f2:01:af:46:cc:fc:1f:
0a:55:83:7d:fc:db:81:e1:dd:f8:a6:d0:ed:54:a0:f7:16:af:
06:ee:91:0a:f2:4f:c1:a0:18:9d:7c:d6:b8:f7:00:47:6f:ff:
79:40:d6:87:6a:d3:7a:7d:72:db:04:18:a4:dc:1a:20:b0:a6:
6b:21:f0:e8:1f:95:58:d2:7e:18:4e:ed:94:0e:35:00:ff:fd:
67:09:30:83:ff:60:a4:25:be:5a:e6:fb:5e:a7:67:37:a5:d3:
8e:33:27:06:6f:c2:47:44:72:ce:b3:0d:2e:02:8e:ec:ad:2e:
4b:12:00:b2:e7:9c:db:78:4e:d6:62:a6:9c:8a:29:3e:84:ad:
81:fd:dd:cd:58:22:2e:ba:0c:62:6a:83:ed:3b:81:88:d9:2f:
02:52:21:7e:b7:83:38:64:55:be:d2:cc:06:e7:82:0c:22:8b:
6f:5d:17:c5
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYazqPfndLHrXmBJu88G5pBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMzA1MjEyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA4NzQ1ZDcwOGViOTVlYTk1NjZiNTZmYzBjODg4YjU0MWZiOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4uUQqdEM6f94rKxIpTwbf5kcJN0
n/kEfXlZrWbZmQijBNj60eMrzV6cgE9W2IKU6Xx5lOCi4ZKKuybms4qnmOQsmoQc
o1ADLn5+pWDJfJAtd7CcoaUYTFnpK7aSuXuhzsWCxday9ZK5Mzob2fGEHgNJ4FvM
UhN4340nfkyrp3jfuAXEfHiix75M/Z0Rv/Mf58lS+CHJ5fs26HJJS93wik8IDsm1
TlixdQW+Ib4l6NFLjagIkbbOmGfWkdvcIF8LchRZW8/ha6PAGJx4fJ5wJKTQLTEL
/j8+TkvhYiiRMP29+yM6Oivi1EiqYETZq4ZmTbmobkmvxdfhnQfaMKo0kQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPcIdF1wjrleqVZrVvwMiItUH7iiMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvOXdoMFhYQ091VjZwVm10V19BeUlpMVFmdUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcEKhK+wADQ
MBEDBgQqEr7AcAMHACoSvsBwAgMHACoSvsCwCwMHACoSvsGwCzANBgkqhkiG9w0B
AQsFAAOCAQEAY3SKVkENcDUwyt7rG8nj+hmZzzJ6C/d8QEW8A4Hw7Y6K/lSMZ5Vz
NjnjFU4ZCczzfgJHcFGkaVpgnIjrysViPs/xiumED+WnbqE5pfVwo4tgGtHyAa9G
zPwfClWDffzbgeHd+KbQ7VSg9xavBu6RCvJPwaAYnXzWuPcAR2//eUDWh2rTen1y
2wQYpNwaILCmayHw6B+VWNJ+GE7tlA41AP/9Zwkwg/9gpCW+Wub7XqdnN6XTjjMn
Bm/CR0RyzrMNLgKO7K0uSxIAsuec23hO1mKmnIopPoStgf3dzVgiLroMYmqD7TuB
iNkvAlIhfreDOGRVvtLMBueCDCKLb10XxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org