Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/eGFH2n-rxY2aNz7Uzc4-JDU6GWc.roa
File: eGFH2n-rxY2aNz7Uzc4-JDU6GWc.roa (raw, json)
Hash identifier: fK7mKxxgAF8oeT3w3WzGU28IQKwPkrHiXOq96OoVa+s=
Subject key identifier: 78:61:47:DA:7F:AB:C5:8D:9A:37:3E:D4:CD:CE:3E:24:35:3A:19:67
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018E5B95C26E601D5AC1630CA1CF2848A61A
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/eGFH2n-rxY2aNz7Uzc4-JDU6GWc.roa
Signing time: Wed 20 Mar 2024 11:18:45 +0000
ROA not before: Wed 20 Mar 2024 11:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216311
IP address blocks: 2a12:bec0:500::/48 maxlen: 48
2a12:bec0:501::/48 maxlen: 48
2a12:bec0:502::/48 maxlen: 48
2a12:bec0:507::/48 maxlen: 48
2a12:bec0:509::/48 maxlen: 48
2a12:bec0:50b::/48 maxlen: 48
2a12:bec0:50c::/46 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 08:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:95:c2:6e:60:1d:5a:c1:63:0c:a1:cf:28:48:a6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 20 11:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=786147da7fabc58d9a373ed4cdce3e24353a1967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:96:09:da:d9:87:93:c1:75:5d:a6:1c:a4:76:
ad:5c:92:59:0d:97:5d:75:44:cf:4d:78:89:97:e6:
a3:e9:38:91:f8:46:0f:e9:f7:66:73:6d:15:f5:2f:
6f:62:db:ce:d5:e2:c5:9c:36:3a:41:48:29:fb:9e:
77:e7:8b:e4:05:e7:c1:2c:f3:83:52:b0:6a:fe:03:
21:e0:8f:9a:3f:90:ec:d5:3a:aa:cc:ce:62:21:8d:
ed:0d:64:11:87:50:c2:04:c3:2d:77:6d:2f:15:ed:
11:62:d5:1b:45:6a:11:76:79:11:da:be:af:b9:11:
68:2e:24:5e:d2:cc:6e:e8:16:ec:18:95:c5:17:6d:
6f:ab:e8:85:29:e2:0c:c4:f0:72:23:4e:6d:7d:82:
0f:46:e0:d6:9c:6c:4d:ae:23:e0:98:31:87:9f:a7:
4b:7a:0d:20:a3:15:31:2a:31:f4:2a:66:1c:7a:29:
ce:3d:48:fc:8f:5b:2c:58:9c:ef:f6:84:18:29:a7:
ea:f1:9c:b1:03:94:eb:6e:4f:29:0d:5f:e9:2f:40:
8f:dd:89:6e:99:16:4f:01:7c:91:33:d3:77:0b:58:
62:2f:14:17:fa:d6:8d:91:bc:89:7f:6b:34:93:7f:
80:e4:c3:a8:20:14:45:d7:4a:41:b7:2f:22:19:e2:
84:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:61:47:DA:7F:AB:C5:8D:9A:37:3E:D4:CD:CE:3E:24:35:3A:19:67
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/eGFH2n-rxY2aNz7Uzc4-JDU6GWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:500::-2a12:bec0:502:ffff:ffff:ffff:ffff:ffff
2a12:bec0:507::/48
2a12:bec0:509::/48
2a12:bec0:50b::-2a12:bec0:50f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:a0:e0:45:42:c2:00:64:6f:63:b1:a9:6f:b9:df:cb:2d:71:
4c:f0:7f:d0:0d:15:ea:ae:1e:0e:69:51:2f:da:6b:25:a5:7a:
e4:d0:b9:83:06:e1:1a:ed:e1:59:f3:76:dd:8b:d7:51:9c:b3:
64:29:8b:8f:c9:f5:c9:bf:36:3c:5f:2b:b6:01:80:68:44:9d:
a0:57:e6:30:8c:39:93:7e:b3:76:7b:f5:ab:3d:93:ea:21:33:
44:67:1c:be:68:a9:f1:a5:04:2d:a5:63:32:23:ae:51:35:5f:
3f:ba:67:56:19:97:6d:b5:74:43:28:97:1b:90:14:f5:2f:78:
fd:fc:88:50:d7:e5:6e:0d:54:95:91:94:7b:76:d4:ad:8d:f8:
b3:42:12:d3:2d:91:d1:0e:cd:24:f9:26:b8:e3:66:77:cb:26:
2b:1d:7c:de:89:21:21:66:7b:b1:3c:45:ab:04:ca:3b:92:d5:
c2:be:19:8f:12:7b:00:77:20:b7:33:49:a7:1a:72:3f:a1:b1:
fa:1d:f3:f4:3f:ef:f3:50:90:d0:b9:60:fd:43:01:47:35:3e:
fd:81:7a:ef:44:6d:06:91:61:45:c0:87:eb:44:34:f4:0f:c4:
f6:16:76:7b:77:17:c0:e2:c7:5d:21:92:97:e8:d4:01:30:52:
bc:01:a3:4a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY5blcJuYB1awWMMoc8oSKYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMzIwMTExODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODYxNDdkYTdmYWJjNThkOWEzNzNlZDRjZGNlM2UyNDM1M2ExOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpYJ2tmHk8F1XaYcpHatXJJZDZdd
dUTPTXiJl+aj6TiR+EYP6fdmc20V9S9vYtvO1eLFnDY6QUgp+55354vkBefBLPOD
UrBq/gMh4I+aP5Ds1TqqzM5iIY3tDWQRh1DCBMMtd20vFe0RYtUbRWoRdnkR2r6v
uRFoLiRe0sxu6BbsGJXFF21vq+iFKeIMxPByI05tfYIPRuDWnGxNriPgmDGHn6dL
eg0goxUxKjH0KmYceinOPUj8j1ssWJzv9oQYKafq8ZyxA5Trbk8pDV/pL0CP3Ylu
mRZPAXyRM9N3C1hiLxQX+taNkbyJf2s0k3+A5MOoIBRF10pBty8iGeKEDQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHhhR9p/q8WNmjc+1M3OPiQ1OhlnMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvZUdGSDJuLXJ4WTJhTno3VXpjNC1KRFU2R1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5MBEDBgAqEr7A
BQMHACoSvsAFAgMHACoSvsAFBwMHACoSvsAFCTASAwcAKhK+wAULAwcEKhK+wAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBvoOBFQsIAZG9jsalvud/LLXFM8H/QDRXqrh4O
aVEv2mslpXrk0LmDBuEa7eFZ83bdi9dRnLNkKYuPyfXJvzY8Xyu2AYBoRJ2gV+Yw
jDmTfrN2e/WrPZPqITNEZxy+aKnxpQQtpWMyI65RNV8/umdWGZdttXRDKJcbkBT1
L3j9/IhQ1+VuDVSVkZR7dtStjfizQhLTLZHRDs0k+Sa442Z3yyYrHXzeiSEhZnux
PEWrBMo7ktXCvhmPEnsAdyC3M0mnGnI/obH6HfP0P+/zUJDQuWD9QwFHNT79gXrv
RG0GkWFFwIfrRDT0D8T2FnZ7dxfA4sddIZKX6NQBMFK8AaNK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org