Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/haSrqQ6moctXusUmAAo0oqohxk0.roa
File: haSrqQ6moctXusUmAAo0oqohxk0.roa (raw, json)
Hash identifier: EyKaH29BcgikwKOdpvuQVTqvsRSqtH3LiC+INvk4NRE=
Subject key identifier: 85:A4:AB:A9:0E:A6:A1:CB:57:BA:C5:26:00:0A:34:A2:AA:21:C6:4D
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018B7484B4DAA83D3C7F0E5CC83051EC18BB
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/haSrqQ6moctXusUmAAo0oqohxk0.roa
Signing time: Sat 28 Oct 2023 04:22:15 +0000
ROA not before: Sat 28 Oct 2023 04:22:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199705
IP address blocks: 2a12:bec0:450::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:74:84:b4:da:a8:3d:3c:7f:0e:5c:c8:30:51:ec:18:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Oct 28 04:22:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a4aba90ea6a1cb57bac526000a34a2aa21c64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:a5:8b:3d:a7:bd:8f:bc:26:a5:02:19:fa:
ea:0c:38:60:10:60:7d:16:f8:02:b3:e1:d3:ca:a3:
0e:e9:ef:98:e4:16:f7:b5:24:0d:ab:8e:1a:d1:df:
cd:bf:d8:84:54:5b:68:2b:8e:23:10:a8:85:59:06:
c6:97:aa:c7:72:09:10:d3:01:b0:1d:80:8e:ca:5f:
f8:3a:35:37:c0:77:19:6a:36:f3:32:7a:da:4d:0c:
f6:2a:71:da:0c:45:91:e1:fe:58:28:a0:9d:eb:b9:
98:a5:4a:03:52:4d:fd:4c:25:ad:90:76:f2:ad:4a:
53:1e:90:bf:49:ca:3b:61:22:64:77:59:70:9b:f4:
18:24:c0:ad:1a:b7:09:62:dd:34:cf:b2:03:cd:71:
6b:2d:38:f5:d8:04:eb:25:d5:22:bc:eb:64:bc:bb:
2f:da:b3:8e:7d:4e:d4:07:66:92:bb:8f:b2:2f:3d:
7a:f1:7a:bc:ee:1b:a2:87:66:25:c1:ec:8f:6d:b3:
d9:9b:a5:f9:39:94:2f:59:b0:78:09:78:2b:d3:e2:
01:05:27:63:a9:32:1d:9b:9f:0b:da:3d:11:79:fc:
71:1e:73:63:6a:9a:54:fa:aa:ba:9f:14:3a:0e:e4:
0e:ad:83:81:1a:b1:ad:85:ef:60:91:92:b3:57:34:
56:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A4:AB:A9:0E:A6:A1:CB:57:BA:C5:26:00:0A:34:A2:AA:21:C6:4D
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/haSrqQ6moctXusUmAAo0oqohxk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:450::/44
Signature Algorithm: sha256WithRSAEncryption
30:d8:78:61:0c:cd:30:98:d3:f5:f9:c2:1d:13:63:80:a5:a7:
b5:62:4f:cd:a6:e4:60:57:34:04:2d:fd:64:71:95:3a:3a:dc:
61:7b:c7:67:d4:18:aa:19:56:c4:b3:23:c5:07:2f:99:7e:72:
fd:7f:5f:59:ea:ad:3a:94:78:15:fd:25:a3:90:d8:a4:b5:18:
1c:bd:4a:6b:23:95:7f:f5:a7:b9:35:ea:dc:6c:a3:67:22:f9:
3d:9c:26:2e:f1:22:17:43:70:2d:f2:ae:38:54:8a:9c:14:dd:
23:16:92:e4:1a:17:cb:ac:70:4c:ca:3f:20:49:dc:ae:ae:c8:
7d:f1:ae:29:62:06:f0:0c:5e:42:e7:b7:a1:8d:34:de:97:89:
fe:b1:03:cf:85:8c:03:b6:dc:4d:81:de:77:7c:2a:29:ce:b4:
fc:d7:82:09:a9:6b:e0:50:0f:f9:39:21:d0:1b:de:4c:61:af:
fa:3d:4f:0d:7e:09:ff:48:2d:df:7f:37:13:d4:5c:0c:cb:c4:
9d:99:55:ab:81:d5:22:be:31:f7:74:d3:a8:9a:29:37:7d:a5:
fe:3b:cd:19:9a:e4:2e:0b:a9:b9:de:92:c3:b9:9c:6a:11:28:
d6:e1:68:23:00:89:4f:95:77:2d:46:e5:e8:9e:ef:13:9c:bc:
f1:ed:59:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYt0hLTaqD08fw5cyDBR7Bi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMxMDI4MDQyMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE0YWJhOTBlYTZhMWNiNTdiYWM1MjYwMDBhMzRhMmFhMjFjNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTaliz2nvY+8JqUCGfrqDDhgEGB9
FvgCs+HTyqMO6e+Y5Bb3tSQNq44a0d/Nv9iEVFtoK44jEKiFWQbGl6rHcgkQ0wGw
HYCOyl/4OjU3wHcZajbzMnraTQz2KnHaDEWR4f5YKKCd67mYpUoDUk39TCWtkHby
rUpTHpC/Sco7YSJkd1lwm/QYJMCtGrcJYt00z7IDzXFrLTj12ATrJdUivOtkvLsv
2rOOfU7UB2aSu4+yLz168Xq87huih2YlweyPbbPZm6X5OZQvWbB4CXgr0+IBBSdj
qTIdm58L2j0RefxxHnNjappU+qq6nxQ6DuQOrYOBGrGthe9gkZKzVzRWQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIWkq6kOpqHLV7rFJgAKNKKqIcZNMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvaGFTcnFRNm1vY3RYdXNVbUFBbzBvcW9oeGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wARQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAw2HhhDM0wmNP1+cIdE2OApae1Yk/NpuRgVzQE
Lf1kcZU6Otxhe8dn1BiqGVbEsyPFBy+ZfnL9f19Z6q06lHgV/SWjkNiktRgcvUpr
I5V/9ae5NercbKNnIvk9nCYu8SIXQ3At8q44VIqcFN0jFpLkGhfLrHBMyj8gSdyu
rsh98a4pYgbwDF5C57ehjTTel4n+sQPPhYwDttxNgd53fCopzrT814IJqWvgUA/5
OSHQG95MYa/6PU8Nfgn/SC3ffzcT1FwMy8SdmVWrgdUivjH3dNOomik3faX+O80Z
muQuC6m53pLDuZxqESjW4WgjAIlPlXctRuXonu8TnLzx7Vn0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org