Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4nlSWxW_Zjp2BVh_s4b_QT9EOzc.roa
File: 4nlSWxW_Zjp2BVh_s4b_QT9EOzc.roa (raw, json)
Hash identifier: s+b5wgPbTCot5tz2C9mOUasLZrOyPrepYw6QJvlu3Fo=
Subject key identifier: E2:79:52:5B:15:BF:66:3A:76:05:58:7F:B3:86:FF:41:3F:44:3B:37
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0186974805A4E00DEE31667ECEECF730632A
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4nlSWxW_Zjp2BVh_s4b_QT9EOzc.roa
Signing time: Tue 28 Feb 2023 09:08:45 +0000
ROA not before: Tue 28 Feb 2023 09:08:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a04:1bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 28 Feb 2023 16:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:48:05:a4:e0:0d:ee:31:66:7e:ce:ec:f7:30:63:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Feb 28 09:08:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e279525b15bf663a7605587fb386ff413f443b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:0b:62:a8:3e:1b:99:32:c8:03:41:d9:28:1c:
35:bf:ab:3a:71:7a:7e:60:56:f2:d4:11:1e:16:4d:
1c:3e:2a:18:e5:ae:5d:7c:ac:1b:6c:56:3c:a6:77:
2f:8e:1e:74:98:b0:19:95:c3:23:4d:aa:1c:0e:32:
73:7a:8d:58:d9:c2:67:bd:94:c7:c6:b2:92:2c:c5:
2c:ce:84:90:ca:45:39:e3:01:3c:85:1b:a8:63:16:
df:f2:e8:83:f9:29:fa:25:8f:f3:08:63:20:3f:6f:
f9:f6:50:65:c7:35:8e:2a:d4:9e:a0:15:f0:da:6b:
27:03:cf:1a:44:be:c4:7b:ae:85:41:b7:d6:68:c2:
cd:8b:cf:04:85:24:5c:5c:69:6a:6f:3a:d1:e7:b9:
fa:4d:e9:93:f8:54:5d:aa:bc:ae:f2:8e:ba:53:3b:
e5:17:71:60:e1:85:79:75:6c:e1:c3:be:15:5f:c7:
3d:cc:44:8d:8b:9b:30:95:c3:90:18:26:da:b9:62:
a5:c4:69:20:59:45:a5:43:d5:31:39:47:ab:8b:57:
c7:c8:3f:e4:77:8a:51:01:fc:1f:b9:3e:4b:a6:69:
97:e8:66:05:4d:14:fb:32:a8:c5:7c:1f:89:95:2a:
b2:ce:5b:53:d8:f0:3c:9d:cf:3c:8b:c4:be:0b:c8:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:79:52:5B:15:BF:66:3A:76:05:58:7F:B3:86:FF:41:3F:44:3B:37
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4nlSWxW_Zjp2BVh_s4b_QT9EOzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
28:1b:0c:ee:e8:67:9c:0f:d6:b5:28:2a:fb:0f:f7:51:6b:ec:
a9:91:6a:75:e2:6d:6e:43:66:be:e5:fd:6a:32:7a:ca:c2:8f:
30:60:88:a9:e1:66:dc:d3:31:f3:4e:89:4d:cd:4a:f5:e5:da:
83:15:18:20:7e:2c:4c:1f:8f:1c:e5:4e:be:59:ad:66:3d:57:
29:6d:31:e3:c2:ca:dc:21:0c:c9:ea:a1:44:c5:50:10:25:1a:
60:e4:dc:12:7c:65:72:7e:16:05:0c:5c:86:ff:60:8b:4b:b7:
d0:f0:0f:a7:08:be:ce:56:b1:e9:e6:b7:8d:f8:2d:d7:2b:8d:
1f:a4:65:88:78:c8:d5:b7:20:09:20:48:50:65:40:7a:1d:ce:
b7:cb:3f:6a:6f:ae:19:42:73:03:51:8c:7c:ce:a0:00:39:30:
fe:d7:6e:14:1a:89:ea:5c:53:b7:23:9a:db:20:34:3b:30:e4:
5c:1a:1c:60:85:bb:2a:33:68:90:1f:2a:50:12:95:30:8b:cf:
b0:80:8b:29:67:44:34:36:1a:ea:25:27:95:05:81:4a:f1:02:
15:b9:a9:18:1a:2c:e7:fd:3b:6e:47:9f:54:2f:ac:30:44:9d:
d8:cd:0d:c9:45:d9:c3:f1:04:15:b1:0e:b3:2f:0b:67:df:65:
24:1b:98:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYaXSAWk4A3uMWZ+zuz3MGMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwMjI4MDkwODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc5NTI1YjE1YmY2NjNhNzYwNTU4N2ZiMzg2ZmY0MTNmNDQzYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AtiqD4bmTLIA0HZKBw1v6s6cXp+
YFby1BEeFk0cPioY5a5dfKwbbFY8pncvjh50mLAZlcMjTaocDjJzeo1Y2cJnvZTH
xrKSLMUszoSQykU54wE8hRuoYxbf8uiD+Sn6JY/zCGMgP2/59lBlxzWOKtSeoBXw
2msnA88aRL7Ee66FQbfWaMLNi88EhSRcXGlqbzrR57n6TemT+FRdqryu8o66Uzvl
F3Fg4YV5dWzhw74VX8c9zESNi5swlcOQGCbauWKlxGkgWUWlQ9UxOUeri1fHyD/k
d4pRAfwfuT5LpmmX6GYFTRT7MqjFfB+JlSqyzltT2PA8nc88i8S+C8hbMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOJ5UlsVv2Y6dgVYf7OG/0E/RDs3MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvNG5sU1d4V19aanAyQlZoX3M0Yl9RVDlFT3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKBsM7uhnnA/WtSgq+w/3UWvsqZFqdeJtbkNmvuX9
ajJ6ysKPMGCIqeFm3NMx806JTc1K9eXagxUYIH4sTB+PHOVOvlmtZj1XKW0x48LK
3CEMyeqhRMVQECUaYOTcEnxlcn4WBQxchv9gi0u30PAPpwi+zlax6ea3jfgt1yuN
H6RliHjI1bcgCSBIUGVAeh3Ot8s/am+uGUJzA1GMfM6gADkw/tduFBqJ6lxTtyOa
2yA0OzDkXBocYIW7KjNokB8qUBKVMIvPsICLKWdENDYa6iUnlQWBSvECFbmpGBos
5/07bkefVC+sMESd2M0NyUXZw/EEFbEOsy8LZ99lJBuYpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org