Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/x1rFK4N9LAxv006ME94TrEiblMk.roa
File: x1rFK4N9LAxv006ME94TrEiblMk.roa (raw, json)
Hash identifier: rI2scg9nX7tvLWHjnxKhJBwYCUyTaNQajloqZv3l5nI=
Subject key identifier: C7:5A:C5:2B:83:7D:2C:0C:6F:D3:4E:8C:13:DE:13:AC:48:9B:94:C9
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018A191DCA9DD4CE35BAE22F85403F05044F
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/x1rFK4N9LAxv006ME94TrEiblMk.roa
Signing time: Mon 21 Aug 2023 17:21:37 +0000
ROA not before: Mon 21 Aug 2023 17:21:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208398
IP address blocks: 2a13:a400::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Dec 2023 16:27:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:1d:ca:9d:d4:ce:35:ba:e2:2f:85:40:3f:05:04:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Aug 21 17:21:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c75ac52b837d2c0c6fd34e8c13de13ac489b94c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a8:a9:5e:41:a8:d8:0d:6f:0f:0f:96:00:73:
09:c8:9b:0d:ba:d9:26:11:f7:40:3e:e5:39:3f:e9:
6e:63:a8:bd:fe:8c:cc:87:1e:21:b9:98:42:b9:1f:
08:2f:65:1c:dd:30:cd:cb:c5:e9:e2:79:c2:e3:48:
18:c2:0e:63:94:e0:c7:25:0b:64:3d:ae:0d:d8:b6:
4d:76:2f:c4:47:b6:e7:f0:24:0a:d8:6d:7e:78:bd:
3c:5a:0a:4f:3a:32:12:85:34:5f:b1:1a:6f:cb:0e:
65:35:29:d2:f7:12:87:ea:96:1e:ac:35:60:5d:5c:
7e:e5:29:e2:36:63:4e:68:c9:b5:0b:dd:a3:f1:0c:
cd:63:b9:bf:22:46:17:be:35:17:7f:4c:f1:ee:35:
24:6e:c6:cb:80:14:ba:2d:a0:c1:4d:04:2d:f0:ae:
f1:fc:59:ab:c8:2f:d8:76:94:c0:9a:52:d7:37:a1:
69:c8:66:01:87:65:41:03:59:29:7a:37:0c:1b:14:
12:ec:ae:2c:dc:c5:89:36:d6:51:e0:e2:92:bc:95:
9f:9e:75:87:bb:7e:48:f7:16:db:8c:9a:00:36:83:
a6:e4:31:c4:b8:7e:98:f9:f3:0f:55:3b:b2:55:62:
0e:5c:57:9a:0b:c0:b9:62:3f:03:06:f4:e6:13:56:
69:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5A:C5:2B:83:7D:2C:0C:6F:D3:4E:8C:13:DE:13:AC:48:9B:94:C9
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/x1rFK4N9LAxv006ME94TrEiblMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a400::/29
Signature Algorithm: sha256WithRSAEncryption
0f:59:cf:21:b2:59:38:86:72:39:87:9f:45:bd:de:83:de:09:
03:28:48:7a:ae:a0:75:55:f9:88:76:4e:53:1c:0a:7d:d0:d7:
cd:18:98:a3:0b:17:70:ee:a7:66:31:b9:6f:cd:e3:80:c5:c3:
ab:12:60:27:8d:bf:5c:02:34:7a:22:b5:c4:09:57:5d:b0:f7:
9f:18:86:ef:7a:2c:b0:4a:7c:45:3f:65:bb:eb:f0:b0:52:d0:
f6:54:3e:e7:bd:50:52:9f:43:1e:f1:41:a1:25:9c:5f:1a:c8:
e9:a0:57:42:24:0a:95:70:3d:b9:ec:af:dd:66:cd:92:68:1b:
7c:d2:f7:a2:d1:69:b3:5a:6c:a3:f4:d9:de:2e:59:de:fe:19:
3e:bb:60:23:69:3c:39:05:44:10:64:09:5d:26:0e:fc:ce:84:
61:e1:ed:9a:3c:30:2a:c3:95:17:0f:a5:2e:ae:b3:2e:66:36:
61:08:cc:38:7c:c3:04:e2:44:a3:bb:85:f8:45:7a:79:53:3f:
15:39:0e:39:3c:60:4b:bc:86:f8:76:14:6c:39:c0:1e:23:cb:
b3:da:f9:35:8b:8b:7f:be:e3:4e:b6:cf:02:e2:fa:50:1a:64:
15:66:8c:10:9e:ee:19:f5:b8:7a:55:6c:df:0f:df:d0:09:21:
cf:8e:96:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYoZHcqd1M41uuIvhUA/BQRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjMwODIxMTcyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVhYzUyYjgzN2QyYzBjNmZkMzRlOGMxM2RlMTNhYzQ4OWI5NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqipXkGo2A1vDw+WAHMJyJsNutkm
EfdAPuU5P+luY6i9/ozMhx4huZhCuR8IL2Uc3TDNy8Xp4nnC40gYwg5jlODHJQtk
Pa4N2LZNdi/ER7bn8CQK2G1+eL08WgpPOjIShTRfsRpvyw5lNSnS9xKH6pYerDVg
XVx+5SniNmNOaMm1C92j8QzNY7m/IkYXvjUXf0zx7jUkbsbLgBS6LaDBTQQt8K7x
/FmryC/YdpTAmlLXN6FpyGYBh2VBA1kpejcMGxQS7K4s3MWJNtZR4OKSvJWfnnWH
u35I9xbbjJoANoOm5DHEuH6Y+fMPVTuyVWIOXFeaC8C5Yj8DBvTmE1ZpwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMdaxSuDfSwMb9NOjBPeE6xIm5TJMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEveDFyRks0TjlMQXh2MDA2TUU5NFRyRWlibE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOkADAN
BgkqhkiG9w0BAQsFAAOCAQEAD1nPIbJZOIZyOYefRb3eg94JAyhIeq6gdVX5iHZO
UxwKfdDXzRiYowsXcO6nZjG5b83jgMXDqxJgJ42/XAI0eiK1xAlXXbD3nxiG73os
sEp8RT9lu+vwsFLQ9lQ+571QUp9DHvFBoSWcXxrI6aBXQiQKlXA9ueyv3WbNkmgb
fNL3otFps1pso/TZ3i5Z3v4ZPrtgI2k8OQVEEGQJXSYO/M6EYeHtmjwwKsOVFw+l
Lq6zLmY2YQjMOHzDBOJEo7uF+EV6eVM/FTkOOTxgS7yG+HYUbDnAHiPLs9r5NYuL
f77jTrbPAuL6UBpkFWaMEJ7uGfW4elVs3w/f0Akhz46Wcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:48 2024 by rpki-client on console-fra.rpki-client.org