Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/k8bVKCXu3K0KlMi_UVo8BwoVSbM.roa
File: k8bVKCXu3K0KlMi_UVo8BwoVSbM.roa (raw, json)
Hash identifier: GFtW2UP51+EqE6RLpy0Xj0WPxdtYahIQyWWXCtRYHeI=
Subject key identifier: 93:C6:D5:28:25:EE:DC:AD:0A:94:C8:BF:51:5A:3C:07:0A:15:49:B3
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 01856CCAC9887885434713FDB9212382BA0A
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/k8bVKCXu3K0KlMi_UVo8BwoVSbM.roa
Signing time: Sun 01 Jan 2023 10:05:07 +0000
ROA not before: Sun 01 Jan 2023 10:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34878
IP address blocks: 141.52.0.0/16 maxlen: 16
129.13.0.0/16 maxlen: 16
141.3.0.0/16 maxlen: 16
2a00:1398::/29 maxlen: 29
2a00:1398::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:c9:88:78:85:43:47:13:fd:b9:21:23:82:ba:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 10:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93c6d52825eedcad0a94c8bf515a3c070a1549b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f1:cc:56:4f:93:a7:85:d2:07:ef:db:8c:da:
c1:cc:78:af:45:a2:b5:36:d9:89:1e:d4:c4:1c:91:
01:19:b1:ef:57:7d:c0:08:ad:2e:04:08:ce:02:00:
71:d7:49:de:bc:04:ed:19:db:35:a0:84:9c:a7:ca:
c7:fb:2d:fd:a3:75:17:ab:40:19:e5:64:a8:43:12:
6f:6c:29:71:8c:f1:d2:f3:7b:d3:b8:17:87:44:fb:
20:a9:e3:23:4e:df:00:52:f1:09:a6:83:01:2a:c5:
11:f7:d3:0d:1a:06:93:12:38:38:49:ef:6d:09:e9:
88:7d:a6:db:a2:02:91:1f:cd:79:25:57:91:ed:2f:
a8:2e:fb:43:5d:d6:99:26:a6:e8:c4:6c:b7:24:93:
be:0c:c6:b0:07:4c:5e:ba:a7:6d:f8:f6:99:44:a3:
b5:19:ac:b0:72:ab:0c:d9:19:94:27:6b:53:40:8f:
99:6d:19:87:fe:b6:da:af:4c:ac:79:a7:eb:b3:17:
c1:23:a7:34:fc:8f:2a:c4:b9:e1:6a:2f:c2:08:70:
0b:b9:4b:7f:b3:32:21:26:4f:73:c2:d8:ef:79:02:
95:02:49:54:05:f7:06:a7:04:dd:74:ef:e3:35:6c:
a9:2f:c4:2d:09:70:d1:df:7c:1f:01:d3:6f:a4:49:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C6:D5:28:25:EE:DC:AD:0A:94:C8:BF:51:5A:3C:07:0A:15:49:B3
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/k8bVKCXu3K0KlMi_UVo8BwoVSbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.13.0.0/16
141.3.0.0/16
141.52.0.0/16
IPv6:
2a00:1398::/29
Signature Algorithm: sha256WithRSAEncryption
18:6d:9e:9e:59:06:2a:3b:f7:b2:3c:33:d0:eb:a7:07:37:82:
48:f6:4c:b9:47:03:70:16:d7:79:e4:09:46:f3:03:b9:8e:e1:
f5:db:20:1d:13:36:9e:fd:9c:1e:90:ec:d5:f3:d3:04:b5:c4:
38:97:9b:68:10:d1:31:5f:72:07:73:3a:24:01:24:cd:f0:24:
5b:6d:c3:8b:42:5d:b2:ad:1e:88:b3:d9:31:ed:9c:7d:a9:9e:
4c:50:12:62:64:4a:0c:9a:36:3b:6f:d5:02:f3:01:21:25:e9:
92:96:bd:33:25:3e:df:79:97:03:52:ee:01:f9:9d:be:f2:22:
c2:95:17:76:a1:95:59:61:66:47:ee:ed:c0:21:11:ff:d6:59:
c2:4a:e8:e1:bd:a0:71:d3:e4:c4:17:43:02:6c:14:0d:93:a5:
03:e1:77:99:77:77:ab:22:35:9e:e6:73:ac:c6:7b:38:fc:66:
c9:66:79:b0:b0:5b:4b:71:f3:6c:b6:aa:ec:9b:ae:2b:d2:c9:
4d:49:77:b3:ae:c8:63:c1:cd:a9:bf:fa:3e:52:df:c1:9d:77:
a4:90:fa:99:c2:f1:b1:82:c8:ab:81:10:8a:74:f5:48:c4:57:
f0:63:06:38:f1:bb:31:5b:1b:43:55:19:ab:ce:9d:8a:e6:f8:
18:08:71:1d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsysmIeIVDRxP9uSEjgroKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjMwMTAxMTAwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2M2ZDUyODI1ZWVkY2FkMGE5NGM4YmY1MTVhM2MwNzBhMTU0OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPHMVk+Tp4XSB+/bjNrBzHivRaK1
NtmJHtTEHJEBGbHvV33ACK0uBAjOAgBx10nevATtGds1oIScp8rH+y39o3UXq0AZ
5WSoQxJvbClxjPHS83vTuBeHRPsgqeMjTt8AUvEJpoMBKsUR99MNGgaTEjg4Se9t
CemIfabbogKRH815JVeR7S+oLvtDXdaZJqboxGy3JJO+DMawB0xeuqdt+PaZRKO1
GaywcqsM2RmUJ2tTQI+ZbRmH/rbar0yseafrsxfBI6c0/I8qxLnhai/CCHALuUt/
szIhJk9zwtjveQKVAklUBfcGpwTddO/jNWypL8QtCXDR33wfAdNvpEl51wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJPG1Sgl7tytCpTIv1FaPAcKFUmzMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvazhiVktDWHUzSzBLbE1pX1VWbzhCd29WU2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAVBAIAATAPAwMAgQ0DAwCN
AwMDAI00MA0EAgACMAcDBQMqABOYMA0GCSqGSIb3DQEBCwUAA4IBAQAYbZ6eWQYq
O/eyPDPQ66cHN4JI9ky5RwNwFtd55AlG8wO5juH12yAdEzae/ZwekOzV89MEtcQ4
l5toENExX3IHczokASTN8CRbbcOLQl2yrR6Is9kx7Zx9qZ5MUBJiZEoMmjY7b9UC
8wEhJemSlr0zJT7feZcDUu4B+Z2+8iLClRd2oZVZYWZH7u3AIRH/1lnCSujhvaBx
0+TEF0MCbBQNk6UD4XeZd3erIjWe5nOsxns4/GbJZnmwsFtLcfNstqrsm64r0slN
SXezrshjwc2pv/o+Ut/BnXekkPqZwvGxgsirgRCKdPVIxFfwYwY48bsxWxtDVRmr
zp2K5vgYCHEd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org