Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8pmdfGzcLepgwdy8dR6M79lnBv0.roa
File: 8pmdfGzcLepgwdy8dR6M79lnBv0.roa (raw, json)
Hash identifier: XKRt9UV7ywlgAqOTvHD9IvxqIOh4iNuvXgGG+oiBUdU=
Subject key identifier: F2:99:9D:7C:6C:DC:2D:EA:60:C1:DC:BC:75:1E:8C:EF:D9:67:06:FD
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018E37CED3250C9E6E7B15871C84C394E747
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8pmdfGzcLepgwdy8dR6M79lnBv0.roa
Signing time: Wed 13 Mar 2024 12:34:44 +0000
ROA not before: Wed 13 Mar 2024 12:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 2a07:6080::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:ce:d3:25:0c:9e:6e:7b:15:87:1c:84:c3:94:e7:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 13 12:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2999d7c6cdc2dea60c1dcbc751e8cefd96706fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:af:45:2e:51:50:ac:da:9e:4e:05:d6:70:66:
b7:33:b8:c3:b7:d5:f1:08:b8:d5:02:c7:ea:e7:ff:
56:6f:52:4f:9a:34:ce:91:e7:58:a3:1a:91:75:b9:
6f:7b:c4:9c:57:76:74:42:94:2e:23:c8:5f:f9:37:
e2:1f:33:49:53:bd:c7:79:6e:d4:46:c5:ea:bd:45:
12:80:ad:03:94:c7:71:42:c1:bb:81:3b:bd:a4:56:
e2:4f:4b:64:26:cb:f2:64:53:c6:df:47:e0:ea:e1:
92:91:de:fe:5e:35:f7:45:02:57:8a:f3:34:d2:b1:
27:0b:f6:2d:b2:b3:73:6a:9a:9b:0b:a3:4d:5b:f2:
66:29:ad:96:2a:58:76:2e:d9:47:1e:5f:a9:69:fb:
5a:3a:7a:0b:3b:28:4d:e8:8a:b3:dc:9c:31:9f:4d:
26:3d:50:b9:12:28:b1:97:63:0b:78:bb:6c:2f:d8:
7a:d7:0d:d0:87:f9:6c:79:ef:a4:57:8b:53:3e:5d:
94:cf:d2:f8:97:cd:7c:92:c6:d8:78:86:8c:69:62:
01:aa:82:9a:9e:87:1b:76:aa:57:c4:7a:5d:f4:7b:
d8:cf:93:9e:ff:d9:18:d1:8b:7b:1c:e7:cf:cf:26:
25:1c:51:d0:7b:6c:57:a8:a3:d6:0c:04:fc:02:f0:
9a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:99:9D:7C:6C:DC:2D:EA:60:C1:DC:BC:75:1E:8C:EF:D9:67:06:FD
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8pmdfGzcLepgwdy8dR6M79lnBv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6080::/29
Signature Algorithm: sha256WithRSAEncryption
81:6b:2c:47:1a:c5:e5:c9:09:47:f0:7a:e0:18:77:19:ce:19:
48:33:ea:71:23:ea:06:de:83:04:36:08:00:66:d8:0e:89:ff:
dc:0b:40:d6:59:9b:77:98:3e:67:1f:9d:7a:c2:a0:95:cd:99:
69:58:c9:89:a9:77:91:77:78:fa:a3:69:42:95:c1:84:2c:81:
53:ca:8e:2f:e6:c5:b4:2e:6d:f7:f6:34:fa:16:11:c4:0d:69:
46:8c:9c:8a:ad:3c:06:4b:eb:be:94:4e:40:32:f6:0c:7c:62:
a4:d9:5f:65:58:be:b7:cc:67:49:b3:11:f2:58:27:47:92:0a:
fb:9c:78:e5:dd:8a:74:3f:c9:d4:0a:21:cb:37:8f:d4:13:57:
53:df:21:d8:b1:25:9c:7d:e1:d0:01:f3:cc:50:5a:e0:85:02:
94:81:41:c1:d5:77:29:c9:f8:7e:a8:c6:57:60:1f:ff:e7:5c:
19:c7:98:99:72:bb:ab:0e:c2:9c:94:83:45:04:2f:67:b3:cd:
4c:51:92:6a:be:9a:2c:e2:05:27:91:cd:9b:42:45:8f:07:f3:
c9:e7:e1:76:8e:a3:8a:0e:cb:53:b5:c5:fc:4d:38:da:50:e0:
29:9a:50:96:ca:3f:15:1a:01:18:66:90:41:e0:00:c9:11:5a:
5a:e6:bf:ef
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY43ztMlDJ5uexWHHITDlOdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMzEzMTIzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk5OWQ3YzZjZGMyZGVhNjBjMWRjYmM3NTFlOGNlZmQ5NjcwNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp69FLlFQrNqeTgXWcGa3M7jDt9Xx
CLjVAsfq5/9Wb1JPmjTOkedYoxqRdblve8ScV3Z0QpQuI8hf+TfiHzNJU73HeW7U
RsXqvUUSgK0DlMdxQsG7gTu9pFbiT0tkJsvyZFPG30fg6uGSkd7+XjX3RQJXivM0
0rEnC/YtsrNzapqbC6NNW/JmKa2WKlh2LtlHHl+paftaOnoLOyhN6Iqz3Jwxn00m
PVC5Eiixl2MLeLtsL9h61w3Qh/lsee+kV4tTPl2Uz9L4l818ksbYeIaMaWIBqoKa
nocbdqpXxHpd9HvYz5Oe/9kY0Yt7HOfPzyYlHFHQe2xXqKPWDAT8AvCaHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPKZnXxs3C3qYMHcvHUejO/ZZwb9MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvOHBtZGZHemNMZXBnd2R5OGRSNk03OWxuQnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdggDAN
BgkqhkiG9w0BAQsFAAOCAQEAgWssRxrF5ckJR/B64Bh3Gc4ZSDPqcSPqBt6DBDYI
AGbYDon/3AtA1lmbd5g+Zx+desKglc2ZaVjJial3kXd4+qNpQpXBhCyBU8qOL+bF
tC5t9/Y0+hYRxA1pRoyciq08BkvrvpROQDL2DHxipNlfZVi+t8xnSbMR8lgnR5IK
+5x45d2KdD/J1AohyzeP1BNXU98h2LElnH3h0AHzzFBa4IUClIFBwdV3Kcn4fqjG
V2Af/+dcGceYmXK7qw7CnJSDRQQvZ7PNTFGSar6aLOIFJ5HNm0JFjwfzyefhdo6j
ig7LU7XF/E042lDgKZpQlso/FRoBGGaQQeAAyRFaWua/7w==
-----END CERTIFICATE-----
Generated at Fri Mar 22 16:04:37 2024 by rpki-client on console-fra.rpki-client.org