Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/R7H8TLIcooB19bKlLgNpEn9xsq4.roa
File: R7H8TLIcooB19bKlLgNpEn9xsq4.roa (raw, json)
Hash identifier: qWG/9nwxIrpVS2cTuF4wEYEn9Rhe2OIenaDcm0QGu0c=
Subject key identifier: 47:B1:FC:4C:B2:1C:A2:80:75:F5:B2:A5:2E:03:69:12:7F:71:B2:AE
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018CC42549EA581D9B7BA91AE035B69838E0
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/R7H8TLIcooB19bKlLgNpEn9xsq4.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16223
IP address blocks: 2a00:1210:fffd::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:49:ea:58:1d:9b:7b:a9:1a:e0:35:b6:98:38:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47b1fc4cb21ca28075f5b2a52e0369127f71b2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:e5:ef:40:9e:7e:29:23:f7:77:13:c9:5a:
54:a5:e1:f3:ce:1a:cb:c1:39:a2:47:f2:a8:c9:31:
38:40:6d:4f:66:40:59:3e:c3:f0:04:aa:74:11:c7:
b4:fe:81:d1:09:01:a6:78:38:f2:fc:b9:d2:be:cb:
ae:58:0f:92:c2:8b:32:8d:16:42:f8:43:e0:8b:1e:
01:01:4d:00:e8:62:55:8d:b8:ce:e4:1f:09:ea:f7:
9b:83:53:be:4e:38:78:fa:85:c4:fe:93:ed:ce:ed:
f1:76:3b:81:a6:89:c9:74:72:7b:00:e9:ad:76:19:
2a:d4:cb:e8:be:7a:21:15:e4:cc:ba:3f:73:2c:c4:
dd:d7:30:6d:03:29:61:f4:94:be:dd:f7:32:8c:54:
84:54:40:04:ab:df:a8:18:01:5e:3c:71:e8:4b:4e:
f9:9a:4f:bb:98:64:51:20:6d:49:b3:e3:28:ee:30:
37:f7:48:3c:31:f3:5e:23:05:6e:78:bb:d7:c0:e8:
61:f3:21:1e:05:93:00:c0:ef:f7:e8:99:3c:7b:66:
e0:81:4f:42:34:24:a1:0e:79:07:e3:8c:df:f7:91:
1b:88:79:39:00:2d:c5:69:67:38:f3:57:26:ac:f8:
24:ac:93:3d:e3:56:66:62:21:2a:2b:7d:32:3f:9f:
3a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B1:FC:4C:B2:1C:A2:80:75:F5:B2:A5:2E:03:69:12:7F:71:B2:AE
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/R7H8TLIcooB19bKlLgNpEn9xsq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1210:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
d5:02:48:65:e4:f1:93:8f:27:1f:69:49:bd:f9:86:62:6e:bd:
12:5d:7f:03:74:ef:51:a7:66:6f:e6:90:61:5a:43:28:3b:b6:
33:4c:37:e9:ec:66:1f:62:45:46:27:2e:e2:12:a6:ab:70:f8:
a1:ce:28:e4:62:2b:11:af:80:6d:c8:f8:17:0d:4f:df:ac:3f:
66:c3:a7:79:1b:af:57:ff:41:3a:36:90:8a:ae:a1:54:50:b4:
67:3f:a8:23:7d:51:5d:26:39:9e:b7:27:f0:c3:fa:01:5d:47:
54:e3:de:df:10:d9:78:9e:5d:69:d5:9f:07:2a:38:b1:95:e4:
18:f5:98:e4:94:fc:79:5e:b0:17:1e:ec:79:e3:34:9b:f6:36:
85:3b:c9:05:7d:77:5c:c0:11:fd:9c:3e:68:1a:bc:de:2c:1a:
c0:78:52:bd:ef:28:f6:ed:da:f0:40:a5:d9:6b:ef:3d:43:18:
cc:e4:5f:0c:f9:7e:d6:f9:bc:29:bd:6b:b4:69:b2:4a:9a:17:
0c:2c:99:ec:9d:79:fc:55:b2:0d:c4:ac:cc:a9:9a:f5:dc:d0:
b4:e0:c9:f8:cc:1c:7b:a2:0b:76:7b:9f:2c:d5:3c:7f:0c:85:
e0:13:58:4d:8c:69:8f:f1:7c:0c:80:2a:ab:bd:5d:43:03:7a:
95:41:89:ae
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJUnqWB2be6ka4DW2mDjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2IxZmM0Y2IyMWNhMjgwNzVmNWIyYTUyZTAzNjkxMjdmNzFiMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrvl70Cefikj93cTyVpUpeHzzhrL
wTmiR/KoyTE4QG1PZkBZPsPwBKp0Ece0/oHRCQGmeDjy/LnSvsuuWA+SwosyjRZC
+EPgix4BAU0A6GJVjbjO5B8J6vebg1O+Tjh4+oXE/pPtzu3xdjuBponJdHJ7AOmt
dhkq1MvovnohFeTMuj9zLMTd1zBtAylh9JS+3fcyjFSEVEAEq9+oGAFePHHoS075
mk+7mGRRIG1Js+Mo7jA390g8MfNeIwVueLvXwOhh8yEeBZMAwO/36Jk8e2bggU9C
NCShDnkH44zf95EbiHk5AC3FaWc481cmrPgkrJM941ZmYiEqK30yP586jQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEex/EyyHKKAdfWypS4DaRJ/cbKuMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvUjdIOFRMSWNvb0IxOWJLbExnTnBFbjl4c3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgASEP/9
MA0GCSqGSIb3DQEBCwUAA4IBAQDVAkhl5PGTjycfaUm9+YZibr0SXX8DdO9Rp2Zv
5pBhWkMoO7YzTDfp7GYfYkVGJy7iEqarcPihzijkYisRr4BtyPgXDU/frD9mw6d5
G69X/0E6NpCKrqFUULRnP6gjfVFdJjmetyfww/oBXUdU497fENl4nl1p1Z8HKjix
leQY9ZjklPx5XrAXHux54zSb9jaFO8kFfXdcwBH9nD5oGrzeLBrAeFK97yj27drw
QKXZa+89QxjM5F8M+X7W+bwpvWu0abJKmhcMLJnsnXn8VbINxKzMqZr13NC04Mn4
zBx7ogt2e58s1Tx/DIXgE1hNjGmP8XwMgCqrvV1DA3qVQYmu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:49 2024 by rpki-client on console-fra.rpki-client.org