Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa
File: sowHnpfajQiFRyzxJT7guqI_xhM.roa (raw, json)
Hash identifier: TkZ5x/FBzwYA8Fng0owed7DijPlKhB5yMaycJFr7BOI=
Subject key identifier: B2:8C:07:9E:97:DA:8D:08:85:47:2C:F1:25:3E:E0:BA:A2:3F:C6:13
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 01856F2FE1FC0A1A05E5C1403CBF913B3AE3
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29588
IP address blocks: 2a0e:e6c0:6000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e1:fc:0a:1a:05:e5:c1:40:3c:bf:91:3b:3a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b28c079e97da8d0885472cf1253ee0baa23fc613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7a:cb:fe:57:df:d5:56:25:21:23:d1:db:50:
e0:55:d2:5e:56:2e:5a:fd:8e:65:40:f2:1a:5b:bc:
45:cc:ad:65:e8:cc:69:1a:07:87:52:9f:77:ce:2c:
78:91:f3:cb:35:8e:35:41:c1:69:23:27:65:9f:10:
ef:5f:a4:84:b5:0d:6f:f1:fd:e1:de:97:8c:d9:74:
91:cc:27:cd:9e:ae:34:c0:96:5c:c4:03:90:43:83:
f3:58:a8:63:59:05:c1:28:c2:ef:54:01:64:87:9d:
c6:43:c5:d7:e9:bc:50:3f:7f:01:d6:51:67:ab:ca:
6b:58:69:08:01:0a:1a:65:80:be:a6:a9:77:06:f6:
aa:3a:d1:87:ea:14:6f:cb:b9:b6:35:ca:69:33:17:
f6:17:88:83:43:82:0b:e1:ed:09:06:7c:42:bd:41:
5b:1e:72:45:93:c3:ae:ee:56:36:7b:05:65:70:70:
70:7e:8a:b6:e0:f3:86:b2:92:fc:5d:46:5c:79:df:
61:ad:79:17:f9:20:1e:b2:7a:9d:9a:e2:0f:07:6b:
6d:00:97:72:b4:c7:98:40:41:30:0c:aa:d3:ae:59:
f3:fe:f3:bf:8d:02:a8:e7:65:60:85:37:90:74:24:
4c:83:83:80:98:36:39:54:cc:e6:ea:e7:46:8f:b5:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8C:07:9E:97:DA:8D:08:85:47:2C:F1:25:3E:E0:BA:A2:3F:C6:13
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/sowHnpfajQiFRyzxJT7guqI_xhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e6c0:6000::/36
Signature Algorithm: sha256WithRSAEncryption
8b:bd:db:c6:f6:1b:2b:94:83:53:e8:95:20:4c:eb:b8:85:0c:
a8:52:15:d2:45:92:23:09:cb:74:3c:18:b9:1a:49:20:0b:67:
c2:de:13:1b:83:ff:2d:99:49:50:0a:f4:2b:38:31:4c:02:c8:
3a:d0:49:4c:2c:6d:99:b5:c3:ad:7e:e0:44:d3:a6:08:69:a2:
85:15:72:6b:05:6f:a4:2a:f3:3f:17:08:13:56:6c:49:f2:f8:
1f:57:08:f5:57:8f:57:e1:8b:74:96:56:15:dd:e4:55:ee:54:
4d:fd:bc:aa:b4:64:e7:64:ca:da:6f:92:38:51:89:5f:91:3b:
ef:ec:5b:e2:1b:9a:cd:42:46:43:53:b1:25:77:d7:44:8f:31:
34:2d:60:9d:86:6c:3e:9c:04:11:0f:6b:c0:d4:63:07:5d:b4:
32:fe:ec:14:a4:b3:53:91:b7:ea:b7:0d:a4:1c:e3:74:64:af:
69:72:16:ef:24:7c:c4:81:47:e5:17:10:35:df:40:97:7f:47:
a9:56:2a:5a:0b:08:21:44:58:60:67:fe:58:7c:c3:82:a6:33:
75:e4:ef:f3:bb:0c:df:f3:dd:07:9d:59:62:a3:ae:40:17:c5:
45:8e:cd:3e:1c:b0:6f:12:79:9d:dd:46:41:9f:56:20:ec:81:
8a:e4:cc:5c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvL+H8ChoF5cFAPL+ROzrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjhjMDc5ZTk3ZGE4ZDA4ODU0NzJjZjEyNTNlZTBiYWEyM2ZjNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnrL/lff1VYlISPR21DgVdJeVi5a
/Y5lQPIaW7xFzK1l6MxpGgeHUp93zix4kfPLNY41QcFpIydlnxDvX6SEtQ1v8f3h
3peM2XSRzCfNnq40wJZcxAOQQ4PzWKhjWQXBKMLvVAFkh53GQ8XX6bxQP38B1lFn
q8prWGkIAQoaZYC+pql3BvaqOtGH6hRvy7m2NcppMxf2F4iDQ4IL4e0JBnxCvUFb
HnJFk8Ou7lY2ewVlcHBwfoq24POGspL8XUZced9hrXkX+SAesnqdmuIPB2ttAJdy
tMeYQEEwDKrTrlnz/vO/jQKo52VghTeQdCRMg4OAmDY5VMzm6udGj7UHFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLKMB56X2o0IhUcs8SU+4LqiP8YTMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvc293SG5wZmFqUWlGUnl6eEpUN2d1cUlfeGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg7mwGAw
DQYJKoZIhvcNAQELBQADggEBAIu928b2GyuUg1PolSBM67iFDKhSFdJFkiMJy3Q8
GLkaSSALZ8LeExuD/y2ZSVAK9Cs4MUwCyDrQSUwsbZm1w61+4ETTpghpooUVcmsF
b6Qq8z8XCBNWbEny+B9XCPVXj1fhi3SWVhXd5FXuVE39vKq0ZOdkytpvkjhRiV+R
O+/sW+Ibms1CRkNTsSV310SPMTQtYJ2GbD6cBBEPa8DUYwddtDL+7BSks1ORt+q3
DaQc43Rkr2lyFu8kfMSBR+UXEDXfQJd/R6lWKloLCCFEWGBn/lh8w4KmM3Xk7/O7
DN/z3QedWWKjrkAXxUWOzT4csG8SeZ3dRkGfViDsgYrkzFw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:04 2024 by rpki-client on console-fra.rpki-client.org