Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/BaeD0zATOyB5XlW9J3UFbEGauas.roa
File: BaeD0zATOyB5XlW9J3UFbEGauas.roa (raw, json)
Hash identifier: CYx/4dR6YFpIpY/Yrq00WYrU+10o45bg4UDk9nyKQqA=
Subject key identifier: 05:A7:83:D3:30:13:3B:20:79:5E:55:BD:27:75:05:6C:41:9A:B9:AB
Certificate issuer: /CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Certificate serial: 018CC5004C44D5A456F183B3A5F2BBAE247B
Authority key identifier: 52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/BaeD0zATOyB5XlW9J3UFbEGauas.roa
Signing time: Mon 01 Jan 2024 12:29:40 +0000
ROA not before: Mon 01 Jan 2024 12:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:4c:44:d5:a4:56:f1:83:b3:a5:f2:bb:ae:24:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Validity
Not Before: Jan 1 12:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a783d330133b20795e55bd2775056c419ab9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:82:d1:a5:32:58:37:3c:9d:53:d5:12:ee:84:
ce:b3:cb:85:41:6f:cf:54:7c:e6:e2:fb:7f:e7:30:
72:7d:b0:d2:7b:4a:10:ac:c5:2b:d1:a0:6f:10:4b:
4f:ba:57:40:8d:b7:75:b1:d9:58:55:56:6a:fb:67:
fa:fd:a5:9f:ef:9d:f1:97:73:1a:09:82:cd:ed:a2:
fe:e8:71:98:66:42:09:14:22:9a:f3:48:63:ef:7d:
bc:16:b6:14:ce:eb:68:59:d0:9b:7e:af:f2:5f:62:
a0:d5:6e:07:ee:6f:c2:e5:43:d5:da:03:18:d7:88:
0f:a1:3d:a3:5b:25:7e:e1:91:73:26:3b:a1:42:3a:
a2:60:98:cc:be:96:83:48:e1:71:0f:c1:32:fd:e9:
59:97:f7:2a:5d:06:02:c8:a8:2b:ec:af:cf:b6:9b:
75:f6:e9:50:72:5e:b6:78:42:70:22:a8:ed:46:8d:
e7:51:7f:6c:da:00:8e:37:9f:4f:27:74:3d:44:49:
f3:ef:7b:d2:83:f3:4a:f1:9f:c8:6e:df:d3:56:de:
39:4d:48:5e:a2:fa:5a:97:81:d6:ef:17:e5:90:0e:
6e:b9:fc:bd:1a:74:d2:22:a9:69:d1:c4:07:66:1e:
14:d4:20:a0:f5:af:e2:b5:30:97:5b:4d:fd:fa:e4:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A7:83:D3:30:13:3B:20:79:5E:55:BD:27:75:05:6C:41:9A:B9:AB
X509v3 Authority Key Identifier:
keyid:52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/BaeD0zATOyB5XlW9J3UFbEGauas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/UlAqKawGtl6TLhvZfX_PKcNxyz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
60:b6:f2:7e:b3:bf:71:72:79:e3:71:6f:fb:fc:39:23:f5:62:
78:b0:2f:e9:b1:9d:00:86:25:05:61:5b:9b:01:e4:58:cd:0a:
68:37:d6:86:9c:14:96:b5:0d:e0:a2:aa:a8:f0:d9:70:23:47:
aa:0a:cd:e7:3e:63:70:eb:10:24:28:38:df:7a:21:4e:82:53:
c3:e2:60:3f:e1:b5:4f:42:3b:10:9f:33:69:c4:9d:cf:a1:c2:
f2:c5:39:33:95:5e:21:9d:d3:5b:74:21:d4:da:98:2f:aa:55:
77:db:c0:e6:da:32:44:cb:f1:46:cc:a8:16:ed:d1:c7:33:41:
19:70:e4:bd:e0:00:36:ae:95:40:d5:92:2d:e4:18:b3:b3:fd:
af:a0:cf:ec:68:15:28:fe:60:4f:3d:20:c9:17:45:bd:a1:4b:
33:45:ac:96:8f:b6:09:76:cf:f1:1f:01:fd:fc:ae:f4:0b:61:
94:cd:d9:a7:ed:b0:f8:e6:e8:9a:29:a0:4d:d2:6a:6f:ba:75:
6b:40:b1:d0:c9:04:9e:62:ed:d4:6c:47:42:15:8b:c2:2f:b2:
94:87:87:95:2b:fd:30:0c:b1:7c:b2:c1:35:d5:f7:17:15:fa:
a6:30:69:b7:d5:3b:0d:5b:07:9d:a8:b8:f1:76:c8:5b:27:41:
48:2f:14:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAExE1aRW8YOzpfK7riR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTAyYTI5YWMwNmI2NWU5MzJlMWJkOTdkN2ZjZjI5YzM3
MWNiM2QwHhcNMjQwMTAxMTIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE3ODNkMzMwMTMzYjIwNzk1ZTU1YmQyNzc1MDU2YzQxOWFiOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiILRpTJYNzydU9US7oTOs8uFQW/P
VHzm4vt/5zByfbDSe0oQrMUr0aBvEEtPuldAjbd1sdlYVVZq+2f6/aWf753xl3Ma
CYLN7aL+6HGYZkIJFCKa80hj7328FrYUzutoWdCbfq/yX2Kg1W4H7m/C5UPV2gMY
14gPoT2jWyV+4ZFzJjuhQjqiYJjMvpaDSOFxD8Ey/elZl/cqXQYCyKgr7K/Ptpt1
9ulQcl62eEJwIqjtRo3nUX9s2gCON59PJ3Q9REnz73vSg/NK8Z/Ibt/TVt45TUhe
ovpal4HW7xflkA5uufy9GnTSIqlp0cQHZh4U1CCg9a/itTCXW039+uTpWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAWng9MwEzsgeV5VvSd1BWxBmrmrMB8GA1UdIwQY
MBaAFFJQKimsBrZeky4b2X1/zynDccs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUt
ZDY0OWUyMjcwOTdmLzEvQmFlRDB6QVRPeUI1WGxXOUozVUZiRUdhdWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUtZDY0OWUyMjcwOTdm
LzEvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBgtvJ+s79xcnnjcW/7/Dkj9WJ4sC/psZ0AhiUF
YVubAeRYzQpoN9aGnBSWtQ3goqqo8NlwI0eqCs3nPmNw6xAkKDjfeiFOglPD4mA/
4bVPQjsQnzNpxJ3PocLyxTkzlV4hndNbdCHU2pgvqlV328Dm2jJEy/FGzKgW7dHH
M0EZcOS94AA2rpVA1ZIt5Bizs/2voM/saBUo/mBPPSDJF0W9oUszRayWj7YJds/x
HwH9/K70C2GUzdmn7bD45uiaKaBN0mpvunVrQLHQyQSeYu3UbEdCFYvCL7KUh4eV
K/0wDLF8ssE11fcXFfqmMGm31TsNWwedqLjxdshbJ0FILxRC
-----END CERTIFICATE-----
Generated at Tue Jan 9 16:49:34 2024 by rpki-client on console-ams.rpki-client.org