Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e85a41-b3ff-4fcd-80b2-4aabec0d30a3/1/8pmtNhGF6rvsmv5S9zOllw0Uaqc.roa
File: 8pmtNhGF6rvsmv5S9zOllw0Uaqc.roa (raw, json)
Hash identifier: sZNkdObniepnEPFo6aOB3YiNwWwA/bU43hzExQ7Az/Q=
Subject key identifier: F2:99:AD:36:11:85:EA:BB:EC:9A:FE:52:F7:33:A5:97:0D:14:6A:A7
Certificate issuer: /CN=9fb79d298110b6fb319301ebc22bf180e7054796
Certificate serial: 0185718324FE2F2E1B20641CDD67D8A20E7C
Authority key identifier: 9F:B7:9D:29:81:10:B6:FB:31:93:01:EB:C2:2B:F1:80:E7:05:47:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7edKYEQtvsxkwHrwivxgOcFR5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e85a41-b3ff-4fcd-80b2-4aabec0d30a3/1/8pmtNhGF6rvsmv5S9zOllw0Uaqc.roa
Signing time: Mon 02 Jan 2023 08:04:58 +0000
ROA not before: Mon 02 Jan 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8949
IP address blocks: 2001:67c:7bc::/48 maxlen: 48
2001:67c:560::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:24:fe:2f:2e:1b:20:64:1c:dd:67:d8:a2:0e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb79d298110b6fb319301ebc22bf180e7054796
Validity
Not Before: Jan 2 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f299ad361185eabbec9afe52f733a5970d146aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:fd:07:65:b0:18:de:db:f3:1c:b3:0f:b4:
aa:e6:e3:0f:78:81:b0:ea:9b:13:c7:d2:bb:eb:02:
98:d2:26:e4:08:82:01:38:76:a9:01:f6:5f:a2:fe:
7a:bd:cd:37:ed:25:b2:80:7e:5f:a6:db:45:3d:97:
cf:57:32:f1:f5:a4:be:48:77:8c:3b:18:3f:96:07:
2e:a6:9d:56:7e:3f:d1:33:e6:a4:97:b2:8d:56:4e:
9a:77:d7:6c:f8:5b:28:16:07:8f:42:c7:13:5a:56:
3d:4e:aa:51:4d:a4:01:c6:7d:d5:af:2b:6e:d2:39:
35:bf:5f:5d:b6:21:0d:39:66:cc:b4:7b:81:54:d8:
a6:3f:cd:69:bf:c5:a1:b0:dd:53:c0:51:d0:95:aa:
31:d3:8b:ea:75:ca:66:71:cb:3c:01:35:cc:31:b5:
7e:93:08:7a:e2:f5:c4:08:86:07:7b:46:e1:58:55:
35:c8:1a:9e:90:97:d3:c7:63:29:f2:50:fb:8e:57:
0f:f2:b0:41:83:ac:58:d7:7f:6e:32:28:4f:4f:1e:
a4:4d:14:c5:6c:b7:ab:fa:01:55:3f:e7:5f:74:bf:
f9:e2:13:99:73:a2:78:b7:ea:e6:cf:18:74:01:8b:
02:e7:c7:e1:03:e6:3b:88:f8:93:9e:8f:6e:d8:31:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:99:AD:36:11:85:EA:BB:EC:9A:FE:52:F7:33:A5:97:0D:14:6A:A7
X509v3 Authority Key Identifier:
keyid:9F:B7:9D:29:81:10:B6:FB:31:93:01:EB:C2:2B:F1:80:E7:05:47:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7edKYEQtvsxkwHrwivxgOcFR5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e85a41-b3ff-4fcd-80b2-4aabec0d30a3/1/8pmtNhGF6rvsmv5S9zOllw0Uaqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e85a41-b3ff-4fcd-80b2-4aabec0d30a3/1/n7edKYEQtvsxkwHrwivxgOcFR5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:560::/48
2001:67c:7bc::/48
Signature Algorithm: sha256WithRSAEncryption
74:45:c2:c4:b6:63:97:46:ec:73:42:92:70:61:2a:44:a5:6e:
d4:ec:16:74:8a:46:b6:22:39:a2:0f:0b:18:b3:eb:c7:e2:a6:
41:76:2a:49:da:4b:08:98:9f:ac:81:9a:d8:b7:ea:05:47:06:
80:cb:ee:e8:30:22:d0:81:34:a7:f5:0f:14:bf:5f:9f:ea:24:
bd:1b:c0:0f:86:76:ac:6f:24:24:25:36:3e:19:79:3f:4d:79:
44:17:3c:b4:46:b5:51:07:46:aa:b0:c5:da:48:d5:58:58:10:
57:47:7b:e5:b0:71:ec:03:7c:05:82:7f:be:7e:f6:e8:67:2e:
1f:dd:a3:f9:07:10:3a:51:4d:5a:ff:af:a4:64:17:f2:f5:29:
89:16:1f:0c:5b:8f:77:b7:a5:37:5e:d4:16:a4:3a:ea:80:cd:
d7:f5:ac:8e:fb:65:e2:0e:fb:58:54:eb:23:28:ae:c6:8f:44:
4a:dc:d9:10:d8:99:60:e1:d9:3a:ac:9c:bb:ea:2a:7b:c9:4b:
a6:d4:4c:fb:9e:48:5f:08:5d:60:44:be:63:ae:9f:cd:c0:bd:
96:94:7b:b9:91:93:7e:38:3e:f2:44:0b:4d:83:ae:e4:1a:64:
28:7e:69:45:6c:3d:38:6c:f5:f8:eb:15:bc:b9:5e:9c:26:8e:
af:30:45:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxgyT+Ly4bIGQc3WfYog58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjc5ZDI5ODExMGI2ZmIzMTkzMDFlYmMyMmJmMTgwZTcw
NTQ3OTYwHhcNMjMwMTAyMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk5YWQzNjExODVlYWJiZWM5YWZlNTJmNzMzYTU5NzBkMTQ2YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC/9B2WwGN7b8xyzD7Sq5uMPeIGw
6psTx9K76wKY0ibkCIIBOHapAfZfov56vc037SWygH5fpttFPZfPVzLx9aS+SHeM
Oxg/lgcupp1Wfj/RM+akl7KNVk6ad9ds+FsoFgePQscTWlY9TqpRTaQBxn3Vrytu
0jk1v19dtiENOWbMtHuBVNimP81pv8WhsN1TwFHQlaox04vqdcpmccs8ATXMMbV+
kwh64vXECIYHe0bhWFU1yBqekJfTx2Mp8lD7jlcP8rBBg6xY139uMihPTx6kTRTF
bLer+gFVP+dfdL/54hOZc6J4t+rmzxh0AYsC58fhA+Y7iPiTno9u2DEiFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPKZrTYRheq77Jr+UvczpZcNFGqnMB8GA1UdIwQY
MBaAFJ+3nSmBELb7MZMB68Ir8YDnBUeWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdlZEtZRVF0dnN4a3dIcndpdnhnT2NGUjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lODVhNDEtYjNmZi00ZmNkLTgwYjIt
NGFhYmVjMGQzMGEzLzEvOHBtdE5oR0Y2cnZzbXY1Uzl6T2xsdzBVYXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lODVhNDEtYjNmZi00ZmNkLTgwYjItNGFhYmVjMGQzMGEz
LzEvbjdlZEtZRVF0dnN4a3dIcndpdnhnT2NGUjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAVg
AwcAIAEGfAe8MA0GCSqGSIb3DQEBCwUAA4IBAQB0RcLEtmOXRuxzQpJwYSpEpW7U
7BZ0ika2IjmiDwsYs+vH4qZBdipJ2ksImJ+sgZrYt+oFRwaAy+7oMCLQgTSn9Q8U
v1+f6iS9G8APhnasbyQkJTY+GXk/TXlEFzy0RrVRB0aqsMXaSNVYWBBXR3vlsHHs
A3wFgn++fvboZy4f3aP5BxA6UU1a/6+kZBfy9SmJFh8MW493t6U3XtQWpDrqgM3X
9ayO+2XiDvtYVOsjKK7Gj0RK3NkQ2Jlg4dk6rJy76ip7yUum1Ez7nkhfCF1gRL5j
rp/NwL2WlHu5kZN+OD7yRAtNg67kGmQofmlFbD04bPX46xW8uV6cJo6vMEUx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org