Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/I-XxeuNnLay-ZqViDkF3WxpGgTc.roa
File: I-XxeuNnLay-ZqViDkF3WxpGgTc.roa (raw, json)
Hash identifier: m4eEAe3iICHAT+of7osIa1WKv5CtqZf7WcptIYSHx8U=
Subject key identifier: 23:E5:F1:7A:E3:67:2D:AC:BE:66:A5:62:0E:41:77:5B:1A:46:81:37
Certificate issuer: /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial: 018CF5B2203C913D7EBFDFA083EA964C20A1
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/I-XxeuNnLay-ZqViDkF3WxpGgTc.roa
Signing time: Wed 10 Jan 2024 23:25:40 +0000
ROA not before: Wed 10 Jan 2024 23:25:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52041
IP address blocks: 2a0c:7b82::/32 maxlen: 32
2a0c:7b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:b2:20:3c:91:3d:7e:bf:df:a0:83:ea:96:4c:20:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Validity
Not Before: Jan 10 23:25:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e5f17ae3672dacbe66a5620e41775b1a468137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d2:30:7d:e8:8c:4e:0f:55:e4:40:bc:85:f4:
2b:37:7e:06:1e:9d:70:46:57:ed:49:cd:29:af:71:
48:e7:41:04:43:ac:d5:eb:29:3e:3b:38:85:5f:03:
ef:de:71:2a:fc:7e:bb:6e:6e:92:67:bb:85:67:c8:
a4:60:1b:66:74:f4:4e:23:fc:d9:62:19:17:7d:54:
5b:b1:47:b4:60:eb:db:66:de:f7:f6:00:e3:d8:d2:
99:0f:68:ab:66:86:b4:7b:9c:a7:c1:b6:aa:76:04:
f8:f6:cb:88:9a:db:16:24:a4:66:1d:b3:ca:42:be:
8f:cb:fe:41:6d:8f:7e:f5:95:f5:e6:9f:27:46:1d:
96:26:ea:28:04:f1:d1:62:57:e7:96:e2:2b:2f:4c:
08:b0:a0:b5:5b:9d:8c:4b:7a:84:db:b5:01:c7:3a:
ce:8a:08:65:26:cf:93:f9:2d:b1:4c:48:5c:21:38:
0f:54:c0:cc:35:7a:b6:c2:22:bb:08:d9:b9:a2:ab:
cd:85:70:0e:31:da:9f:ba:6c:0f:7d:e6:bc:47:60:
fc:be:36:81:87:a6:a8:e7:c9:cb:1b:ca:36:ac:9b:
be:f2:21:55:25:f6:15:74:d0:fe:f6:08:5d:ab:41:
b7:d4:94:da:c6:a9:6d:9f:a2:d6:b6:eb:3f:c0:33:
a9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E5:F1:7A:E3:67:2D:AC:BE:66:A5:62:0E:41:77:5B:1A:46:81:37
X509v3 Authority Key Identifier:
keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/I-XxeuNnLay-ZqViDkF3WxpGgTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7b80::/32
2a0c:7b82::/32
Signature Algorithm: sha256WithRSAEncryption
1b:5d:57:04:67:49:f4:7a:7d:4c:8b:27:74:37:b6:23:26:6a:
f2:f9:20:ee:71:f2:87:ea:c2:a4:cb:58:dc:6d:8e:69:38:a6:
01:84:b0:ac:c0:d7:dd:85:54:ae:d2:e4:fc:5d:4c:b2:a3:05:
56:f8:c8:b7:d6:1b:30:b7:87:6b:ad:94:5d:75:a8:5c:75:c3:
20:12:77:b8:27:d0:38:40:72:00:1c:28:d0:0f:2c:3f:1b:d8:
97:18:e4:52:51:b7:a5:2c:b4:e2:6c:8b:11:cb:d9:cd:91:22:
b5:d0:62:85:dc:e4:dc:ce:cf:23:fa:b1:61:a0:25:25:93:41:
39:ee:67:76:fc:2c:38:66:65:e7:10:93:fd:14:0f:f9:d5:ff:
25:61:39:2f:0a:22:da:46:df:5d:a5:18:22:c7:2b:48:0b:6f:
8f:51:8e:87:5e:e2:25:de:f0:88:c8:66:e1:6a:dc:8f:5d:d3:
a1:a7:3e:d0:0e:9e:51:17:b7:30:4c:0d:29:c7:f2:79:dd:12:
25:1d:6d:7c:c6:e1:f0:6f:fc:8e:7f:28:57:17:d6:bd:12:a7:
f3:c0:7b:08:88:d9:8d:5a:bf:2e:14:f1:4d:7a:ce:84:6a:8e:
1f:c4:46:56:f6:bd:66:28:17:dd:58:26:8a:08:6a:65:82:80:
ff:52:c3:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYz1siA8kT1+v9+gg+qWTCChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjQwMTEwMjMyNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U1ZjE3YWUzNjcyZGFjYmU2NmE1NjIwZTQxNzc1YjFhNDY4MTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9IwfeiMTg9V5EC8hfQrN34GHp1w
RlftSc0pr3FI50EEQ6zV6yk+OziFXwPv3nEq/H67bm6SZ7uFZ8ikYBtmdPROI/zZ
YhkXfVRbsUe0YOvbZt739gDj2NKZD2irZoa0e5ynwbaqdgT49suImtsWJKRmHbPK
Qr6Py/5BbY9+9ZX15p8nRh2WJuooBPHRYlfnluIrL0wIsKC1W52MS3qE27UBxzrO
ighlJs+T+S2xTEhcITgPVMDMNXq2wiK7CNm5oqvNhXAOMdqfumwPfea8R2D8vjaB
h6ao58nLG8o2rJu+8iFVJfYVdND+9ghdq0G31JTaxqltn6LWtus/wDOpYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCPl8XrjZy2svmalYg5Bd1saRoE3MB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvSS1YeGV1Tm5MYXktWnFWaURrRjNXeHBHZ1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgx7gAMF
ACoMe4IwDQYJKoZIhvcNAQELBQADggEBABtdVwRnSfR6fUyLJ3Q3tiMmavL5IO5x
8ofqwqTLWNxtjmk4pgGEsKzA192FVK7S5PxdTLKjBVb4yLfWGzC3h2utlF11qFx1
wyASd7gn0DhAcgAcKNAPLD8b2JcY5FJRt6UstOJsixHL2c2RIrXQYoXc5NzOzyP6
sWGgJSWTQTnuZ3b8LDhmZecQk/0UD/nV/yVhOS8KItpG312lGCLHK0gLb49Rjode
4iXe8IjIZuFq3I9d06GnPtAOnlEXtzBMDSnH8nndEiUdbXzG4fBv/I5/KFcX1r0S
p/PAewiI2Y1avy4U8U16zoRqjh/ERlb2vWYoF91YJooIamWCgP9Sw50=
-----END CERTIFICATE-----
Generated at Tue Jan 16 19:12:51 2024 by rpki-client on console-fra.rpki-client.org