Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/5a4N7S8b-utxZQ405r0SmrlL9NE.roa
File: 5a4N7S8b-utxZQ405r0SmrlL9NE.roa (raw, json)
Hash identifier: mMzZV6o7VHp/aVgRpxF194/v7DjyXLuNKuTR2dtqy+Y=
Subject key identifier: E5:AE:0D:ED:2F:1B:FA:EB:71:65:0E:34:E6:BD:12:9A:B9:4B:F4:D1
Certificate issuer: /CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Certificate serial: 018D8562B6FD7A66265A05CEFEBD524C5D14
Authority key identifier: EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/5a4N7S8b-utxZQ405r0SmrlL9NE.roa
Signing time: Wed 07 Feb 2024 21:04:15 +0000
ROA not before: Wed 07 Feb 2024 21:04:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48581
IP address blocks: 2a02:cac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 11:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:85:62:b6:fd:7a:66:26:5a:05:ce:fe:bd:52:4c:5d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Validity
Not Before: Feb 7 21:04:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ae0ded2f1bfaeb71650e34e6bd129ab94bf4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:4f:f6:e2:ea:f3:ea:26:2a:e5:7a:5e:a1:
cf:b3:26:4f:4f:cc:3e:81:ed:cb:6c:c2:18:65:c4:
97:8a:69:83:2c:c9:02:3f:45:0a:17:d1:21:f9:d8:
42:bc:0e:fe:1f:e4:2d:2e:b5:92:cb:99:ea:02:2f:
1e:c0:62:d1:7d:9e:b6:c0:d0:87:7a:ed:6e:c2:e2:
9e:35:c9:ca:be:8d:52:44:f2:e9:15:6e:6a:09:04:
6f:fa:95:ac:60:12:c6:b9:20:8f:2e:d7:42:c3:98:
da:0e:d7:8e:21:0d:bd:09:a9:13:06:cf:e1:75:4c:
8b:04:47:9e:b2:a7:65:56:cd:f4:c6:bd:57:24:91:
78:a5:23:7b:ab:8b:2c:dd:38:9c:54:9a:9c:a9:f4:
5c:b1:0a:3b:04:e1:d9:f5:ce:8a:0a:45:95:d0:b9:
9c:78:3a:55:2a:94:79:48:a5:b8:0e:12:12:9d:b6:
c5:b0:77:3a:07:62:f9:33:ec:38:0a:9b:f9:6f:10:
da:5b:31:7e:94:fe:0c:8b:e0:c7:de:2d:67:fb:ee:
71:f3:22:b7:65:22:59:8b:48:4e:a6:6f:c6:f2:b9:
15:23:a9:18:6f:2e:bc:70:eb:d8:60:e8:ed:44:44:
ac:0e:45:72:9a:83:d1:6f:67:7f:73:e2:d1:b4:53:
fe:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AE:0D:ED:2F:1B:FA:EB:71:65:0E:34:E6:BD:12:9A:B9:4B:F4:D1
X509v3 Authority Key Identifier:
keyid:EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/5a4N7S8b-utxZQ405r0SmrlL9NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/7MihqtAgWUOkVyOJu3QzThyihIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
52:b1:d3:b7:8e:20:15:5f:0a:c2:cd:3f:72:d9:1e:4e:5a:a3:
86:a4:bc:2d:83:9c:08:8c:94:01:17:63:69:cc:d3:7a:e0:eb:
35:da:2d:9d:1d:af:70:36:b4:b6:b0:2e:d1:eb:11:a5:26:06:
5e:7f:8f:1b:b0:fd:f7:bd:1c:89:c0:51:6d:ae:f3:52:25:4a:
40:a5:32:57:9a:d7:b1:f8:66:b9:a0:d1:e3:b7:4c:50:9a:28:
08:5f:69:a1:08:5b:ba:7f:55:8b:ba:d7:a8:05:d5:af:b7:af:
b4:08:3d:c6:25:21:ee:a5:29:bc:18:f9:aa:5c:b2:db:da:cb:
05:1e:9e:b7:85:94:38:6d:72:e1:89:4e:90:fa:8e:35:ba:66:
b8:f4:c7:b0:75:13:45:ae:93:18:5b:4e:7e:cd:6b:f9:4b:e0:
63:8a:32:66:35:5e:d5:4b:76:f8:f0:31:55:f0:b7:81:62:11:
86:8e:b5:07:74:ad:2b:67:fa:cf:22:6f:7d:8f:72:98:77:0e:
8c:18:81:f1:95:5c:af:03:07:45:5a:26:b9:4e:91:cd:36:10:
5a:9b:d2:11:e2:ee:be:e1:e2:8d:b0:e2:25:d3:7f:7e:ab:6b:
d1:8c:82:43:8f:b7:2f:43:b2:ab:07:95:df:8b:83:97:e0:1b:
a3:e0:c2:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2FYrb9emYmWgXO/r1STF0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzhhMWFhZDAyMDU5NDNhNDU3MjM4OWJiNzQzMzRlMWNh
Mjg0ODUwHhcNMjQwMjA3MjEwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFlMGRlZDJmMWJmYWViNzE2NTBlMzRlNmJkMTI5YWI5NGJmNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPZP9uLq8+omKuV6XqHPsyZPT8w+
ge3LbMIYZcSXimmDLMkCP0UKF9Eh+dhCvA7+H+QtLrWSy5nqAi8ewGLRfZ62wNCH
eu1uwuKeNcnKvo1SRPLpFW5qCQRv+pWsYBLGuSCPLtdCw5jaDteOIQ29CakTBs/h
dUyLBEeesqdlVs30xr1XJJF4pSN7q4ss3TicVJqcqfRcsQo7BOHZ9c6KCkWV0Lmc
eDpVKpR5SKW4DhISnbbFsHc6B2L5M+w4Cpv5bxDaWzF+lP4Mi+DH3i1n++5x8yK3
ZSJZi0hOpm/G8rkVI6kYby68cOvYYOjtRESsDkVymoPRb2d/c+LRtFP+2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOWuDe0vG/rrcWUONOa9Epq5S/TRMB8GA1UdIwQY
MBaAFOzIoarQIFlDpFcjibt0M04cooSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEt
NGE2OGYyMzVjMzg4LzEvNWE0TjdTOGItdXR4WlE0MDVyMFNtcmxMOU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEtNGE2OGYyMzVjMzg4
LzEvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUrHTt44gFV8Kws0/ctkeTlqjhqS8LYOcCIyUARdj
aczTeuDrNdotnR2vcDa0trAu0esRpSYGXn+PG7D9970cicBRba7zUiVKQKUyV5rX
sfhmuaDR47dMUJooCF9poQhbun9Vi7rXqAXVr7evtAg9xiUh7qUpvBj5qlyy29rL
BR6et4WUOG1y4YlOkPqONbpmuPTHsHUTRa6TGFtOfs1r+UvgY4oyZjVe1Ut2+PAx
VfC3gWIRho61B3StK2f6zyJvfY9ymHcOjBiB8ZVcrwMHRVomuU6RzTYQWpvSEeLu
vuHijbDiJdN/fqtr0YyCQ4+3L0OyqweV34uDl+Abo+DCYg==
-----END CERTIFICATE-----
Generated at Fri Feb 9 15:35:14 2024 by rpki-client on console-fra.rpki-client.org