Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/ieD5g9CZcw8GUr3WzhpDhkzQtlU.roa
File: ieD5g9CZcw8GUr3WzhpDhkzQtlU.roa (raw, json)
Hash identifier: ep3QQrr1+rkhGcwltXFKFfCfi/+GvnqZPw4/PejabEg=
Subject key identifier: 89:E0:F9:83:D0:99:73:0F:06:52:BD:D6:CE:1A:43:86:4C:D0:B6:55
Certificate issuer: /CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Certificate serial: 018D847A2B1A9D8B99BAEF3F8DE8D03404DD
Authority key identifier: EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/ieD5g9CZcw8GUr3WzhpDhkzQtlU.roa
Signing time: Wed 07 Feb 2024 16:50:15 +0000
ROA not before: Wed 07 Feb 2024 16:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59993
IP address blocks: 2a02:cac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 11:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:7a:2b:1a:9d:8b:99:ba:ef:3f:8d:e8:d0:34:04:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Validity
Not Before: Feb 7 16:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89e0f983d099730f0652bdd6ce1a43864cd0b655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8c:54:b9:4e:1e:bc:d5:30:4d:9b:86:0a:a4:
12:ce:e1:a5:22:b3:ae:0a:24:79:84:72:b5:2e:87:
34:42:48:7c:71:fa:bb:f9:cf:8e:1a:55:e5:ee:9a:
9d:18:be:97:13:08:49:03:d9:f9:f8:06:7a:a0:ef:
6f:e2:ef:08:ef:c7:55:b5:6e:31:f4:39:57:e9:da:
9b:5b:78:4a:8c:59:ec:df:5b:c9:22:51:7d:6e:66:
c6:c5:90:16:c1:76:40:10:7a:65:0d:6c:ff:41:7b:
f1:18:2c:1e:f1:18:60:13:df:5a:e1:a3:6a:ee:c2:
8d:54:6c:bb:c1:e7:0d:2a:2b:af:98:57:55:cd:86:
29:47:49:b2:38:a6:5e:e7:27:10:18:0a:99:40:c4:
2f:9c:f5:65:89:94:83:d8:f1:6e:0a:62:53:a9:fb:
25:d4:50:fc:7d:71:93:8e:7d:39:d9:89:30:8d:26:
fe:2b:f0:ce:7f:ca:07:ec:fc:21:77:4c:88:65:cf:
f0:de:ef:59:77:92:57:63:3d:56:f5:e0:1f:25:6c:
cb:03:bd:9b:4b:23:0d:15:4a:bf:06:eb:f7:90:ba:
c6:95:d2:25:db:a2:5a:68:d2:2b:a7:40:b8:ab:eb:
01:40:2c:05:6e:00:e4:46:4b:56:7e:67:90:33:6d:
c9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:F9:83:D0:99:73:0F:06:52:BD:D6:CE:1A:43:86:4C:D0:B6:55
X509v3 Authority Key Identifier:
keyid:EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/ieD5g9CZcw8GUr3WzhpDhkzQtlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/7MihqtAgWUOkVyOJu3QzThyihIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:cc:7a:08:68:ef:91:b7:b1:04:aa:da:55:b9:34:d0:1f:bc:
a8:00:53:2f:fa:c3:f3:30:ea:04:06:ad:87:34:8f:7f:6a:b4:
d3:68:09:94:dd:fa:26:7a:e4:48:7d:5b:e4:5e:3a:79:99:85:
1b:f7:e1:c4:d0:6f:5f:52:bb:90:a4:b0:c2:47:00:e9:ef:f5:
b4:9d:24:8d:34:01:e0:02:a6:e2:1e:5e:e6:00:cf:ac:1c:9d:
95:b1:70:2c:52:28:15:9a:e7:68:35:66:1a:63:8e:0e:00:f6:
84:c8:60:2d:a0:21:8f:cb:d4:73:67:4f:1e:fa:dc:d0:57:cc:
0c:32:d7:f9:18:f3:89:58:e9:86:0b:69:05:33:ac:e3:29:c2:
d6:af:4d:f2:06:42:12:33:de:ce:03:01:b8:b0:ee:9d:d9:08:
21:69:ae:c3:24:06:2e:24:a1:fe:11:73:5a:23:6a:75:6c:78:
9d:f4:0f:63:54:d7:68:fe:ba:65:54:cb:f1:8c:65:50:a8:77:
a2:f9:37:85:40:ef:9e:59:97:56:b1:7a:e1:99:c2:81:0e:3e:
15:f5:0e:b8:5e:e5:04:82:2d:4b:19:75:d6:23:5d:18:e4:f8:
68:e7:b4:db:35:de:dd:4d:9a:db:3e:e8:64:4e:31:f4:77:d6:
a4:2e:33:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2EeisanYuZuu8/jejQNATdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzhhMWFhZDAyMDU5NDNhNDU3MjM4OWJiNzQzMzRlMWNh
Mjg0ODUwHhcNMjQwMjA3MTY1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUwZjk4M2QwOTk3MzBmMDY1MmJkZDZjZTFhNDM4NjRjZDBiNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4xUuU4evNUwTZuGCqQSzuGlIrOu
CiR5hHK1Loc0Qkh8cfq7+c+OGlXl7pqdGL6XEwhJA9n5+AZ6oO9v4u8I78dVtW4x
9DlX6dqbW3hKjFns31vJIlF9bmbGxZAWwXZAEHplDWz/QXvxGCwe8RhgE99a4aNq
7sKNVGy7wecNKiuvmFdVzYYpR0myOKZe5ycQGAqZQMQvnPVliZSD2PFuCmJTqfsl
1FD8fXGTjn052YkwjSb+K/DOf8oH7Pwhd0yIZc/w3u9Zd5JXYz1W9eAfJWzLA72b
SyMNFUq/Buv3kLrGldIl26JaaNIrp0C4q+sBQCwFbgDkRktWfmeQM23JewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIng+YPQmXMPBlK91s4aQ4ZM0LZVMB8GA1UdIwQY
MBaAFOzIoarQIFlDpFcjibt0M04cooSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEt
NGE2OGYyMzVjMzg4LzEvaWVENWc5Q1pjdzhHVXIzV3pocERoa3pRdGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEtNGE2OGYyMzVjMzg4
LzEvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmsx6CGjvkbexBKraVbk00B+8qABTL/rD8zDqBAat
hzSPf2q002gJlN36JnrkSH1b5F46eZmFG/fhxNBvX1K7kKSwwkcA6e/1tJ0kjTQB
4AKm4h5e5gDPrBydlbFwLFIoFZrnaDVmGmOODgD2hMhgLaAhj8vUc2dPHvrc0FfM
DDLX+RjziVjphgtpBTOs4ynC1q9N8gZCEjPezgMBuLDundkIIWmuwyQGLiSh/hFz
WiNqdWx4nfQPY1TXaP66ZVTL8YxlUKh3ovk3hUDvnlmXVrF64ZnCgQ4+FfUOuF7l
BIItSxl11iNdGOT4aOe02zXe3U2a2z7oZE4x9HfWpC4zzA==
-----END CERTIFICATE-----
Generated at Fri Feb 9 15:35:14 2024 by rpki-client on console-fra.rpki-client.org