Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/CAEclzLYPkTUX4Y46dRySnop1P0.roa
File: CAEclzLYPkTUX4Y46dRySnop1P0.roa (raw, json)
Hash identifier: /rqMrbjhcdlHYLBYdbYnxji5O2jf3l55IABPmIF3zb0=
Subject key identifier: 08:01:1C:97:32:D8:3E:44:D4:5F:86:38:E9:D4:72:4A:7A:29:D4:FD
Certificate issuer: /CN=f0e729a54cc76b889c832e0d1395894af7c0e5fe
Certificate serial: 018D83C226819B324C8782A3FA6AE364AA0A
Authority key identifier: F0:E7:29:A5:4C:C7:6B:88:9C:83:2E:0D:13:95:89:4A:F7:C0:E5:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OcppUzHa4icgy4NE5WJSvfA5f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/CAEclzLYPkTUX4Y46dRySnop1P0.roa
Signing time: Wed 07 Feb 2024 13:29:15 +0000
ROA not before: Wed 07 Feb 2024 13:29:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 2a12:5346:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:c2:26:81:9b:32:4c:87:82:a3:fa:6a:e3:64:aa:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0e729a54cc76b889c832e0d1395894af7c0e5fe
Validity
Not Before: Feb 7 13:29:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08011c9732d83e44d45f8638e9d4724a7a29d4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8f:20:ea:de:eb:a7:7b:25:36:45:55:fc:8a:
a1:82:fc:97:1e:47:1e:84:70:7b:04:1e:da:b5:c7:
35:22:c2:48:e8:7e:90:1e:58:82:4a:ee:f7:b2:38:
77:10:b2:57:6d:48:79:06:e0:8f:78:ed:7c:65:b0:
0e:8a:0e:75:a5:bd:ac:87:cc:8f:8f:3b:74:02:5a:
56:89:a5:9b:13:26:38:0c:9d:78:ae:13:76:b7:66:
16:83:6a:be:52:fd:15:c8:15:02:28:a8:b4:a1:60:
a8:68:c8:4d:19:ac:25:da:5e:b5:0a:ea:ce:d0:f4:
25:e0:8c:88:d6:5f:48:44:c0:de:fe:86:75:e0:31:
93:a7:2d:92:63:d0:41:73:f9:17:37:c9:e8:77:ee:
f0:d8:a1:3f:cb:cd:47:93:3d:f9:5e:2d:b0:3d:f6:
62:86:46:5b:ec:6b:4d:e3:d8:45:29:42:21:b8:30:
37:d8:dd:28:e6:21:14:c1:ff:70:b4:28:4e:91:51:
23:f2:51:54:0b:ec:1a:f1:31:ba:dc:0d:2c:9d:d4:
a9:59:fa:36:9b:70:53:ec:fd:e1:7f:ec:b1:d4:5f:
40:c8:2a:18:64:cc:bf:b5:53:48:7d:5d:bf:08:0d:
9b:db:40:46:72:9b:b4:f7:ae:77:51:e8:f2:ff:be:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:01:1C:97:32:D8:3E:44:D4:5F:86:38:E9:D4:72:4A:7A:29:D4:FD
X509v3 Authority Key Identifier:
keyid:F0:E7:29:A5:4C:C7:6B:88:9C:83:2E:0D:13:95:89:4A:F7:C0:E5:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OcppUzHa4icgy4NE5WJSvfA5f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/CAEclzLYPkTUX4Y46dRySnop1P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/360de7-6fdc-4067-8f4d-676b52096cf8/1/8OcppUzHa4icgy4NE5WJSvfA5f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5346:2::/48
Signature Algorithm: sha256WithRSAEncryption
67:87:97:c4:22:ea:69:46:84:45:81:a6:48:2b:5d:44:f7:68:
c9:cc:9a:6c:0a:28:57:7e:be:5a:f2:c2:bf:55:9b:85:03:bd:
39:2f:2e:a5:49:2e:2d:f3:eb:9c:f3:db:3b:84:78:b6:ca:8f:
60:97:44:c4:e3:c4:df:40:46:c2:39:4a:a2:88:7c:a9:92:ef:
9a:5b:4e:b1:65:e7:0d:a2:b1:cc:8d:69:0d:63:1e:dc:ab:5e:
a1:44:86:01:63:0c:c5:99:b0:cd:d8:80:93:3c:c9:56:e8:dc:
3b:2e:48:64:1e:3a:3b:b9:6a:17:6e:35:dc:8f:70:08:94:6c:
f1:3c:b1:96:16:01:0e:fa:1c:d8:c5:da:07:90:d9:5c:c5:e0:
25:db:7a:d9:1b:7c:6f:60:24:2b:63:ed:8e:d2:23:05:33:c4:
4c:73:05:fb:ea:4d:47:21:75:35:be:5c:6e:cd:00:ae:76:c4:
d9:c5:0e:f6:10:0c:b0:6b:4f:d6:91:1b:ee:de:bd:5b:49:1c:
9c:c1:11:44:75:b5:c8:d6:b5:61:81:14:6c:de:ce:af:86:ba:
9c:68:c3:02:9d:dd:17:86:a9:e2:00:ce:c3:7b:b3:f5:b2:d8:
c6:4d:66:96:21:86:89:23:fc:34:ec:c2:58:94:92:97:91:d4:
37:c7:32:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2DwiaBmzJMh4Kj+mrjZKoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZTcyOWE1NGNjNzZiODg5YzgzMmUwZDEzOTU4OTRhZjdj
MGU1ZmUwHhcNMjQwMjA3MTMyOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAxMWM5NzMyZDgzZTQ0ZDQ1Zjg2MzhlOWQ0NzI0YTdhMjlkNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA548g6t7rp3slNkVV/IqhgvyXHkce
hHB7BB7atcc1IsJI6H6QHliCSu73sjh3ELJXbUh5BuCPeO18ZbAOig51pb2sh8yP
jzt0AlpWiaWbEyY4DJ14rhN2t2YWg2q+Uv0VyBUCKKi0oWCoaMhNGawl2l61CurO
0PQl4IyI1l9IRMDe/oZ14DGTpy2SY9BBc/kXN8nod+7w2KE/y81Hkz35Xi2wPfZi
hkZb7GtN49hFKUIhuDA32N0o5iEUwf9wtChOkVEj8lFUC+wa8TG63A0sndSpWfo2
m3BT7P3hf+yx1F9AyCoYZMy/tVNIfV2/CA2b20BGcpu09653Uejy/75LvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAgBHJcy2D5E1F+GOOnUckp6KdT9MB8GA1UdIwQY
MBaAFPDnKaVMx2uInIMuDROViUr3wOX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE9jcHBVekhhNGljZ3k0TkU1V0pTdmZBNWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zNjBkZTctNmZkYy00MDY3LThmNGQt
Njc2YjUyMDk2Y2Y4LzEvQ0FFY2x6TFlQa1RVWDRZNDZkUnlTbm9wMVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zNjBkZTctNmZkYy00MDY3LThmNGQtNjc2YjUyMDk2Y2Y4
LzEvOE9jcHBVekhhNGljZ3k0TkU1V0pTdmZBNWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJTRgAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBnh5fEIuppRoRFgaZIK11E92jJzJpsCihXfr5a
8sK/VZuFA705Ly6lSS4t8+uc89s7hHi2yo9gl0TE48TfQEbCOUqiiHypku+aW06x
ZecNorHMjWkNYx7cq16hRIYBYwzFmbDN2ICTPMlW6Nw7LkhkHjo7uWoXbjXcj3AI
lGzxPLGWFgEO+hzYxdoHkNlcxeAl23rZG3xvYCQrY+2O0iMFM8RMcwX76k1HIXU1
vlxuzQCudsTZxQ72EAywa0/WkRvu3r1bSRycwRFEdbXI1rVhgRRs3s6vhrqcaMMC
nd0XhqniAM7De7P1stjGTWaWIYaJI/w07MJYlJKXkdQ3xzIj
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:25:20 2024 by rpki-client on console-fra.rpki-client.org