Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/stQJq_odf7ia-dRsy5bSIzuVFq4.roa
File: stQJq_odf7ia-dRsy5bSIzuVFq4.roa (raw, json)
Hash identifier: mOx4P76jLp/S5DmW5M8Hl82vIdi1ttIre8UTfP2iUL8=
Subject key identifier: B2:D4:09:AB:FA:1D:7F:B8:9A:F9:D4:6C:CB:96:D2:23:3B:95:16:AE
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 018C432EE141729D742940CD225DBD65F9C6
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/stQJq_odf7ia-dRsy5bSIzuVFq4.roa
Signing time: Thu 07 Dec 2023 07:29:54 +0000
ROA not before: Thu 07 Dec 2023 07:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a02:6bf:fa17::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Dec 2023 14:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:2e:e1:41:72:9d:74:29:40:cd:22:5d:bd:65:f9:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Dec 7 07:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2d409abfa1d7fb89af9d46ccb96d2233b9516ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:73:ef:da:3c:84:92:09:6f:01:d5:24:a2:0f:
b5:81:26:d4:4c:79:bc:1b:e4:5a:a9:ef:e4:d7:cb:
dc:98:84:04:b3:21:31:90:5a:60:ad:c2:c4:8f:04:
56:a5:ab:86:e3:d6:03:27:66:bc:1d:74:ee:ee:03:
5e:5b:70:23:c2:4d:3e:45:6e:a9:c6:c6:37:6a:81:
c4:0b:c3:59:5b:b7:2c:ed:e3:2d:2a:44:97:59:8f:
24:09:6a:e4:08:c8:9f:1b:16:3d:3a:ce:7c:d0:70:
36:99:71:2b:58:5a:22:97:ed:12:20:03:a8:cf:91:
20:f8:50:46:f0:4c:27:d0:e4:6e:92:e5:ae:d1:da:
5c:0f:d3:5e:43:2b:b8:1b:17:27:32:be:ca:1b:68:
65:d8:3b:d2:59:77:6f:82:20:60:96:45:ce:26:62:
f1:db:a3:1d:f2:cc:76:93:db:f7:c6:b4:7e:63:a6:
9a:81:31:eb:ab:85:1f:2e:25:41:3c:fc:41:93:10:
76:ce:3f:2e:26:bb:64:b2:e4:68:4f:50:af:21:fc:
6b:1b:75:9e:e4:81:31:ce:96:d8:0d:83:33:af:8a:
d4:4e:3b:f9:ae:67:c1:a9:85:fb:68:a5:ff:2d:50:
3c:5b:68:c8:8a:ef:5d:b6:c3:2e:9c:45:e2:9b:8c:
d4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D4:09:AB:FA:1D:7F:B8:9A:F9:D4:6C:CB:96:D2:23:3B:95:16:AE
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/stQJq_odf7ia-dRsy5bSIzuVFq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:6bf:fa17::/48
Signature Algorithm: sha256WithRSAEncryption
7d:0b:26:17:be:ac:75:ee:07:4b:4f:08:12:52:81:71:a9:31:
b3:ec:47:75:5e:6a:bf:5d:7f:1a:c4:70:2a:92:0c:f5:cd:02:
7f:cb:e5:36:4e:51:62:a0:0c:fd:bf:09:17:a3:7c:02:68:f2:
9b:c1:94:31:2f:3f:3b:87:5f:94:3b:d4:7d:f2:25:a0:6e:e5:
a6:51:4b:5d:22:51:c4:29:4f:97:df:3b:03:c1:fc:ba:6e:5a:
53:61:69:b4:17:8b:c6:46:b6:ab:47:cc:ad:b0:14:3d:f2:db:
5c:8d:28:66:2c:a3:8c:96:38:29:01:aa:74:b7:29:92:83:49:
a2:42:b3:4f:58:38:05:57:0b:3c:67:f6:9c:61:73:69:b5:18:
d0:64:63:0a:ca:26:cc:82:06:aa:6a:b1:8e:3d:98:39:6e:fb:
15:af:9d:22:ae:c6:e9:e1:46:29:ee:43:b8:ee:df:bc:6b:d0:
78:b1:8d:51:2d:50:09:6a:7c:90:1d:7a:6a:b8:6a:6c:35:fa:
5b:48:1a:a7:d7:4e:34:3b:2b:3d:c7:0c:6d:f1:47:e9:7c:1c:
c7:07:7a:4e:7b:d7:56:d4:07:e3:76:9b:e1:a0:6f:e4:3b:dd:
d8:a1:ce:49:27:88:0d:d9:d1:e7:5e:c1:29:0a:da:3e:ff:79:
64:de:55:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxDLuFBcp10KUDNIl29ZfnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMxMjA3MDcyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ0MDlhYmZhMWQ3ZmI4OWFmOWQ0NmNjYjk2ZDIyMzNiOTUxNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHPv2jyEkglvAdUkog+1gSbUTHm8
G+Raqe/k18vcmIQEsyExkFpgrcLEjwRWpauG49YDJ2a8HXTu7gNeW3Ajwk0+RW6p
xsY3aoHEC8NZW7cs7eMtKkSXWY8kCWrkCMifGxY9Os580HA2mXErWFoil+0SIAOo
z5Eg+FBG8Ewn0ORukuWu0dpcD9NeQyu4GxcnMr7KG2hl2DvSWXdvgiBglkXOJmLx
26Md8sx2k9v3xrR+Y6aagTHrq4UfLiVBPPxBkxB2zj8uJrtksuRoT1CvIfxrG3We
5IExzpbYDYMzr4rUTjv5rmfBqYX7aKX/LVA8W2jIiu9dtsMunEXim4zUTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLLUCav6HX+4mvnUbMuW0iM7lRauMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvc3RRSnFfb2RmN2lhLWRSc3k1YlNJenVWRnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIGv/oX
MA0GCSqGSIb3DQEBCwUAA4IBAQB9CyYXvqx17gdLTwgSUoFxqTGz7Ed1Xmq/XX8a
xHAqkgz1zQJ/y+U2TlFioAz9vwkXo3wCaPKbwZQxLz87h1+UO9R98iWgbuWmUUtd
IlHEKU+X3zsDwfy6blpTYWm0F4vGRrarR8ytsBQ98ttcjShmLKOMljgpAap0tymS
g0miQrNPWDgFVws8Z/acYXNptRjQZGMKyibMggaqarGOPZg5bvsVr50irsbp4UYp
7kO47t+8a9B4sY1RLVAJanyQHXpquGpsNfpbSBqn1040Oys9xwxt8UfpfBzHB3pO
e9dW1AfjdpvhoG/kO93Yoc5JJ4gN2dHnXsEpCto+/3lk3lU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org