Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/8wsA9j3lZz2vnLgg9F6Sa8VVMmM.roa
File: 8wsA9j3lZz2vnLgg9F6Sa8VVMmM.roa (raw, json)
Hash identifier: /dYdzYAwjm25OfKSvxJdqy9/aAjwNAGGn4JZ6M6DsHM=
Subject key identifier: F3:0B:00:F6:3D:E5:67:3D:AF:9C:B8:20:F4:5E:92:6B:C5:55:32:63
Certificate issuer: /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial: 018CC94D81F819942F31F3E50238460EB2A0
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/8wsA9j3lZz2vnLgg9F6Sa8VVMmM.roa
Signing time: Tue 02 Jan 2024 08:32:29 +0000
ROA not before: Tue 02 Jan 2024 08:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43766
IP address blocks: 2a00:5400:f004::/48 maxlen: 48
2a00:5400:f007::/48 maxlen: 48
2a00:5400:f002::/48 maxlen: 48
2a00:5400:f005::/48 maxlen: 48
2a00:5400:f000::/48 maxlen: 48
2a00:5400:f003::/48 maxlen: 48
2a00:5400:f006::/48 maxlen: 48
2a00:5400:f001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:81:f8:19:94:2f:31:f3:e5:02:38:46:0e:b2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Validity
Not Before: Jan 2 08:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f30b00f63de5673daf9cb820f45e926bc5553263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:d2:c4:58:29:c7:15:54:a3:82:8b:94:bc:
f8:e1:4d:3d:af:54:ab:06:f4:d3:5a:3d:e7:61:a3:
0d:4a:30:1a:2d:7b:1c:05:d8:a0:59:49:5b:6e:a8:
5a:c3:d4:5a:39:b4:8b:83:6e:d0:22:ca:91:b6:9f:
a2:19:17:55:19:a1:f2:ff:ea:fc:f3:cb:53:15:53:
b0:aa:2e:64:ce:3e:df:cb:46:de:23:80:61:87:28:
97:6b:2d:df:e4:9a:0f:e2:06:62:66:f3:02:f4:da:
f0:97:44:ba:0e:58:4f:f5:8e:4a:6e:4f:d9:ff:9a:
d1:70:78:6d:7c:84:66:10:b6:06:ac:bb:32:e6:8e:
cb:a6:79:98:f0:27:a2:50:f7:ed:7a:d9:26:73:53:
bf:ba:1d:46:9c:04:af:65:73:a8:38:79:4b:1b:53:
b8:a3:be:c3:b6:5f:b5:dc:51:82:db:68:a7:0b:66:
22:f9:22:ff:ca:1a:10:d4:d9:ac:0a:90:91:4c:22:
67:c4:d8:1c:69:7b:b1:c8:75:a1:e9:13:34:5e:44:
64:ac:92:e0:4e:58:8f:b4:dd:4f:75:7e:8e:96:9c:
2f:48:1e:c3:a1:1c:ed:f7:ec:9d:fc:07:d5:2b:62:
6c:03:c6:ae:51:da:67:d6:30:f0:0f:c3:5d:00:6f:
4d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0B:00:F6:3D:E5:67:3D:AF:9C:B8:20:F4:5E:92:6B:C5:55:32:63
X509v3 Authority Key Identifier:
keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/8wsA9j3lZz2vnLgg9F6Sa8VVMmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:5400:f000::/45
Signature Algorithm: sha256WithRSAEncryption
d1:4a:ea:d4:a0:c8:8d:a6:18:7c:35:cb:ce:15:ba:80:95:9d:
2a:f0:bd:ac:5b:fc:02:fa:2e:a5:cf:63:bc:b7:0c:12:f2:ee:
de:90:d5:fb:b6:5b:06:b1:ea:6e:17:f1:81:26:9d:3d:2e:7e:
67:da:3e:bf:cf:ed:d9:a1:96:e4:b4:ab:b4:1b:52:92:a5:12:
55:9c:71:d2:77:11:34:e1:d6:93:ac:30:31:6b:d7:7c:36:c4:
32:f2:12:f6:e9:fc:80:9c:8c:00:8c:ff:f5:2d:a1:eb:be:81:
73:bc:d7:71:ff:dd:82:89:77:e5:06:41:48:38:22:cd:74:d1:
d8:d1:01:3e:00:c1:b0:73:0f:94:b5:26:7c:2e:34:28:1d:5d:
32:5f:00:ea:2f:d5:7f:75:e3:40:6a:b4:5c:07:fd:b2:ee:8a:
c6:7b:4c:67:7e:26:13:7c:02:24:e2:f8:db:56:f4:40:49:13:
15:41:91:cf:a2:f0:b6:7e:4c:01:bc:ad:e5:41:39:c2:69:82:
3d:78:0e:16:67:a6:dd:25:a8:64:09:ec:19:de:f1:e8:b3:2c:
fe:9b:73:58:be:f6:f8:6a:9b:9e:10:00:7b:fc:bb:9a:f8:73:
8f:14:73:5d:f9:4b:a2:7b:bf:e6:f1:7e:15:9c:05:34:e7:5b:
b4:cc:01:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTYH4GZQvMfPlAjhGDrKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjQwMTAyMDgzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBiMDBmNjNkZTU2NzNkYWY5Y2I4MjBmNDVlOTI2YmM1NTUzMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcvSxFgpxxVUo4KLlLz44U09r1Sr
BvTTWj3nYaMNSjAaLXscBdigWUlbbqhaw9RaObSLg27QIsqRtp+iGRdVGaHy/+r8
88tTFVOwqi5kzj7fy0beI4BhhyiXay3f5JoP4gZiZvMC9Nrwl0S6DlhP9Y5Kbk/Z
/5rRcHhtfIRmELYGrLsy5o7LpnmY8CeiUPftetkmc1O/uh1GnASvZXOoOHlLG1O4
o77Dtl+13FGC22inC2Yi+SL/yhoQ1NmsCpCRTCJnxNgcaXuxyHWh6RM0XkRkrJLg
TliPtN1PdX6OlpwvSB7DoRzt9+yd/AfVK2JsA8auUdpn1jDwD8NdAG9N5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPMLAPY95Wc9r5y4IPRekmvFVTJjMB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvOHdzQTlqM2xaejJ2bkxnZzlGNlNhOFZWTW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKgBUAPAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDRSurUoMiNphh8NcvOFbqAlZ0q8L2sW/wC+i6l
z2O8twwS8u7ekNX7tlsGsepuF/GBJp09Ln5n2j6/z+3ZoZbktKu0G1KSpRJVnHHS
dxE04daTrDAxa9d8NsQy8hL26fyAnIwAjP/1LaHrvoFzvNdx/92CiXflBkFIOCLN
dNHY0QE+AMGwcw+UtSZ8LjQoHV0yXwDqL9V/deNAarRcB/2y7orGe0xnfiYTfAIk
4vjbVvRASRMVQZHPovC2fkwBvK3lQTnCaYI9eA4WZ6bdJahkCewZ3vHosyz+m3NY
vvb4apueEAB7/Lua+HOPFHNd+Uuie7/m8X4VnAU051u0zAGK
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:22:10 2024 by rpki-client on console-ams.rpki-client.org