Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/1-whWkkn2A9hItw8QFwpOk-XbpUg.roa
File: 1-whWkkn2A9hItw8QFwpOk-XbpUg.roa (raw, json)
Hash identifier: K1a9lmLRY4S5T+Ysf31G+1vnvPCtbGoOlsVrG4nszeE=
Subject key identifier: FB:08:56:92:49:F6:03:D8:48:B7:0F:10:17:0A:4E:93:E5:DB:A5:48
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 0186210B810CE5DD8EF0A4FBF75A17F5CFC5
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/1-whWkkn2A9hItw8QFwpOk-XbpUg.roa
Signing time: Sun 05 Feb 2023 10:07:27 +0000
ROA not before: Sun 05 Feb 2023 10:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49778
IP address blocks: 2a12:70c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 Mar 2023 12:14:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:21:0b:81:0c:e5:dd:8e:f0:a4:fb:f7:5a:17:f5:cf:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Feb 5 10:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb08569249f603d848b70f10170a4e93e5dba548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2e:c7:11:a6:7d:a8:29:7f:82:86:cc:af:b5:
0f:d2:08:10:3c:7f:81:a1:86:f9:89:3d:1e:c4:18:
b2:fd:3a:49:e8:28:39:4f:04:67:1d:d3:a1:2d:93:
c3:aa:2a:1f:2e:1a:2e:67:14:e1:3f:29:1a:92:78:
0b:b0:57:86:49:47:86:3f:53:96:af:b1:de:25:7c:
24:e2:b4:41:0a:93:99:6f:4f:92:b7:28:3c:e3:96:
fb:b3:ba:c8:6c:3f:56:b0:d0:b6:49:32:c5:05:ef:
18:bf:58:b8:b8:45:d2:06:6d:a6:e4:7d:11:b7:f8:
28:6a:71:87:e4:63:aa:4f:3a:7a:ea:6b:97:f3:25:
87:78:96:c3:d9:b3:b9:01:2d:80:c9:62:dc:b0:81:
bc:a9:f4:a5:3a:58:1b:57:df:8b:af:8d:df:1b:98:
4e:36:96:ad:cd:f1:04:81:43:7d:e5:f7:d5:58:8f:
f9:09:3c:49:22:ef:87:c6:45:81:bd:f9:2e:0b:97:
f6:02:ca:10:44:73:e6:65:07:3a:b6:30:64:1f:c5:
cd:f9:bb:45:b9:e9:01:32:81:3b:8b:9f:8d:37:f7:
e9:4c:b0:73:e7:67:36:5c:46:4b:33:5d:17:79:b7:
cc:ac:4f:bc:e4:e7:65:97:52:43:91:d8:3e:e7:ae:
02:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:08:56:92:49:F6:03:D8:48:B7:0F:10:17:0A:4E:93:E5:DB:A5:48
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/1-whWkkn2A9hItw8QFwpOk-XbpUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:70c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:85:2b:11:fd:91:77:34:0f:0c:83:d8:fd:87:86:1e:5c:58:
6a:08:af:87:03:1f:c6:6b:14:26:4c:62:27:39:75:fd:0a:a9:
2e:c7:97:c5:8f:77:2a:e2:e4:77:48:dc:45:39:8a:f8:ed:ff:
0d:fd:32:fb:df:39:5c:bf:20:5d:f3:24:d6:03:ca:f6:e3:63:
59:ea:e2:d4:f5:e4:d2:ee:91:71:58:f3:4e:28:c3:65:c4:c9:
45:7b:f3:b8:ca:5e:ca:af:bd:47:86:67:32:b3:c0:ae:5d:80:
f1:81:15:57:82:f7:3a:50:4c:82:bb:22:47:34:7e:ac:b6:ca:
9f:f8:3e:ea:6c:a1:88:bd:f2:68:16:2b:71:f3:b8:17:21:88:
d0:20:96:16:ce:08:7a:c5:b1:98:53:bc:bf:5e:b9:55:94:a9:
a0:fa:b3:5c:35:f9:1e:d0:40:8d:ff:26:03:77:9a:e1:df:5c:
72:83:34:11:98:2a:a7:c7:a9:8a:3f:e9:60:a0:c6:6e:33:4b:
47:7f:c7:23:d6:ee:0e:45:53:c5:28:6a:43:78:e7:59:f6:51:
ff:ee:f1:dc:02:69:fc:27:46:99:0d:ba:0c:0b:78:26:5e:1f:
7d:a0:d1:91:ac:e7:42:f1:b5:d0:70:cb:4f:fe:fb:15:42:01:
f2:5b:fc:ba
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYYhC4EM5d2O8KT791oX9c/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjMwMjA1MTAwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA4NTY5MjQ5ZjYwM2Q4NDhiNzBmMTAxNzBhNGU5M2U1ZGJhNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS7HEaZ9qCl/gobMr7UP0ggQPH+B
oYb5iT0exBiy/TpJ6Cg5TwRnHdOhLZPDqiofLhouZxThPykakngLsFeGSUeGP1OW
r7HeJXwk4rRBCpOZb0+Styg845b7s7rIbD9WsNC2STLFBe8Yv1i4uEXSBm2m5H0R
t/goanGH5GOqTzp66muX8yWHeJbD2bO5AS2AyWLcsIG8qfSlOlgbV9+Lr43fG5hO
NpatzfEEgUN95ffVWI/5CTxJIu+HxkWBvfkuC5f2AsoQRHPmZQc6tjBkH8XN+btF
uekBMoE7i5+NN/fpTLBz52c2XEZLM10XebfMrE+85Odll1JDkdg+564CmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPsIVpJJ9gPYSLcPEBcKTpPl26VIMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvMS13aFdra24yQTloSXR3OFFGd3BPay1YYnBVZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDYvYThkYWRjLTYxMWItNDA2My1hZGI2LTU1YjY1OWNkODJi
Yi8xL0lYdDZzR0s4Z29zMGpRVXdibVUxUjBpNTF0WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoScMAw
DQYJKoZIhvcNAQELBQADggEBAEuFKxH9kXc0DwyD2P2Hhh5cWGoIr4cDH8ZrFCZM
Yic5df0KqS7Hl8WPdyri5HdI3EU5ivjt/w39MvvfOVy/IF3zJNYDyvbjY1nq4tT1
5NLukXFY804ow2XEyUV787jKXsqvvUeGZzKzwK5dgPGBFVeC9zpQTIK7Ikc0fqy2
yp/4PupsoYi98mgWK3HzuBchiNAglhbOCHrFsZhTvL9euVWUqaD6s1w1+R7QQI3/
JgN3muHfXHKDNBGYKqfHqYo/6WCgxm4zS0d/xyPW7g5FU8UoakN451n2Uf/u8dwC
afwnRpkNugwLeCZeH32g0ZGs50LxtdBwy0/++xVCAfJb/Lo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:43 2024 by rpki-client on console-ams.rpki-client.org