Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/F7WtuHwJbdEAXlFLfAJRqcaylxs.roa
File: F7WtuHwJbdEAXlFLfAJRqcaylxs.roa (raw, json)
Hash identifier: F8hqGLuj4FcRhdYqb1kFQXoaPOUF+DgIycDK+7v7HTM=
Subject key identifier: 17:B5:AD:B8:7C:09:6D:D1:00:5E:51:4B:7C:02:51:A9:C6:B2:97:1B
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 018AB67D91817B3D3F09003B0A0570BBAACA
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/F7WtuHwJbdEAXlFLfAJRqcaylxs.roa
Signing time: Thu 21 Sep 2023 06:46:37 +0000
ROA not before: Thu 21 Sep 2023 06:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211368
IP address blocks: 2a13:e6c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:7d:91:81:7b:3d:3f:09:00:3b:0a:05:70:bb:aa:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Sep 21 06:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17b5adb87c096dd1005e514b7c0251a9c6b2971b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:e5:1a:d7:b6:c9:0e:e3:3e:30:38:7a:3e:
08:a6:e6:f0:7b:8c:e7:f5:3b:e0:c2:ee:28:31:96:
05:b4:e0:ca:9d:74:12:4a:12:ac:bc:07:18:7f:2f:
77:31:77:fe:d5:a2:f4:43:e1:45:fb:ab:1e:61:af:
62:8b:e1:cf:8c:99:ed:87:33:39:c1:ec:92:18:f3:
ff:de:f5:c7:2e:83:c9:44:30:29:d9:e1:14:5c:54:
ed:c2:7c:5c:81:5e:5c:c6:9e:4c:d8:26:6e:9d:e7:
f9:79:5b:a0:c8:65:1d:f4:e3:f5:42:4f:60:c5:37:
46:da:26:45:6b:49:74:6f:ec:fe:10:b3:09:30:53:
65:9c:64:f9:d9:57:13:ea:aa:58:db:19:70:ad:88:
64:08:ac:58:61:d7:71:a2:29:0f:85:7d:94:b8:0a:
98:6f:b1:cd:80:7c:0c:c3:4a:ff:c9:d8:35:aa:f2:
64:03:ce:9e:c3:0f:70:9a:7c:45:21:88:35:ba:98:
c9:0a:73:76:f8:17:1d:19:ec:76:af:06:d1:6d:40:
7f:07:77:29:4b:30:19:d8:40:63:4c:6f:c0:16:1d:
cc:92:d2:e8:63:f5:af:b7:93:76:5a:45:4c:41:33:
07:6f:37:25:e1:93:1a:b2:24:94:14:a4:d1:23:5c:
5d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B5:AD:B8:7C:09:6D:D1:00:5E:51:4B:7C:02:51:A9:C6:B2:97:1B
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/F7WtuHwJbdEAXlFLfAJRqcaylxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
64:c9:dc:5e:75:6c:80:d8:28:45:95:82:e0:d5:2b:65:22:d2:
12:c5:d1:35:35:b4:b1:a6:56:c5:b5:ed:23:9e:53:3c:b1:46:
9a:78:43:3c:1c:09:c1:79:d3:fc:8e:d4:90:02:6c:ba:de:a1:
e3:a8:62:74:ad:4c:ac:fe:f1:87:5d:84:cd:1f:21:89:f2:0a:
4a:55:72:e9:05:a7:58:fb:94:b0:56:a3:e1:86:0b:21:11:67:
43:5f:fa:54:66:f1:f7:7f:b0:1b:27:d9:08:95:de:f9:dc:66:
a1:18:2c:99:55:b0:ef:29:27:d3:51:28:6d:ac:c3:9f:90:a0:
e6:5a:41:63:7e:1a:6b:33:97:42:3d:23:55:6c:e9:a6:e8:9c:
d2:ab:9f:f0:56:1c:57:6d:46:5f:8a:30:12:28:b8:e3:07:5f:
2f:e6:da:68:e7:66:60:97:ee:6d:99:c6:f1:62:4f:71:fe:df:
2b:60:af:27:99:07:25:b8:b1:60:61:5d:df:6d:1c:1b:a7:2b:
e7:ad:8c:d3:6c:c4:34:a2:8a:2b:6d:db:0c:ff:f8:5f:7f:87:
8f:8b:ca:eb:48:7c:6d:2d:4c:ef:77:08:fa:c6:c9:82:2a:21:
68:f2:af:98:b2:a1:94:33:57:ba:ff:30:48:2f:30:d6:3b:69:
5d:4e:9b:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYq2fZGBez0/CQA7CgVwu6rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjMwOTIxMDY0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I1YWRiODdjMDk2ZGQxMDA1ZTUxNGI3YzAyNTFhOWM2YjI5NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFzlGte2yQ7jPjA4ej4Ipubwe4zn
9Tvgwu4oMZYFtODKnXQSShKsvAcYfy93MXf+1aL0Q+FF+6seYa9ii+HPjJnthzM5
weySGPP/3vXHLoPJRDAp2eEUXFTtwnxcgV5cxp5M2CZunef5eVugyGUd9OP1Qk9g
xTdG2iZFa0l0b+z+ELMJMFNlnGT52VcT6qpY2xlwrYhkCKxYYddxoikPhX2UuAqY
b7HNgHwMw0r/ydg1qvJkA86eww9wmnxFIYg1upjJCnN2+BcdGex2rwbRbUB/B3cp
SzAZ2EBjTG/AFh3MktLoY/Wvt5N2WkVMQTMHbzcl4ZMasiSUFKTRI1xdRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBe1rbh8CW3RAF5RS3wCUanGspcbMB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEvRjdXdHVId0piZEVBWGxGTGZBSlJxY2F5bHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPmwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZMncXnVsgNgoRZWC4NUrZSLSEsXRNTW0saZWxbXt
I55TPLFGmnhDPBwJwXnT/I7UkAJsut6h46hidK1MrP7xh12EzR8hifIKSlVy6QWn
WPuUsFaj4YYLIRFnQ1/6VGbx93+wGyfZCJXe+dxmoRgsmVWw7ykn01EobazDn5Cg
5lpBY34aazOXQj0jVWzppuic0quf8FYcV21GX4owEii44wdfL+baaOdmYJfubZnG
8WJPcf7fK2CvJ5kHJbixYGFd320cG6cr562M02zENKKKK23bDP/4X3+Hj4vK60h8
bS1M73cI+sbJgiohaPKvmLKhlDNXuv8wSC8w1jtpXU6bOw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:44 2024 by rpki-client on console-fra.rpki-client.org