Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/H8hxbzEd0XkEpTyWGd_spGg62UE.roa
File: H8hxbzEd0XkEpTyWGd_spGg62UE.roa (raw, json)
Hash identifier: N33CKkg8D1oKXp4g7fHxHkkiIxs/R0cYgH6PccUocfc=
Subject key identifier: 1F:C8:71:6F:31:1D:D1:79:04:A5:3C:96:19:DF:EC:A4:68:3A:D9:41
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 01868A6FE7FC575C299D098DA22E4B3394FC
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/H8hxbzEd0XkEpTyWGd_spGg62UE.roa
Signing time: Sat 25 Feb 2023 21:17:14 +0000
ROA not before: Sat 25 Feb 2023 21:17:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200056
IP address blocks: 2a13:79c7:1700::/40 maxlen: 48
2a13:79c7:17a0::/46 maxlen: 46
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8a:6f:e7:fc:57:5c:29:9d:09:8d:a2:2e:4b:33:94:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: Feb 25 21:17:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fc8716f311dd17904a53c9619dfeca4683ad941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:c2:b0:59:d8:8a:db:22:b0:39:a2:a8:83:
88:c6:c7:fe:95:15:93:3c:5f:e5:03:dd:01:78:16:
6f:64:ed:ed:8c:6e:0a:9b:b7:7b:ab:ec:15:7e:34:
72:fb:cd:24:1c:b1:71:4d:43:cc:3e:a6:5a:7d:f7:
93:b8:78:b6:b9:e0:5c:93:61:ed:03:53:52:80:cf:
35:7c:11:59:90:ab:66:84:2a:22:22:e5:50:fc:c9:
42:c6:72:5c:ca:06:fd:c9:c5:1e:c5:2e:4f:96:92:
0c:60:71:1d:69:9a:aa:c1:1d:48:6b:cb:db:aa:87:
db:b1:54:8f:ea:05:3d:62:4f:45:82:ff:ca:a1:f6:
c7:6f:25:55:3f:fb:fd:c5:ab:49:68:93:9d:9b:6a:
74:3d:8d:4d:d3:ca:53:90:a7:53:2b:ee:c5:d0:5a:
62:b3:05:9f:01:a9:71:50:66:ad:5f:43:cc:ea:ed:
05:89:41:96:bb:3d:ea:fe:eb:ca:c6:92:b6:b3:6f:
d1:93:00:9f:bd:ba:8b:a7:da:16:5d:3c:1b:6d:b1:
6c:3a:bf:b3:15:94:e9:0d:83:7e:45:5f:52:23:bc:
4d:46:97:78:77:55:79:a2:51:59:d3:0c:94:d9:30:
44:c5:b9:4e:63:1d:46:08:4e:cb:70:88:c7:33:53:
8e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C8:71:6F:31:1D:D1:79:04:A5:3C:96:19:DF:EC:A4:68:3A:D9:41
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/H8hxbzEd0XkEpTyWGd_spGg62UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:79c7:1700::/40
Signature Algorithm: sha256WithRSAEncryption
a7:f1:d4:50:45:8f:78:ea:36:dc:0e:56:f5:0a:ea:03:a6:6a:
7e:03:d6:27:25:f9:55:0b:c7:3d:89:82:fe:28:47:17:67:00:
f4:86:6e:a3:8b:fd:f1:27:ce:da:f5:c8:14:83:92:17:d3:09:
f8:98:b4:a5:f8:e5:7d:67:37:dc:3d:0d:c7:cc:94:a9:b6:5a:
ba:90:ce:79:ac:ea:fb:f5:7e:fb:e5:0e:37:f7:14:5b:8e:83:
5b:b0:14:77:02:cd:ff:41:7e:5c:fe:da:86:d8:e9:8e:6d:47:
f6:12:9a:c0:3b:6c:56:f4:53:c5:04:6a:42:6c:e6:8d:03:fa:
54:1e:51:35:7b:21:8e:fb:89:f4:c4:7d:0d:67:7a:ad:9b:09:
04:15:02:c0:2e:28:d1:7d:04:d0:08:10:c6:ab:36:22:0b:63:
2e:76:04:25:ca:8b:4d:08:94:56:8d:dc:d5:30:a9:2d:50:42:
88:fa:56:6e:2b:58:39:9c:8b:54:27:18:4e:c1:06:1f:dd:4e:
7e:c0:85:82:6b:ca:69:52:92:50:c9:69:ca:78:c1:6c:4e:19:
65:f7:f1:62:75:38:a8:f5:e2:56:4c:42:8b:8e:53:68:4a:c7:
ad:f3:f3:ea:23:65:37:a9:3d:2a:9a:76:01:da:35:47:b7:10:
94:b2:dc:a6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaKb+f8V1wpnQmNoi5LM5T8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMjI1MjExNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM4NzE2ZjMxMWRkMTc5MDRhNTNjOTYxOWRmZWNhNDY4M2FkOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvenCsFnYitsisDmiqIOIxsf+lRWT
PF/lA90BeBZvZO3tjG4Km7d7q+wVfjRy+80kHLFxTUPMPqZaffeTuHi2ueBck2Ht
A1NSgM81fBFZkKtmhCoiIuVQ/MlCxnJcygb9ycUexS5PlpIMYHEdaZqqwR1Ia8vb
qofbsVSP6gU9Yk9Fgv/KofbHbyVVP/v9xatJaJOdm2p0PY1N08pTkKdTK+7F0Fpi
swWfAalxUGatX0PM6u0FiUGWuz3q/uvKxpK2s2/RkwCfvbqLp9oWXTwbbbFsOr+z
FZTpDYN+RV9SI7xNRpd4d1V5olFZ0wyU2TBExblOYx1GCE7LcIjHM1OOTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB/IcW8xHdF5BKU8lhnf7KRoOtlBMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvSDhoeGJ6RWQwWGtFcFR5V0dkX3NwR2c2MlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5xxcw
DQYJKoZIhvcNAQELBQADggEBAKfx1FBFj3jqNtwOVvUK6gOman4D1icl+VULxz2J
gv4oRxdnAPSGbqOL/fEnztr1yBSDkhfTCfiYtKX45X1nN9w9DcfMlKm2WrqQznms
6vv1fvvlDjf3FFuOg1uwFHcCzf9Bflz+2obY6Y5tR/YSmsA7bFb0U8UEakJs5o0D
+lQeUTV7IY77ifTEfQ1neq2bCQQVAsAuKNF9BNAIEMarNiILYy52BCXKi00IlFaN
3NUwqS1QQoj6Vm4rWDmci1QnGE7BBh/dTn7AhYJrymlSklDJacp4wWxOGWX38WJ1
OKj14lZMQouOU2hKx63z8+ojZTepPSqadgHaNUe3EJSy3KY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org