Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/pHmLhdYAtDU53KXFQwa22CoUuC0.roa
File: pHmLhdYAtDU53KXFQwa22CoUuC0.roa (raw, json)
Hash identifier: 0kujgTy8k/lYyIcvgYWcVmg/wdI3o0YjGKxsPoqRkH0=
Subject key identifier: A4:79:8B:85:D6:00:B4:35:39:DC:A5:C5:43:06:B6:D8:2A:14:B8:2D
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 01868A70D14389CA48B16073325DC7F8ACEB
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/pHmLhdYAtDU53KXFQwa22CoUuC0.roa
Signing time: Sat 25 Feb 2023 21:18:14 +0000
ROA not before: Sat 25 Feb 2023 21:18:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208029
IP address blocks: 2a13:79c7:2100::/40 maxlen: 48
2a13:79c7:2122::/47 maxlen: 47
2a13:79c7:2124::/47 maxlen: 47
2a13:79c7:2120::/47 maxlen: 47
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8a:70:d1:43:89:ca:48:b1:60:73:32:5d:c7:f8:ac:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: Feb 25 21:18:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4798b85d600b43539dca5c54306b6d82a14b82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:68:29:07:4f:c6:85:dd:aa:54:83:0a:c1:
4f:b4:b9:63:20:20:c2:e1:6f:2a:81:b9:dc:0a:f2:
6c:7b:90:d7:51:61:55:55:98:cd:b2:9d:dd:de:ac:
42:a5:f4:52:98:56:a9:5e:65:64:28:41:60:45:55:
6d:e8:13:c7:06:77:0c:95:f4:92:6f:5b:37:04:10:
01:83:a8:ac:54:4d:b9:36:a5:89:d8:e8:4d:80:ed:
3c:a7:6a:be:86:88:44:e6:65:85:98:78:32:53:a2:
7c:c7:17:c5:29:ae:b7:c5:05:d2:c0:0c:71:b4:7b:
47:d6:5f:81:ee:6c:1c:e8:27:69:df:b2:ef:83:7b:
37:d3:ef:23:09:a1:84:13:1e:97:12:b0:4d:1e:70:
48:2f:6b:62:a1:7b:4a:7e:b3:73:88:c4:0e:97:e2:
3d:88:cc:e2:60:be:02:da:56:3c:16:b6:90:41:a1:
5d:86:2f:61:41:17:fe:2d:25:9e:24:4d:53:64:a3:
b7:52:1a:6f:43:3f:9c:40:bf:7d:e4:8f:06:0b:9e:
3a:b6:c6:d3:34:44:d2:4a:33:07:8e:aa:c0:93:de:
f0:b3:bf:08:a1:cd:c1:9c:c1:7c:8c:94:8a:3f:ed:
3c:b8:43:16:da:e9:a0:28:4f:55:48:03:87:40:9f:
65:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:79:8B:85:D6:00:B4:35:39:DC:A5:C5:43:06:B6:D8:2A:14:B8:2D
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/pHmLhdYAtDU53KXFQwa22CoUuC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:79c7:2100::/40
Signature Algorithm: sha256WithRSAEncryption
98:fc:c8:4e:35:48:de:82:6d:b2:6c:10:20:ca:46:8f:83:f6:
8c:d7:f1:0c:b3:e9:99:01:e1:2e:0a:6f:23:e4:9b:fe:99:54:
be:92:94:1c:47:d4:1c:bc:fa:1e:ca:e8:03:da:73:0c:d3:f5:
f1:27:f1:ae:85:4a:25:f9:d7:54:01:c0:56:a6:c4:3a:1d:b9:
f6:e9:47:80:15:66:64:59:d0:85:8e:82:43:96:76:a4:38:64:
9b:b6:fa:fe:cd:94:96:89:8a:8c:b9:5b:49:a6:eb:e5:a7:8a:
ff:78:2f:e8:04:42:aa:54:f5:8c:3b:ad:ad:05:a5:60:7d:b9:
10:ae:6a:06:12:8a:ee:18:7b:71:4e:8a:3b:de:f8:cf:e7:0e:
63:38:b9:25:33:03:8f:46:69:f3:27:e5:03:89:36:ae:99:33:
9a:24:45:e9:1b:3e:3c:b6:e4:77:d1:d2:82:11:7a:36:a4:99:
ba:e1:c7:a1:97:cf:95:dc:c1:e9:3b:e6:38:51:ab:d8:ea:e2:
85:5b:df:33:d6:af:3a:ff:0f:ba:f8:3c:eb:df:4e:14:e3:86:
bd:e5:3f:c6:3a:38:97:cb:f2:99:92:38:e9:3a:10:d9:de:47:
ef:08:a6:01:3e:13:6c:12:76:ac:cd:5b:18:e6:4c:99:8e:ff:
5e:68:db:08
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaKcNFDicpIsWBzMl3H+KzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMjI1MjExODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc5OGI4NWQ2MDBiNDM1MzlkY2E1YzU0MzA2YjZkODJhMTRiODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo55oKQdPxoXdqlSDCsFPtLljICDC
4W8qgbncCvJse5DXUWFVVZjNsp3d3qxCpfRSmFapXmVkKEFgRVVt6BPHBncMlfSS
b1s3BBABg6isVE25NqWJ2OhNgO08p2q+hohE5mWFmHgyU6J8xxfFKa63xQXSwAxx
tHtH1l+B7mwc6Cdp37Lvg3s30+8jCaGEEx6XErBNHnBIL2tioXtKfrNziMQOl+I9
iMziYL4C2lY8FraQQaFdhi9hQRf+LSWeJE1TZKO3UhpvQz+cQL995I8GC546tsbT
NETSSjMHjqrAk97ws78Ioc3BnMF8jJSKP+08uEMW2umgKE9VSAOHQJ9lmwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKR5i4XWALQ1OdylxUMGttgqFLgtMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvcEhtTGhkWUF0RFU1M0tYRlF3YTIyQ29VdUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5xyEw
DQYJKoZIhvcNAQELBQADggEBAJj8yE41SN6CbbJsECDKRo+D9ozX8Qyz6ZkB4S4K
byPkm/6ZVL6SlBxH1By8+h7K6APacwzT9fEn8a6FSiX511QBwFamxDodufbpR4AV
ZmRZ0IWOgkOWdqQ4ZJu2+v7NlJaJioy5W0mm6+Wniv94L+gEQqpU9Yw7ra0FpWB9
uRCuagYSiu4Ye3FOijve+M/nDmM4uSUzA49GafMn5QOJNq6ZM5okRekbPjy25HfR
0oIRejakmbrhx6GXz5Xcwek75jhRq9jq4oVb3zPWrzr/D7r4POvfThTjhr3lP8Y6
OJfL8pmSOOk6ENneR+8IpgE+E2wSdqzNWxjmTJmO/15o2wg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org