Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/thFTVAd5irfaUN-XmUygWXR_Ik0.roa
File: thFTVAd5irfaUN-XmUygWXR_Ik0.roa (raw, json)
Hash identifier: tKWeT3fZ909sTZTL2dfhwy+RxbY15LmwnKRL6SUPncI=
Subject key identifier: B6:11:53:54:07:79:8A:B7:DA:50:DF:97:99:4C:A0:59:74:7F:22:4D
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 018649AF433F544F6492547BDA6053BC4D82
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/thFTVAd5irfaUN-XmUygWXR_Ik0.roa
Signing time: Mon 13 Feb 2023 07:31:08 +0000
ROA not before: Mon 13 Feb 2023 07:31:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208029
IP address blocks: 2a13:79c7:2100::/40 maxlen: 40
2a13:79c7:2122::/47 maxlen: 47
2a13:79c7:2124::/47 maxlen: 47
2a13:79c7:2120::/47 maxlen: 47
Validation: Failed, certificate revoked on Sat 25 Feb 2023 21:18:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:af:43:3f:54:4f:64:92:54:7b:da:60:53:bc:4d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: Feb 13 07:31:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b611535407798ab7da50df97994ca059747f224d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:73:37:76:05:03:c1:a0:3b:84:d4:46:4e:26:
52:b4:84:52:b1:82:a2:c1:dc:c0:13:f1:1a:0e:9a:
85:73:1d:62:1a:dc:a5:74:c1:40:0a:8f:1f:29:b3:
50:2d:ef:b2:d9:d8:43:3e:fc:96:23:ad:ab:f1:32:
5a:6f:73:6d:21:21:19:be:6b:72:a4:94:32:50:08:
5d:f6:95:f2:77:59:bb:75:d2:a0:48:da:0d:11:dc:
7c:19:cd:60:7d:12:ca:2e:51:aa:9d:92:c3:1c:e7:
b0:7b:63:67:90:5e:da:92:97:f5:f8:03:d1:32:85:
1a:c7:f3:c4:c3:02:b0:30:61:0d:66:fe:8a:71:93:
21:f8:70:7e:54:6b:7c:ca:0a:a1:73:94:e4:66:34:
ba:81:ca:33:01:31:3f:c8:42:a8:60:d2:59:cc:0d:
61:97:c1:16:49:80:7a:da:7d:a7:8b:26:7b:90:59:
1b:46:13:8f:9c:75:cb:92:f3:4f:0c:77:c1:de:e9:
c0:51:3c:88:1a:f2:15:01:d0:97:7a:75:32:d0:11:
ee:e4:d5:12:b1:b7:cc:3d:c6:8d:af:0a:8e:8f:67:
54:8d:9f:ab:32:76:de:a3:e7:84:88:ef:37:a5:95:
c5:45:39:72:ae:f9:bb:69:d1:14:ab:4e:d1:7b:e6:
de:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:11:53:54:07:79:8A:B7:DA:50:DF:97:99:4C:A0:59:74:7F:22:4D
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/thFTVAd5irfaUN-XmUygWXR_Ik0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:79c7:2100::/40
Signature Algorithm: sha256WithRSAEncryption
1f:39:26:0f:3c:5a:6c:20:65:02:53:53:da:5e:a0:c3:0e:18:
a2:86:04:d3:7d:4d:d1:f6:e0:ac:d3:dd:9c:c0:65:b2:1a:d6:
cf:70:44:b6:44:b6:04:6b:21:3c:0f:1f:31:2e:d4:ce:a9:81:
dc:9b:8d:5f:52:19:d9:97:a2:fe:76:a2:6a:25:58:df:59:78:
f2:00:61:65:28:fd:1b:19:3e:59:2f:ad:85:00:99:5c:80:c0:
bd:f1:8e:25:19:e9:10:ae:1f:ea:64:d0:ff:c9:94:1b:b9:bb:
6d:be:52:06:ee:4d:a9:c6:a1:07:bc:14:9c:6b:fe:a8:a6:c3:
a5:40:5b:8a:c5:80:f2:d2:84:5c:1c:cf:c0:8a:62:b3:a1:5c:
bd:fe:38:9a:56:6c:f3:c9:73:5c:86:56:26:8a:80:62:37:04:
00:ba:91:4d:e6:07:18:3e:e6:76:ce:f2:87:d1:71:b7:6f:3e:
58:00:1c:64:4b:79:1d:da:2d:7c:bf:19:11:24:08:8c:08:04:
55:92:61:ba:32:e0:5a:7d:20:77:86:97:b7:10:01:46:55:aa:
97:81:43:ff:a1:9b:9c:56:34:52:84:4f:2a:69:32:8a:be:e7:
1b:46:c4:fc:88:05:ae:a4:e0:34:99:3d:0c:cc:3d:ac:b8:d5:
fb:3c:44:2f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZJr0M/VE9kklR72mBTvE2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjMwMjEzMDczMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjExNTM1NDA3Nzk4YWI3ZGE1MGRmOTc5OTRjYTA1OTc0N2YyMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnM3dgUDwaA7hNRGTiZStIRSsYKi
wdzAE/EaDpqFcx1iGtyldMFACo8fKbNQLe+y2dhDPvyWI62r8TJab3NtISEZvmty
pJQyUAhd9pXyd1m7ddKgSNoNEdx8Gc1gfRLKLlGqnZLDHOewe2NnkF7akpf1+APR
MoUax/PEwwKwMGENZv6KcZMh+HB+VGt8ygqhc5TkZjS6gcozATE/yEKoYNJZzA1h
l8EWSYB62n2niyZ7kFkbRhOPnHXLkvNPDHfB3unAUTyIGvIVAdCXenUy0BHu5NUS
sbfMPcaNrwqOj2dUjZ+rMnbeo+eEiO83pZXFRTlyrvm7adEUq07Re+beQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLYRU1QHeYq32lDfl5lMoFl0fyJNMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvdGhGVFZBZDVpcmZhVU4tWG1VeWdXWFJfSWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5xyEw
DQYJKoZIhvcNAQELBQADggEBAB85Jg88WmwgZQJTU9peoMMOGKKGBNN9TdH24KzT
3ZzAZbIa1s9wRLZEtgRrITwPHzEu1M6pgdybjV9SGdmXov52omolWN9ZePIAYWUo
/RsZPlkvrYUAmVyAwL3xjiUZ6RCuH+pk0P/JlBu5u22+UgbuTanGoQe8FJxr/qim
w6VAW4rFgPLShFwcz8CKYrOhXL3+OJpWbPPJc1yGViaKgGI3BAC6kU3mBxg+5nbO
8ofRcbdvPlgAHGRLeR3aLXy/GREkCIwIBFWSYboy4Fp9IHeGl7cQAUZVqpeBQ/+h
m5xWNFKETyppMoq+5xtGxPyIBa6k4DSZPQzMPay41fs8RC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org