Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/1-V5n5u73c4OHBiwqQinCdbbtC4E.roa
File: 1-V5n5u73c4OHBiwqQinCdbbtC4E.roa (raw, json)
Hash identifier: v7pXpq4rZ9jESw5peXb2drfInZQG4P3OSANc0bP7cB0=
Subject key identifier: F9:5E:67:E6:EE:F7:73:83:87:06:2C:2A:42:29:C2:75:B6:ED:0B:81
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 018BA50C69A41C64B57442784538E1608AE5
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/1-V5n5u73c4OHBiwqQinCdbbtC4E.roa
Signing time: Mon 06 Nov 2023 14:32:15 +0000
ROA not before: Mon 06 Nov 2023 14:32:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 2a0f:a780::/29 maxlen: 29
2a0f:780::/29 maxlen: 29
2a0e:5bc0::/29 maxlen: 29
2a0f:1080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:0c:69:a4:1c:64:b5:74:42:78:45:38:e1:60:8a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Nov 6 14:32:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f95e67e6eef7738387062c2a4229c275b6ed0b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:40:1f:99:18:a3:e5:26:4c:e3:a2:de:4b:
c6:63:69:bc:68:32:39:17:ad:40:9b:ef:47:01:b0:
39:9e:92:60:7b:65:b4:70:b4:b7:b5:21:28:a5:24:
3c:92:54:69:2e:10:1a:91:8c:3d:7f:11:bd:5d:58:
c4:a2:fe:01:fd:25:9f:1c:50:86:0b:3d:a3:ef:da:
81:d4:e6:46:e6:a0:f4:f8:8f:d3:c9:b6:30:9c:dd:
67:ee:22:70:a6:ee:48:70:a2:09:78:c6:c0:7f:ee:
40:c4:7f:78:88:6e:cf:cb:47:99:66:ac:28:23:ee:
a2:c5:1f:dc:28:38:62:a0:1d:b8:75:73:87:8a:62:
72:e3:0c:ab:bf:ad:d3:47:2c:52:ab:5e:3e:c8:a2:
e9:b6:87:a4:63:1f:c0:da:50:8a:38:ff:50:e8:b0:
93:c9:e3:87:de:a6:93:70:50:87:9b:86:8a:ec:e6:
0c:69:82:0c:11:b3:cb:8f:60:52:f4:d4:ef:00:a0:
0d:37:2d:aa:38:02:34:f5:2c:83:89:9a:8e:b5:22:
11:13:71:b9:5f:81:6b:5e:96:19:63:98:cc:dc:a0:
60:a3:70:50:9d:e4:ca:3a:48:74:70:f6:b8:96:04:
b1:a5:74:f9:92:3c:0b:b2:92:d4:d5:25:ec:91:44:
9c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5E:67:E6:EE:F7:73:83:87:06:2C:2A:42:29:C2:75:B6:ED:0B:81
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/1-V5n5u73c4OHBiwqQinCdbbtC4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5bc0::/29
2a0f:780::/29
2a0f:1080::/29
2a0f:a780::/29
Signature Algorithm: sha256WithRSAEncryption
2d:f2:1b:47:4b:ce:7c:6f:9d:e6:69:51:af:5b:5e:74:8e:10:
d2:ec:a0:8b:04:73:3d:7d:e2:14:5f:ab:01:8f:44:c2:86:02:
c8:49:ae:05:8f:98:e0:d6:85:53:87:56:27:c8:48:8c:32:65:
ed:5c:bf:02:2a:3f:b9:50:3c:09:cd:1b:7e:62:9d:5b:b8:65:
c3:b4:73:4e:50:10:e5:8f:2e:f3:bc:01:3a:26:29:62:80:96:
f8:20:c5:a1:81:a2:c9:5b:0f:c5:8e:4f:f2:d7:b3:42:89:43:
85:f8:6d:87:d6:7a:c7:59:45:9f:61:50:72:78:bb:c3:2b:29:
14:8c:94:8a:65:09:5d:46:31:3d:56:35:32:4f:43:70:ad:56:
7b:09:64:d0:d2:e1:b9:ea:90:05:a4:eb:2f:44:76:80:d4:6e:
74:c5:f7:39:f7:80:ff:f5:6b:64:5f:72:55:ce:ce:07:84:15:
67:2f:ae:b8:86:5f:95:c4:cd:a5:6e:0f:3d:8e:79:7a:a3:2b:
ac:73:d4:6d:dc:b2:e9:91:7e:d6:b2:0e:02:51:4e:02:1d:d3:
77:1e:a0:7f:00:be:ad:ef:65:65:4c:42:da:34:5f:d7:e2:ab:
f3:90:5f:d4:13:34:19:d8:6a:09:16:26:16:a2:01:a1:68:5f:
02:6e:c5:34
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYulDGmkHGS1dEJ4RTjhYIrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjMxMTA2MTQzMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVlNjdlNmVlZjc3MzgzODcwNjJjMmE0MjI5YzI3NWI2ZWQwYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJhAH5kYo+UmTOOi3kvGY2m8aDI5
F61Am+9HAbA5npJge2W0cLS3tSEopSQ8klRpLhAakYw9fxG9XVjEov4B/SWfHFCG
Cz2j79qB1OZG5qD0+I/TybYwnN1n7iJwpu5IcKIJeMbAf+5AxH94iG7Py0eZZqwo
I+6ixR/cKDhioB24dXOHimJy4wyrv63TRyxSq14+yKLptoekYx/A2lCKOP9Q6LCT
yeOH3qaTcFCHm4aK7OYMaYIMEbPLj2BS9NTvAKANNy2qOAI09SyDiZqOtSIRE3G5
X4FrXpYZY5jM3KBgo3BQneTKOkh0cPa4lgSxpXT5kjwLspLU1SXskUScMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPleZ+bu93ODhwYsKkIpwnW27QuBMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvMS1WNW41dTczYzRPSEJpd3FRaW5DZGJidEM0RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjUvYWY5NmRmLWE0ZDUtNDhmOS1hYzBjLTI0ZDhlNzQ3YzM4
Zi8xL0V2MVZpbVRwZFlha1BjZnVVS2pXc3BJMlcyQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFAyoOW8AD
BQMqDweAAwUDKg8QgAMFAyoPp4AwDQYJKoZIhvcNAQELBQADggEBAC3yG0dLznxv
neZpUa9bXnSOENLsoIsEcz194hRfqwGPRMKGAshJrgWPmODWhVOHVifISIwyZe1c
vwIqP7lQPAnNG35inVu4ZcO0c05QEOWPLvO8ATomKWKAlvggxaGBoslbD8WOT/LX
s0KJQ4X4bYfWesdZRZ9hUHJ4u8MrKRSMlIplCV1GMT1WNTJPQ3CtVnsJZNDS4bnq
kAWk6y9EdoDUbnTF9zn3gP/1a2RfclXOzgeEFWcvrriGX5XEzaVuDz2OeXqjK6xz
1G3csumRftayDgJRTgId03ceoH8Avq3vZWVMQto0X9fiq/OQX9QTNBnYagkWJhai
AaFoXwJuxTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:50 2024 by rpki-client on console-ams.rpki-client.org