Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/2UoHGEvf2emMr_vOP0NliD7yYhs.roa
File: 2UoHGEvf2emMr_vOP0NliD7yYhs.roa (raw, json)
Hash identifier: pToNIAnM3b6NBO05PYieI402x6kXHzaOBUXVEUDelTY=
Subject key identifier: D9:4A:07:18:4B:DF:D9:E9:8C:AF:FB:CE:3F:43:65:88:3E:F2:62:1B
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018CC6B8F891082C3DF4873EDBB513D8DABD
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/2UoHGEvf2emMr_vOP0NliD7yYhs.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34685
IP address blocks: 2a01:7f0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Jan 2024 10:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:91:08:2c:3d:f4:87:3e:db:b5:13:d8:da:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d94a07184bdfd9e98caffbce3f4365883ef2621b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dc:5e:d3:d5:dc:28:bc:6a:88:9e:be:95:68:
9b:13:d2:ef:77:52:19:a3:f2:dd:59:8b:93:98:f1:
cf:40:67:15:1c:26:03:ed:81:88:21:02:33:ce:13:
d6:e1:69:bc:07:8d:07:5e:af:9e:92:fe:ba:e8:66:
10:8b:96:4d:f2:17:0b:bf:b4:d7:49:99:38:b1:fa:
3a:c8:d9:34:f7:ea:fc:96:20:54:43:3b:af:6d:a6:
97:c1:93:b4:cf:3c:a5:44:8e:e8:d5:58:6e:a6:9f:
92:ce:9b:ae:85:00:5e:4c:e4:1f:2f:66:12:9e:2c:
10:0c:8f:78:cd:03:5a:9b:64:7f:bc:a3:ca:66:43:
bb:b5:cf:fe:12:4b:fb:80:8e:0f:ed:28:28:95:b6:
38:1d:46:0c:46:5d:84:f0:4d:81:d1:d8:a0:46:54:
95:19:1d:09:93:23:20:34:8a:5a:b0:0c:f4:cf:44:
de:88:1d:1f:d8:e2:40:a1:8c:65:d0:04:d6:85:57:
ee:a8:ca:2f:b1:b7:2a:96:75:93:ce:05:c5:62:33:
8b:35:f6:27:83:31:58:e5:f3:cb:e6:fb:b3:8c:4d:
47:7b:37:03:68:06:f0:2d:a6:27:8c:0b:08:7d:8a:
10:e9:fa:9c:b6:28:3b:d6:36:ec:76:2e:b1:fa:61:
60:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4A:07:18:4B:DF:D9:E9:8C:AF:FB:CE:3F:43:65:88:3E:F2:62:1B
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/2UoHGEvf2emMr_vOP0NliD7yYhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
71:f0:38:93:25:03:60:bf:2d:19:eb:7f:30:3c:77:12:7e:a3:
b2:5c:c9:bc:c3:d1:2f:b7:16:c0:2f:df:20:4c:a2:92:cd:0e:
df:f8:77:e8:32:7d:27:32:0e:64:ae:fd:5e:f7:65:df:bb:9e:
32:45:fd:ca:ad:2e:18:f8:e0:a9:a9:f9:5b:7b:54:a3:68:fd:
4a:26:e5:65:16:25:ba:d0:ac:ca:0c:50:ae:3f:d0:1c:35:f6:
0c:24:94:2a:8d:e4:b5:25:da:34:fc:82:4b:69:14:76:0d:b0:
67:63:0d:aa:4a:0d:84:e3:4c:af:f6:02:da:ef:f6:35:cd:12:
ce:76:64:25:20:a3:87:c8:c7:35:47:76:22:b7:49:88:ab:37:
d9:6d:95:a8:f5:33:ca:d7:70:09:63:db:90:5c:74:ed:dc:af:
05:2e:19:df:69:9f:e9:e2:b8:70:52:75:00:02:ef:20:0e:b6:
40:22:df:3f:5e:a3:cd:47:a4:4a:46:74:27:4f:56:3d:24:c2:
12:23:29:4e:c3:a4:c4:20:22:10:6c:21:e2:e4:b5:a5:05:e0:
86:36:c3:da:70:22:ff:32:77:8e:35:f4:47:0d:e2:ef:0b:0e:
4b:e6:9e:2c:17:35:7f:07:1c:14:85:ac:bd:d8:27:3f:b1:87:
86:49:19:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGuPiRCCw99Ic+27UT2Nq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRhMDcxODRiZGZkOWU5OGNhZmZiY2UzZjQzNjU4ODNlZjI2MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3txe09XcKLxqiJ6+lWibE9Lvd1IZ
o/LdWYuTmPHPQGcVHCYD7YGIIQIzzhPW4Wm8B40HXq+ekv666GYQi5ZN8hcLv7TX
SZk4sfo6yNk09+r8liBUQzuvbaaXwZO0zzylRI7o1Vhupp+SzpuuhQBeTOQfL2YS
niwQDI94zQNam2R/vKPKZkO7tc/+Ekv7gI4P7SgolbY4HUYMRl2E8E2B0digRlSV
GR0JkyMgNIpasAz0z0TeiB0f2OJAoYxl0ATWhVfuqMovsbcqlnWTzgXFYjOLNfYn
gzFY5fPL5vuzjE1HezcDaAbwLaYnjAsIfYoQ6fqctig71jbsdi6x+mFgxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNlKBxhL39npjK/7zj9DZYg+8mIbMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvMlVvSEdFdmYyZW1Ncl92T1AwTmxpRDd5WWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEH8DAN
BgkqhkiG9w0BAQsFAAOCAQEAcfA4kyUDYL8tGet/MDx3En6jslzJvMPRL7cWwC/f
IEyiks0O3/h36DJ9JzIOZK79Xvdl37ueMkX9yq0uGPjgqan5W3tUo2j9SiblZRYl
utCsygxQrj/QHDX2DCSUKo3ktSXaNPyCS2kUdg2wZ2MNqkoNhONMr/YC2u/2Nc0S
znZkJSCjh8jHNUd2IrdJiKs32W2VqPUzytdwCWPbkFx07dyvBS4Z32mf6eK4cFJ1
AALvIA62QCLfP16jzUekSkZ0J09WPSTCEiMpTsOkxCAiEGwh4uS1pQXghjbD2nAi
/zJ3jjX0Rw3i7wsOS+aeLBc1fwccFIWsvdgnP7GHhkkZow==
-----END CERTIFICATE-----
Generated at Fri Jan 19 15:23:01 2024 by rpki-client on console-fra.rpki-client.org