Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/xA8ApEu7BJm2Ltltl3RTSH4s-zg.roa
File: xA8ApEu7BJm2Ltltl3RTSH4s-zg.roa (raw, json)
Hash identifier: xLnnClWUNQIHYUu3lm1oulLxfBghd0KhoR2DiXFi5yE=
Subject key identifier: C4:0F:00:A4:4B:BB:04:99:B6:2E:D9:6D:97:74:53:48:7E:2C:FB:38
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018573039F785E9C889D93F0398C4B5288B5
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/xA8ApEu7BJm2Ltltl3RTSH4s-zg.roa
Signing time: Mon 02 Jan 2023 15:04:55 +0000
ROA not before: Mon 02 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206754
IP address blocks: 2a04:5d00:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9f:78:5e:9c:88:9d:93:f0:39:8c:4b:52:88:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 2 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c40f00a44bbb0499b62ed96d977453487e2cfb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:82:b4:58:eb:b3:8a:01:87:58:53:04:90:23:
26:d8:62:fc:2a:22:71:e6:fa:87:59:00:13:fa:c0:
c1:35:df:b0:d4:b9:ef:f2:19:ff:a5:e6:f3:dd:77:
69:ca:4a:99:b3:17:4e:83:24:2a:85:f9:36:15:73:
3f:3c:27:92:55:e3:1a:72:be:5e:fd:11:44:90:71:
aa:fe:9a:4d:65:78:d1:e0:a9:f9:27:03:46:c7:b6:
26:b3:72:75:77:be:68:0b:3a:81:5b:65:71:cc:06:
06:a4:b3:5a:11:ea:4d:38:b3:86:3f:97:ac:ec:45:
f8:81:46:44:9b:d3:65:31:d1:6d:7d:f0:aa:7e:1a:
4e:84:aa:1e:a2:d2:2b:56:1e:fe:76:ec:b9:3f:02:
a5:54:b9:f9:18:56:f8:2c:1a:75:81:c4:87:78:f8:
8c:4b:90:13:6e:03:1c:ee:51:91:7b:77:f0:b2:fe:
5a:ce:84:80:53:e9:35:43:7b:ad:b3:cb:fa:33:b2:
12:a9:d4:8e:e5:a1:a6:26:82:54:99:c7:ee:32:db:
15:93:bd:1b:64:e6:aa:79:ef:5a:a0:56:06:41:c7:
e8:a1:5a:a1:e3:20:4b:29:1c:45:e6:db:7e:1c:43:
7d:a8:07:a6:a5:40:29:52:3d:2c:60:74:41:cd:f1:
a4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0F:00:A4:4B:BB:04:99:B6:2E:D9:6D:97:74:53:48:7E:2C:FB:38
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/xA8ApEu7BJm2Ltltl3RTSH4s-zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5d00:80::/48
Signature Algorithm: sha256WithRSAEncryption
95:d5:dd:8d:c8:0d:c0:f5:78:9e:d7:9f:cd:7e:04:e6:c5:9a:
aa:24:ba:23:6c:78:ee:a6:42:98:58:b9:ce:f6:0a:7f:06:be:
56:0e:80:97:06:7f:04:b3:60:6f:f6:02:1b:f0:fc:9e:b5:44:
a1:d2:4c:5b:13:16:60:5a:fa:d0:98:8f:1a:41:80:57:4d:9f:
47:12:29:9c:a3:d8:42:23:9b:d4:96:8f:cd:f7:6b:02:99:75:
ff:f0:72:67:2b:29:60:fc:92:17:3a:10:8e:48:f9:a0:ae:b5:
0c:44:ac:8b:8f:16:ae:0e:73:db:2f:27:1e:35:b5:f9:12:f0:
57:65:c0:67:91:5f:39:ee:f4:4b:8d:ff:4e:fd:57:22:99:93:
ff:41:3b:b7:e6:96:78:ca:c2:90:80:c0:ef:2a:fd:0d:77:61:
79:ec:5a:f7:37:a3:ec:4c:a5:81:77:b3:5b:37:6b:7b:15:8e:
7e:3f:16:f3:e6:86:34:7f:1e:63:fb:8b:9a:8c:d7:95:72:51:
97:28:61:89:25:48:0b:47:8a:17:63:63:3e:88:ff:e8:9c:bf:
de:30:5e:82:11:d9:bd:6a:83:26:5a:36:b9:c1:3c:78:87:17:
09:e0:fc:67:c2:da:90:b3:04:b8:8e:0f:34:a4:7d:bf:64:a2:
39:fd:71:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzA594XpyInZPwOYxLUoi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjMwMTAyMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBmMDBhNDRiYmIwNDk5YjYyZWQ5NmQ5Nzc0NTM0ODdlMmNmYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoK0WOuzigGHWFMEkCMm2GL8KiJx
5vqHWQAT+sDBNd+w1Lnv8hn/pebz3XdpykqZsxdOgyQqhfk2FXM/PCeSVeMacr5e
/RFEkHGq/ppNZXjR4Kn5JwNGx7Yms3J1d75oCzqBW2VxzAYGpLNaEepNOLOGP5es
7EX4gUZEm9NlMdFtffCqfhpOhKoeotIrVh7+duy5PwKlVLn5GFb4LBp1gcSHePiM
S5ATbgMc7lGRe3fwsv5azoSAU+k1Q3uts8v6M7ISqdSO5aGmJoJUmcfuMtsVk70b
ZOaqee9aoFYGQcfooVqh4yBLKRxF5tt+HEN9qAempUApUj0sYHRBzfGkbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMQPAKRLuwSZti7ZbZd0U0h+LPs4MB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEveEE4QXBFdTdCSm0yTHRsdGwzUlRTSDRzLXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRdAACA
MA0GCSqGSIb3DQEBCwUAA4IBAQCV1d2NyA3A9Xie15/NfgTmxZqqJLojbHjupkKY
WLnO9gp/Br5WDoCXBn8Es2Bv9gIb8PyetUSh0kxbExZgWvrQmI8aQYBXTZ9HEimc
o9hCI5vUlo/N92sCmXX/8HJnKylg/JIXOhCOSPmgrrUMRKyLjxauDnPbLyceNbX5
EvBXZcBnkV857vRLjf9O/VcimZP/QTu35pZ4ysKQgMDvKv0Nd2F57Fr3N6PsTKWB
d7NbN2t7FY5+Pxbz5oY0fx5j+4uajNeVclGXKGGJJUgLR4oXY2M+iP/onL/eMF6C
Edm9aoMmWja5wTx4hxcJ4PxnwtqQswS4jg80pH2/ZKI5/XFW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:49 2024 by rpki-client on console-ams.rpki-client.org