Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/X1Z2BYssZuyon6k-6re0FZn5eo4.roa
File: X1Z2BYssZuyon6k-6re0FZn5eo4.roa (raw, json)
Hash identifier: 3WuAgQiGGNLMCJzguVHpMCvUvtoG7FHwmcAlgPdSQtU=
Subject key identifier: 5F:56:76:05:8B:2C:66:EC:A8:9F:A9:3E:EA:B7:B4:15:99:F9:7A:8E
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018CC86EFE75AAB1644DF93ADBDF8246329B
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/X1Z2BYssZuyon6k-6re0FZn5eo4.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44445
IP address blocks: 2a12:c6c1::/32 maxlen: 48
2a12:c6c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 20:40:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fe:75:aa:b1:64:4d:f9:3a:db:df:82:46:32:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5676058b2c66eca89fa93eeab7b41599f97a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:d4:a8:67:6f:0b:81:07:61:86:94:f4:b9:
ea:d9:cb:37:ec:16:c5:d9:23:55:1c:17:cc:1f:d4:
19:29:a1:0c:26:67:f2:15:ed:3f:ae:c3:ac:ca:4a:
ca:3b:f0:46:7f:0d:4d:39:e9:a4:dc:23:6a:34:8c:
4e:7c:c6:5a:51:4f:e9:4e:93:f7:77:08:20:2c:11:
e3:39:c3:15:d2:af:8d:6c:ff:88:71:45:0a:a6:41:
6b:94:f1:54:50:61:34:68:6c:b0:91:60:79:0f:eb:
51:a4:da:26:6a:31:ee:97:29:66:4b:ae:ed:94:6c:
c1:c1:78:84:e3:07:9a:ac:0d:12:24:e5:c8:f4:a1:
7f:ae:76:e9:92:69:94:6f:05:6b:4a:6e:a3:8c:f0:
9c:32:a9:28:03:8b:63:6a:fc:b6:ee:4c:89:fd:1d:
63:61:e6:f6:79:7c:42:ce:6c:62:3b:8f:06:1d:1f:
ac:3e:31:ad:2e:55:9c:ed:5c:94:1f:0f:1d:bc:43:
76:dd:b0:08:f7:e0:af:7d:ce:f4:ec:aa:84:7d:5f:
5e:cc:57:37:0d:00:76:7b:af:e9:6a:2e:fa:f0:f9:
11:98:cd:f7:ad:6a:9e:ae:37:69:db:0f:1d:49:87:
50:90:6e:3a:8a:79:fa:df:68:fb:60:39:41:72:e0:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:56:76:05:8B:2C:66:EC:A8:9F:A9:3E:EA:B7:B4:15:99:F9:7A:8E
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/X1Z2BYssZuyon6k-6re0FZn5eo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c0::/31
Signature Algorithm: sha256WithRSAEncryption
54:a9:86:ea:e1:75:59:4c:f8:c4:e3:0f:89:c7:d7:6c:08:ae:
03:53:59:14:71:40:73:e4:b4:b6:b0:09:44:7e:dd:11:e3:76:
6e:4d:3b:da:85:11:9d:d9:27:a6:ce:0f:06:e6:6c:0b:a0:52:
af:fb:0f:97:eb:42:4a:1b:90:2c:be:03:0d:c8:34:53:24:b8:
b2:6c:56:4b:25:c3:36:ef:e2:28:c5:15:43:20:bd:32:87:df:
8f:4e:b9:22:6b:80:05:54:af:f6:fb:9d:28:67:4f:b2:4e:86:
17:dd:9e:5f:12:2b:eb:bc:24:f4:2a:62:42:20:b1:1e:2d:df:
af:8f:92:7a:83:3c:24:e3:06:0b:2f:82:99:d6:36:1b:ae:09:
10:a7:56:c6:0d:94:9d:97:3d:6b:89:b6:d7:dc:6d:00:7a:21:
49:23:71:37:f9:c0:1c:85:23:40:d3:79:f9:4d:12:80:5d:7b:
60:b2:f6:91:49:f6:ba:65:30:c6:f8:7b:7a:4e:68:06:54:9f:
94:b2:a4:f6:52:1e:b1:1a:9e:21:8f:32:68:41:f3:27:ff:e1:
92:5c:95:27:55:70:06:60:91:e2:20:40:63:cd:ff:4d:f1:0a:
03:99:e3:8e:2b:dc:07:48:19:16:84:71:0e:80:60:77:83:01:
d3:54:30:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIbv51qrFkTfk629+CRjKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU2NzYwNThiMmM2NmVjYTg5ZmE5M2VlYWI3YjQxNTk5Zjk3YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV/UqGdvC4EHYYaU9Lnq2cs37BbF
2SNVHBfMH9QZKaEMJmfyFe0/rsOsykrKO/BGfw1NOemk3CNqNIxOfMZaUU/pTpP3
dwggLBHjOcMV0q+NbP+IcUUKpkFrlPFUUGE0aGywkWB5D+tRpNomajHulylmS67t
lGzBwXiE4wearA0SJOXI9KF/rnbpkmmUbwVrSm6jjPCcMqkoA4tjavy27kyJ/R1j
Yeb2eXxCzmxiO48GHR+sPjGtLlWc7VyUHw8dvEN23bAI9+Cvfc707KqEfV9ezFc3
DQB2e6/pai768PkRmM33rWqerjdp2w8dSYdQkG46inn632j7YDlBcuCZFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFF9WdgWLLGbsqJ+pPuq3tBWZ+XqOMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvWDFaMkJZc3NadXlvbjZrLTZyZTBGWm41ZW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhLGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAVKmG6uF1WUz4xOMPicfXbAiuA1NZFHFAc+S0trAJ
RH7dEeN2bk072oURndknps4PBuZsC6BSr/sPl+tCShuQLL4DDcg0UyS4smxWSyXD
Nu/iKMUVQyC9Moffj065ImuABVSv9vudKGdPsk6GF92eXxIr67wk9CpiQiCxHi3f
r4+SeoM8JOMGCy+CmdY2G64JEKdWxg2UnZc9a4m219xtAHohSSNxN/nAHIUjQNN5
+U0SgF17YLL2kUn2umUwxvh7ek5oBlSflLKk9lIesRqeIY8yaEHzJ//hklyVJ1Vw
BmCR4iBAY83/TfEKA5njjivcB0gZFoRxDoBgd4MB01QwSA==
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:00:32 2024 by rpki-client on console.sobornost.net