Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/arNXesUBTST05yoAH6i6ObkXqO4.roa
File: arNXesUBTST05yoAH6i6ObkXqO4.roa (raw, json)
Hash identifier: gKIXxM1Rj3sE1FmWqONkpdD0Hvks1Iv2nIxGkbsCbCE=
Subject key identifier: 6A:B3:57:7A:C5:01:4D:24:F4:E7:2A:00:1F:A8:BA:39:B9:17:A8:EE
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018CC500591839A6582EAC084A9A1537068C
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/arNXesUBTST05yoAH6i6ObkXqO4.roa
Signing time: Mon 01 Jan 2024 12:29:43 +0000
ROA not before: Mon 01 Jan 2024 12:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49542
IP address blocks: 2a11:68c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:24:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:59:18:39:a6:58:2e:ac:08:4a:9a:15:37:06:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Jan 1 12:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ab3577ac5014d24f4e72a001fa8ba39b917a8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:cb:59:21:21:58:bb:c0:f8:d0:9a:0a:2e:
9d:dd:20:fa:a8:c9:db:51:ea:d2:ed:ff:e9:cf:b4:
b2:c6:6b:76:b3:36:94:f5:f4:55:14:8c:92:3d:ed:
7c:39:05:91:64:22:5f:1a:51:85:bd:55:c1:f2:92:
5f:d0:fa:e3:b9:c4:ce:e6:31:e3:7b:7a:86:f5:4f:
53:26:12:2e:90:da:e8:de:e5:68:3c:77:8c:dc:12:
1e:a4:54:f8:ed:2b:cb:7f:db:c3:c6:55:10:8a:d8:
17:ae:e1:b6:4f:a3:c0:7d:6f:7c:c5:38:b5:3d:40:
2e:6b:93:ab:0a:0b:98:90:cd:a0:8c:24:07:e3:33:
85:94:52:d5:53:00:ab:3f:dd:d2:0f:b4:e5:3a:b3:
ac:79:b6:f7:1f:c2:32:1c:46:00:e1:d9:3a:d3:26:
94:d1:59:9c:bc:3c:59:e7:53:73:03:4e:e0:27:a3:
ce:9f:2e:60:ee:4e:8d:dd:d7:40:61:6d:9c:29:a3:
f5:45:a7:be:6c:19:6f:e0:ed:bd:fa:ef:4a:52:2d:
f5:a2:a5:27:b3:94:22:4b:7e:41:52:dd:0e:96:0e:
51:eb:1d:e7:5f:d5:1b:63:07:61:9e:a1:d3:b4:c4:
61:51:95:cc:da:d6:86:8b:ba:e8:29:f7:19:ac:6f:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B3:57:7A:C5:01:4D:24:F4:E7:2A:00:1F:A8:BA:39:B9:17:A8:EE
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/arNXesUBTST05yoAH6i6ObkXqO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:68c1::/32
Signature Algorithm: sha256WithRSAEncryption
3b:e8:b1:30:8b:1f:cf:6e:14:76:42:c3:25:cd:19:d2:2d:c4:
45:6c:e7:72:9d:2e:0b:3d:7b:63:b5:17:44:3b:53:0a:bb:f6:
c3:31:ea:17:b7:80:2d:1f:30:b7:f9:c5:b2:57:b7:ba:1b:a6:
fd:f7:dd:b3:a3:07:3f:f1:fa:ea:60:8b:35:0b:99:90:ac:b8:
75:01:b3:21:2f:c8:01:7f:1a:47:5e:02:9b:8e:1f:bf:b3:e8:
65:f3:8f:39:c6:e8:e8:9e:5f:2e:05:c2:58:fc:a1:dd:d1:ef:
77:83:5a:d9:f4:88:3a:f0:99:a1:92:e3:23:01:c8:e4:27:8c:
fd:17:0b:92:8f:68:8c:ae:2e:eb:40:32:12:9b:3b:15:f1:93:
6a:04:ef:e5:05:e0:e2:e6:9b:69:1a:56:84:44:d9:1b:10:1b:
4a:3b:ab:e6:8e:f3:44:45:44:ee:58:22:bd:84:7f:7b:c1:73:
85:6e:6d:4a:68:cc:7a:c3:e5:57:fc:3f:e8:6f:e8:6b:60:9c:
c7:a3:af:77:db:66:27:0e:1e:0a:a7:26:6a:7b:2c:bc:6d:5a:
54:c3:e9:3e:2b:97:4a:2b:c9:14:37:b3:6a:e9:18:02:3c:61:
87:b3:3f:cd:31:66:03:48:63:5e:1b:22:3e:06:bc:2a:6d:28:
fe:2c:50:e6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAFkYOaZYLqwISpoVNwaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMTAxMTIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWIzNTc3YWM1MDE0ZDI0ZjRlNzJhMDAxZmE4YmEzOWI5MTdhOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZDLWSEhWLvA+NCaCi6d3SD6qMnb
UerS7f/pz7Syxmt2szaU9fRVFIySPe18OQWRZCJfGlGFvVXB8pJf0PrjucTO5jHj
e3qG9U9TJhIukNro3uVoPHeM3BIepFT47SvLf9vDxlUQitgXruG2T6PAfW98xTi1
PUAua5OrCguYkM2gjCQH4zOFlFLVUwCrP93SD7TlOrOsebb3H8IyHEYA4dk60yaU
0VmcvDxZ51NzA07gJ6POny5g7k6N3ddAYW2cKaP1Rae+bBlv4O29+u9KUi31oqUn
s5QiS35BUt0Olg5R6x3nX9UbYwdhnqHTtMRhUZXM2taGi7roKfcZrG9TKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGqzV3rFAU0k9OcqAB+oujm5F6juMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvYXJOWGVzVUJUU1QwNXlvQUg2aTZPYmtYcU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFowTAN
BgkqhkiG9w0BAQsFAAOCAQEAO+ixMIsfz24UdkLDJc0Z0i3ERWzncp0uCz17Y7UX
RDtTCrv2wzHqF7eALR8wt/nFsle3uhum/ffds6MHP/H66mCLNQuZkKy4dQGzIS/I
AX8aR14Cm44fv7PoZfOPOcbo6J5fLgXCWPyh3dHvd4Na2fSIOvCZoZLjIwHI5CeM
/RcLko9ojK4u60AyEps7FfGTagTv5QXg4uabaRpWhETZGxAbSjur5o7zREVE7lgi
vYR/e8FzhW5tSmjMesPlV/w/6G/oa2Ccx6Ovd9tmJw4eCqcmanssvG1aVMPpPiuX
SivJFDezaukYAjxhh7M/zTFmA0hjXhsiPga8Km0o/ixQ5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:14 2024 by rpki-client on console-ams.rpki-client.org