Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1-jlE3703akFVWLd_1TcSq3uWX5Q.roa
File: 1-jlE3703akFVWLd_1TcSq3uWX5Q.roa (raw, json)
Hash identifier: HSnLv4yJTmrubhqomeKxcxQz7Fq6263VoeLkpEynpe8=
Subject key identifier: FA:39:44:DF:BD:37:6A:41:55:58:B7:7F:D5:37:12:AB:7B:96:5F:94
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B9751A0AF3FF14B5ED08E5CD6222
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1-jlE3703akFVWLd_1TcSq3uWX5Q.roa
Signing time: Thu 16 Nov 2023 16:23:22 +0000
ROA not before: Thu 16 Nov 2023 16:23:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30722
IP address blocks: 2a01:827::/32 maxlen: 32
2a01:820::/32 maxlen: 32
2a01:8d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b9:75:1a:0a:f3:ff:14:b5:ed:08:e5:cd:62:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa3944dfbd376a415558b77fd53712ab7b965f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:1e:ea:fe:a9:13:a2:f8:b2:e5:2f:bf:24:
fb:52:2e:f3:b7:f6:ed:6d:ee:48:17:27:ee:10:cd:
25:68:ba:ca:db:63:b6:8d:05:82:83:a4:7f:05:eb:
52:ed:ac:cd:f8:f7:86:00:04:9e:fa:0f:d5:b1:d5:
92:af:7d:3b:6d:12:a2:6d:2a:ef:ee:0e:a8:6e:45:
e2:ff:fc:a4:c6:c6:2d:a4:29:12:97:14:02:91:cb:
72:1b:78:bf:ff:f6:8b:8b:0d:00:4d:2f:06:06:65:
32:6f:9a:1f:6f:ec:63:c1:6f:bc:82:d6:a1:53:b1:
28:a2:22:20:33:47:0d:f7:42:6b:d6:e4:5f:2a:c6:
9a:21:4f:e5:1d:2a:65:38:c3:7b:0b:79:82:eb:25:
20:db:a7:97:4a:26:12:fd:ba:39:af:68:7e:81:99:
53:e2:f2:bb:f4:a4:e1:e5:e0:30:2d:1f:73:77:8f:
71:d0:04:d2:09:78:91:1c:0b:14:8b:b8:61:d5:05:
4e:05:cd:2e:9e:60:0f:9a:08:50:a6:12:71:23:6d:
71:f4:d7:92:14:61:f3:bd:37:47:c6:ed:0f:a8:4f:
dc:12:11:29:69:63:bf:ff:89:95:7d:08:cc:01:d4:
49:49:97:a5:a3:df:29:10:62:ad:2a:ff:37:de:25:
a9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:39:44:DF:BD:37:6A:41:55:58:B7:7F:D5:37:12:AB:7B:96:5F:94
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/1-jlE3703akFVWLd_1TcSq3uWX5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:820::/32
2a01:827::/32
2a01:8d0::/32
Signature Algorithm: sha256WithRSAEncryption
00:43:79:7a:cd:d8:c7:79:38:c5:f4:ce:12:f0:bd:e3:53:48:
5c:8b:f2:83:b6:5e:b5:47:1e:57:8f:4e:b9:2f:31:24:58:dc:
01:4a:46:16:18:e5:dd:0f:33:57:8a:26:47:5d:71:8d:67:2f:
90:c9:9a:b9:d4:48:0c:ab:31:b2:e8:1b:f7:05:1d:74:6a:bd:
cf:82:62:9c:82:0e:3a:d6:90:0d:69:34:09:1f:f6:c8:e4:78:
b7:bd:7c:07:a3:ac:db:c8:df:de:d9:98:41:e1:64:fc:3f:ef:
0d:e5:00:55:4a:76:3e:c0:14:95:37:c2:1b:e1:5d:e6:d8:b5:
10:1a:db:8e:f1:08:33:bc:76:4d:92:36:1d:b6:e6:e4:8c:4b:
e7:34:4b:6b:9e:aa:df:ba:a4:45:9f:b2:24:2d:4f:b9:21:e7:
b1:f5:81:d0:1d:41:21:3f:24:05:64:5b:8a:c5:e8:f2:ab:6f:
67:8b:74:00:74:00:7c:21:75:ba:df:b0:6b:71:a5:da:31:4b:
26:ed:d4:41:6e:19:85:cc:fa:c0:2e:cf:34:00:8e:42:26:cb:
8e:b5:4c:ee:47:1d:c7:28:62:1a:b8:cb:29:f7:9e:14:37:95:
9d:55:22:5c:eb:f1:37:db:60:02:2d:81:07:39:b4:1a:a5:80:
97:b9:9c:64
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYvY8bl1Ggrz/xS17QjlzWIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTM5NDRkZmJkMzc2YTQxNTU1OGI3N2ZkNTM3MTJhYjdiOTY1Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEce6v6pE6L4suUvvyT7Ui7zt/bt
be5IFyfuEM0laLrK22O2jQWCg6R/BetS7azN+PeGAASe+g/VsdWSr307bRKibSrv
7g6obkXi//ykxsYtpCkSlxQCkctyG3i///aLiw0ATS8GBmUyb5ofb+xjwW+8gtah
U7EooiIgM0cN90Jr1uRfKsaaIU/lHSplOMN7C3mC6yUg26eXSiYS/bo5r2h+gZlT
4vK79KTh5eAwLR9zd49x0ATSCXiRHAsUi7hh1QVOBc0unmAPmghQphJxI21x9NeS
FGHzvTdHxu0PqE/cEhEpaWO//4mVfQjMAdRJSZelo98pEGKtKv833iWpgwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPo5RN+9N2pBVVi3f9U3Eqt7ll+UMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvMS1qbEUzNzAzYWtGVldMZF8xVGNTcTN1V1g1US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvMjllOWJjLWIxOTAtNDA5ZS04NmIwLWVlYzVkNTBlZmE5
NC8xL3M2WFptR1BiTGttMFQyd3lUckJEaVB4MUZkSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wGwQCAAIwFQMFACoBCCAD
BQAqAQgnAwUAKgEI0DANBgkqhkiG9w0BAQsFAAOCAQEAAEN5es3Yx3k4xfTOEvC9
41NIXIvyg7ZetUceV49OuS8xJFjcAUpGFhjl3Q8zV4omR11xjWcvkMmaudRIDKsx
sugb9wUddGq9z4JinIIOOtaQDWk0CR/2yOR4t718B6Os28jf3tmYQeFk/D/vDeUA
VUp2PsAUlTfCG+Fd5ti1EBrbjvEIM7x2TZI2Hbbm5IxL5zRLa56q37qkRZ+yJC1P
uSHnsfWB0B1BIT8kBWRbisXo8qtvZ4t0AHQAfCF1ut+wa3Gl2jFLJu3UQW4Zhcz6
wC7PNACOQibLjrVM7kcdxyhiGrjLKfeeFDeVnVUiXOvxN9tgAi2BBzm0GqWAl7mc
ZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org