Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3cmAnykH2iEGhL9eXfhIKylZCSA.roa
File: 3cmAnykH2iEGhL9eXfhIKylZCSA.roa (raw, json)
Hash identifier: T029esRMoBMGUSXMI6A/Uy7JNPpAWQmyskdFn+WM0HQ=
Subject key identifier: DD:C9:80:9F:29:07:DA:21:06:84:BF:5E:5D:F8:48:2B:29:59:09:20
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01862C2C5A2DCCCCB0CC7591EFF8AFB553F5
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3cmAnykH2iEGhL9eXfhIKylZCSA.roa
Signing time: Tue 07 Feb 2023 13:59:09 +0000
ROA not before: Tue 07 Feb 2023 13:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51714
IP address blocks: 2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:2c:5a:2d:cc:cc:b0:cc:75:91:ef:f8:af:b5:53:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Feb 7 13:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddc9809f2907da210684bf5e5df8482b29590920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:07:a6:54:6d:e1:28:af:b2:d4:0b:82:93:89:
47:b2:fc:24:f3:e6:fa:9b:3e:92:9b:37:d1:3e:6d:
08:66:0f:15:af:17:eb:27:d3:1d:5e:2e:82:97:fc:
52:64:6d:8e:72:5a:01:ef:bd:5e:46:3c:30:f1:c5:
e9:97:ee:2c:25:15:2e:d8:1d:e9:84:a0:79:c2:d4:
89:73:54:c0:24:e9:c1:5c:94:ca:8d:ef:ef:3c:42:
5e:7a:ce:91:ae:56:05:53:75:4c:52:c3:80:34:59:
91:c2:3e:00:4b:d8:1b:ab:15:e1:9b:36:4d:5e:fb:
f7:b3:27:5f:d0:64:48:7e:a0:67:a6:72:42:58:95:
c2:60:7f:91:44:6c:8c:04:75:2e:12:b9:22:20:4f:
5b:b7:c5:5f:a0:22:af:80:dc:60:e5:62:00:56:b6:
b9:1a:c8:94:f8:bf:71:ff:97:14:02:5b:18:c3:1e:
66:ad:0b:ab:6f:18:07:c4:de:48:a8:5d:ee:84:9b:
9f:70:ab:8e:c5:f0:c2:fa:49:e2:7c:1d:6c:ab:0a:
01:2c:7c:e5:2f:cc:ee:81:d2:ee:d2:53:05:4d:38:
0c:6b:19:a5:8b:2d:ac:d1:54:20:5f:ea:55:31:7b:
98:71:09:4e:43:39:bf:04:02:90:8c:27:72:c7:8e:
41:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C9:80:9F:29:07:DA:21:06:84:BF:5E:5D:F8:48:2B:29:59:09:20
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/3cmAnykH2iEGhL9eXfhIKylZCSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
58:3d:15:c5:bf:e9:f5:b7:d2:ab:8b:ea:bd:93:95:bf:a5:6f:
43:53:d9:85:cf:46:2f:66:64:a4:c4:22:22:a1:f9:54:bb:c4:
6f:07:29:c6:e3:30:6c:9e:49:fe:13:7d:a5:ca:02:0f:35:3b:
86:8e:a4:af:d1:70:df:39:11:d0:df:40:66:4b:8e:38:d3:7e:
47:39:47:b6:b6:6c:68:4e:83:d7:29:f8:c2:1a:40:6a:00:13:
ec:35:e9:34:60:21:87:df:cc:10:c9:4e:a1:8f:e2:52:6c:22:
f9:b0:75:54:d9:4f:ee:da:0f:be:23:11:1e:2d:1f:0c:46:d8:
b0:b1:5c:48:4f:bf:33:d5:17:a3:aa:2b:08:ab:59:99:68:42:
dd:a5:19:ec:9c:7d:9f:09:c7:5b:c6:bd:df:e2:72:e5:fb:18:
b1:31:12:60:81:d6:26:fa:be:e5:51:a3:75:71:01:02:a7:73:
0e:cf:5a:fe:68:22:25:e5:ef:9e:67:0c:fd:7f:c9:2e:20:9e:
69:ce:6e:24:b6:1b:02:e3:c4:11:22:f1:bf:f8:52:63:ff:b2:
c8:0b:1e:0e:17:10:91:fe:60:ab:61:e7:4d:9d:bb:09:e3:43:
a0:88:57:97:65:62:41:f6:8e:5b:76:7a:15:8d:fd:f9:5b:94:
ce:4f:81:e1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYsLFotzMywzHWR7/ivtVP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMjA3MTM1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM5ODA5ZjI5MDdkYTIxMDY4NGJmNWU1ZGY4NDgyYjI5NTkwOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngemVG3hKK+y1AuCk4lHsvwk8+b6
mz6SmzfRPm0IZg8VrxfrJ9MdXi6Cl/xSZG2OcloB771eRjww8cXpl+4sJRUu2B3p
hKB5wtSJc1TAJOnBXJTKje/vPEJees6RrlYFU3VMUsOANFmRwj4AS9gbqxXhmzZN
Xvv3sydf0GRIfqBnpnJCWJXCYH+RRGyMBHUuErkiIE9bt8VfoCKvgNxg5WIAVra5
GsiU+L9x/5cUAlsYwx5mrQurbxgHxN5IqF3uhJufcKuOxfDC+knifB1sqwoBLHzl
L8zugdLu0lMFTTgMaxmliy2s0VQgX+pVMXuYcQlOQzm/BAKQjCdyx45BVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN3JgJ8pB9ohBoS/Xl34SCspWQkgMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvM2NtQW55a0gyaUVHaEw5ZVhmaElLeWxaQ1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgn/AAED
MA0GCSqGSIb3DQEBCwUAA4IBAQBYPRXFv+n1t9Kri+q9k5W/pW9DU9mFz0YvZmSk
xCIioflUu8RvBynG4zBsnkn+E32lygIPNTuGjqSv0XDfORHQ30BmS444035HOUe2
tmxoToPXKfjCGkBqABPsNek0YCGH38wQyU6hj+JSbCL5sHVU2U/u2g++IxEeLR8M
RtiwsVxIT78z1RejqisIq1mZaELdpRnsnH2fCcdbxr3f4nLl+xixMRJggdYm+r7l
UaN1cQECp3MOz1r+aCIl5e+eZwz9f8kuIJ5pzm4kthsC48QRIvG/+FJj/7LICx4O
FxCR/mCrYedNnbsJ40OgiFeXZWJB9o5bdnoVjf35W5TOT4Hh
-----END CERTIFICATE-----
Generated at Wed Aug 9 12:04:43 2023 by rpki-client on console-fra.rpki-client.org