Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/TZpC9k1ExTmBbu359nBHvwSDDGI.roa
File: TZpC9k1ExTmBbu359nBHvwSDDGI.roa (raw, json)
Hash identifier: dTyvnqyM0GlvB2nQ2ttx0J7FXWlBbyuOMOxFRDkxLsk=
Subject key identifier: 4D:9A:42:F6:4D:44:C5:39:81:6E:ED:F9:F6:70:47:BF:04:83:0C:62
Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Certificate serial: 01856E8B2B43ED28666F4BC413A500C99889
Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/TZpC9k1ExTmBbu359nBHvwSDDGI.roa
Signing time: Sun 01 Jan 2023 18:14:52 +0000
ROA not before: Sun 01 Jan 2023 18:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30860
IP address blocks: 2a00:17a0:1005::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:2b:43:ed:28:66:6f:4b:c4:13:a5:00:c9:98:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0
Validity
Not Before: Jan 1 18:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d9a42f64d44c539816eedf9f67047bf04830c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bb:dc:ed:45:6f:09:a3:29:76:46:69:a8:8c:
15:81:a1:87:66:ed:e1:8f:5d:79:b9:21:c8:f4:4f:
81:db:92:c9:f5:60:53:f9:4d:8f:9f:e7:ee:eb:1e:
c7:df:c1:3c:2e:84:74:27:4b:1b:5b:e0:6e:b6:36:
4e:d3:55:59:83:6e:a9:0e:66:23:5b:26:73:32:2f:
98:cd:41:1c:6f:06:c4:6e:4f:cd:0f:ba:07:cb:bf:
55:6d:dc:20:5a:6c:11:41:61:b2:15:3d:b9:79:d0:
d3:ab:d5:bc:44:b2:81:a3:61:d6:50:11:c2:36:fe:
20:15:5e:9f:7c:70:aa:65:f6:cd:cd:c1:48:44:43:
e9:14:ec:a0:88:f3:67:53:cc:18:12:9a:f4:31:3f:
ae:4f:32:d6:44:d9:68:8e:84:35:c0:6f:b2:dc:b9:
f7:30:bf:62:fe:d5:ba:ca:e0:d4:75:3b:e0:57:b4:
55:62:b5:60:16:f1:37:ee:ed:a6:6e:5d:61:98:aa:
35:6f:77:19:34:95:d7:da:44:36:58:61:ac:2b:3c:
8f:82:4d:b8:fb:a4:04:cd:5b:8e:7c:b5:c6:8d:1c:
c0:b7:b4:f8:a3:62:e9:a8:a3:04:38:b0:df:15:12:
1a:61:45:fd:ad:fe:4a:68:b7:27:74:cc:dd:c5:ff:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9A:42:F6:4D:44:C5:39:81:6E:ED:F9:F6:70:47:BF:04:83:0C:62
X509v3 Authority Key Identifier:
keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/TZpC9k1ExTmBbu359nBHvwSDDGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:17a0:1005::/48
Signature Algorithm: sha256WithRSAEncryption
ac:58:62:2c:25:b4:61:3f:07:69:32:a0:5f:75:c6:a5:3e:3b:
d3:d0:47:0e:ff:6d:f8:8c:fa:cb:ee:2d:4c:a4:3b:7d:14:b4:
30:ef:9f:60:ed:e1:4b:b7:36:7f:63:aa:bc:d5:b9:75:bb:38:
3e:37:26:b0:09:c8:99:6b:a2:d2:6c:7f:34:90:7e:29:86:3e:
31:c0:2e:d0:ef:24:23:5c:6e:5f:a6:f7:d9:9b:a1:93:95:e5:
10:27:07:3c:7d:2d:a0:85:7a:83:47:43:fd:2e:85:06:35:af:
10:a9:70:67:58:78:61:db:31:11:62:9e:e1:bb:7e:76:1c:d9:
f5:6c:d7:9e:a5:49:72:a3:db:95:05:6e:48:69:ce:cf:49:f1:
c6:5b:dd:1b:cb:a6:52:c5:66:96:29:69:d1:35:ac:23:2d:c3:
00:e8:72:99:ee:86:14:ad:77:9b:03:29:72:db:cf:18:fb:aa:
e2:2a:49:9f:63:26:7f:45:96:d6:0a:3d:32:2f:cf:e7:6c:b7:
50:01:0f:26:2e:a6:6e:58:1e:31:e5:38:f9:e7:5a:0e:88:99:
e7:58:99:bb:8b:84:52:56:ae:fa:99:be:84:6f:38:0c:a8:ff:
0e:e1:a6:10:ab:27:8b:a6:83:25:71:0a:71:e1:77:cc:95:50:
68:f0:e3:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuiytD7Shmb0vEE6UAyZiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2
NjBmYzAwHhcNMjMwMTAxMTgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDlhNDJmNjRkNDRjNTM5ODE2ZWVkZjlmNjcwNDdiZjA0ODMwYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobvc7UVvCaMpdkZpqIwVgaGHZu3h
j115uSHI9E+B25LJ9WBT+U2Pn+fu6x7H38E8LoR0J0sbW+ButjZO01VZg26pDmYj
WyZzMi+YzUEcbwbEbk/ND7oHy79VbdwgWmwRQWGyFT25edDTq9W8RLKBo2HWUBHC
Nv4gFV6ffHCqZfbNzcFIREPpFOygiPNnU8wYEpr0MT+uTzLWRNlojoQ1wG+y3Ln3
ML9i/tW6yuDUdTvgV7RVYrVgFvE37u2mbl1hmKo1b3cZNJXX2kQ2WGGsKzyPgk24
+6QEzVuOfLXGjRzAt7T4o2LpqKMEOLDfFRIaYUX9rf5KaLcndMzdxf+vqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE2aQvZNRMU5gW7t+fZwR78EgwxiMB8GA1UdIwQY
MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct
MjNjM2RmODJjMjMwLzEvVFpwQzlrMUV4VG1CYnUzNTluQkh2d1NEREdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw
LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXoBAF
MA0GCSqGSIb3DQEBCwUAA4IBAQCsWGIsJbRhPwdpMqBfdcalPjvT0EcO/234jPrL
7i1MpDt9FLQw759g7eFLtzZ/Y6q81bl1uzg+NyawCciZa6LSbH80kH4phj4xwC7Q
7yQjXG5fpvfZm6GTleUQJwc8fS2ghXqDR0P9LoUGNa8QqXBnWHhh2zERYp7hu352
HNn1bNeepUlyo9uVBW5Iac7PSfHGW90by6ZSxWaWKWnRNawjLcMA6HKZ7oYUrXeb
Ayly288Y+6riKkmfYyZ/RZbWCj0yL8/nbLdQAQ8mLqZuWB4x5Tj551oOiJnnWJm7
i4RSVq76mb6EbzgMqP8O4aYQqyeLpoMlcQpx4XfMlVBo8OND
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:49 2024 by rpki-client on console-ams.rpki-client.org