Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/i_BiaYbvL89znr85xYZ_lRy9n8M.roa
File: i_BiaYbvL89znr85xYZ_lRy9n8M.roa (raw, json)
Hash identifier: G13hEP6szEQy+HHG9c5YhMUaUqL1r5FErHd1tXCJnR8=
Subject key identifier: 8B:F0:62:69:86:EF:2F:CF:73:9E:BF:39:C5:86:7F:95:1C:BD:9F:C3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8DC6972A01F7663CFD234E40C46FF
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/i_BiaYbvL89znr85xYZ_lRy9n8M.roa
Signing time: Mon 01 Jan 2024 20:30:52 +0000
ROA not before: Mon 01 Jan 2024 20:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151338
IP address blocks: 2a0c:9a40:9f00::/40 maxlen: 48
2a0c:9a40:9600::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 10:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:dc:69:72:a0:1f:76:63:cf:d2:34:e4:0c:46:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bf0626986ef2fcf739ebf39c5867f951cbd9fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:71:21:9d:29:ec:37:67:3b:2a:52:98:e7:8a:
72:67:be:4a:d3:73:59:95:b0:c0:2e:9a:5f:17:a8:
ed:a1:15:54:f4:0b:ee:c9:db:ac:84:bd:ac:17:b3:
84:eb:aa:e3:e3:60:8e:54:9a:12:7c:2a:01:cc:74:
86:0d:4a:c9:86:9c:ae:ae:c7:02:af:0b:9b:99:70:
b8:42:b4:d4:32:10:df:c9:34:40:5a:8a:92:1b:e2:
25:ed:a9:85:a4:98:09:c1:ed:d5:cf:7c:7e:c0:86:
6e:93:5a:06:56:61:ce:f8:33:d8:fb:74:fe:5b:65:
de:95:82:1d:bc:4a:9e:36:3b:e3:dd:3e:c3:67:9b:
e9:61:98:26:66:11:26:5e:45:d1:97:b1:3c:75:eb:
71:2f:45:48:fc:c1:7f:16:32:b0:4b:bc:a9:69:0d:
03:c6:4a:b3:71:9c:a4:24:58:24:30:27:1c:b7:f8:
f5:eb:d6:9b:0d:88:c3:a0:69:42:08:44:5f:01:79:
81:f0:3a:a0:97:15:1a:6e:4b:0f:3a:b0:3b:13:d4:
6b:8d:8a:98:9e:19:df:cc:80:6e:09:7c:18:15:1a:
35:bd:c2:de:4b:ed:63:19:0a:62:d9:ca:d2:83:44:
0d:7d:d8:b2:71:b4:d4:18:6a:8d:06:f8:c1:e6:ec:
18:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F0:62:69:86:EF:2F:CF:73:9E:BF:39:C5:86:7F:95:1C:BD:9F:C3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/i_BiaYbvL89znr85xYZ_lRy9n8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9600::/40
2a0c:9a40:9f00::/40
Signature Algorithm: sha256WithRSAEncryption
2a:c7:c1:35:8c:a3:3e:eb:90:6f:b5:aa:06:67:47:d5:6b:8c:
b5:4f:33:1e:bb:1c:92:fc:25:84:40:53:e6:5b:54:65:a1:5e:
97:f9:f0:ff:75:13:c3:69:b3:95:54:7e:86:58:81:20:f9:3b:
c7:d3:2d:41:f1:95:e6:04:22:89:0e:5a:38:ae:30:64:91:5f:
e4:72:92:82:0c:9f:82:48:13:a8:d4:8c:ad:57:d8:41:5b:0f:
64:1a:9e:41:a0:de:91:00:0e:75:5d:fd:d7:b6:d3:6d:19:7a:
5c:7e:b2:28:23:45:4f:c2:d9:76:fb:3a:1e:4b:b0:bf:08:04:
13:a9:39:5c:78:93:9c:08:0d:a8:92:78:93:57:87:3c:a7:be:
0d:be:e3:83:15:36:c1:d8:88:de:ff:5b:f1:c4:c3:74:26:d1:
92:eb:b3:32:82:39:bd:d7:17:fb:0c:e1:59:d7:ef:70:c0:93:
1b:e8:50:c0:e7:bd:85:41:70:bb:f3:ea:51:f5:f8:57:33:7c:
fb:0e:f5:04:cd:28:7a:f0:93:f6:f0:d4:90:51:45:d7:27:f7:
f4:34:d5:b5:d9:1f:9e:ee:a4:07:8e:d1:34:51:49:06:79:38:
fe:96:c4:86:01:7f:ad:db:e3:fd:70:1c:ca:59:22:dc:d0:0d:
92:ff:86:a4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzGuNxpcqAfdmPP0jTkDEb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYwNjI2OTg2ZWYyZmNmNzM5ZWJmMzljNTg2N2Y5NTFjYmQ5ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknEhnSnsN2c7KlKY54pyZ75K03NZ
lbDALppfF6jtoRVU9AvuydushL2sF7OE66rj42COVJoSfCoBzHSGDUrJhpyurscC
rwubmXC4QrTUMhDfyTRAWoqSG+Il7amFpJgJwe3Vz3x+wIZuk1oGVmHO+DPY+3T+
W2XelYIdvEqeNjvj3T7DZ5vpYZgmZhEmXkXRl7E8detxL0VI/MF/FjKwS7ypaQ0D
xkqzcZykJFgkMCcct/j169abDYjDoGlCCERfAXmB8DqglxUabksPOrA7E9RrjYqY
nhnfzIBuCXwYFRo1vcLeS+1jGQpi2crSg0QNfdiycbTUGGqNBvjB5uwYywIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIvwYmmG7y/Pc56/OcWGf5UcvZ/DMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaV9CaWFZYnZMODl6bnI4NXhZWl9sUnk5bjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgyaQJYD
BgAqDJpAnzANBgkqhkiG9w0BAQsFAAOCAQEAKsfBNYyjPuuQb7WqBmdH1WuMtU8z
HrsckvwlhEBT5ltUZaFel/nw/3UTw2mzlVR+hliBIPk7x9MtQfGV5gQiiQ5aOK4w
ZJFf5HKSggyfgkgTqNSMrVfYQVsPZBqeQaDekQAOdV3917bTbRl6XH6yKCNFT8LZ
dvs6HkuwvwgEE6k5XHiTnAgNqJJ4k1eHPKe+Db7jgxU2wdiI3v9b8cTDdCbRkuuz
MoI5vdcX+wzhWdfvcMCTG+hQwOe9hUFwu/PqUfX4VzN8+w71BM0oevCT9vDUkFFF
1yf39DTVtdkfnu6kB47RNFFJBnk4/pbEhgF/rdvj/XAcylki3NANkv+GpA==
-----END CERTIFICATE-----
Generated at Tue Jan 16 15:27:48 2024 by rpki-client on console-ams.rpki-client.org