Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/ifG9Ykm0A8DOqMT3VvuqEl5yUg8.roa
File: ifG9Ykm0A8DOqMT3VvuqEl5yUg8.roa (raw, json)
Hash identifier: ++PUenVCYGau40cPMGMCBIk8kBpVWeEbWYZfIol16Ds=
Subject key identifier: 89:F1:BD:62:49:B4:03:C0:CE:A8:C4:F7:56:FB:AA:12:5E:72:52:0F
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018926465694681DDAAC783644C4030C97DD
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/ifG9Ykm0A8DOqMT3VvuqEl5yUg8.roa
Signing time: Wed 05 Jul 2023 13:38:11 +0000
ROA not before: Wed 05 Jul 2023 13:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:85c0:200::/40 maxlen: 48
2a13:85c0::/40 maxlen: 40
2a13:85c0:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 05 Jul 2023 13:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:46:56:94:68:1d:da:ac:78:36:44:c4:03:0c:97:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jul 5 13:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89f1bd6249b403c0cea8c4f756fbaa125e72520f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fc:42:31:f6:46:b3:85:7b:8a:cc:c2:07:90:
5c:88:76:8d:a8:f6:1b:50:64:36:2a:21:0c:15:c7:
d5:29:66:77:f9:0d:8f:aa:cb:6f:bd:26:6b:50:d3:
32:69:92:14:c0:0d:bb:da:33:ce:97:55:4d:a1:0e:
02:b2:d8:2e:cb:4b:12:ec:20:5c:57:86:ce:8f:45:
d0:c1:6e:15:de:cf:89:03:d6:7b:71:a2:8f:d2:52:
34:80:e2:b3:02:5b:26:ff:15:13:86:f9:7d:51:e1:
00:68:45:78:cf:b0:9f:10:63:93:35:88:63:19:76:
43:fb:2c:c3:ef:d2:f4:aa:35:6e:e0:85:ee:cb:d1:
8c:b1:35:86:5e:fe:49:e9:12:f2:d8:44:0b:18:0b:
be:f7:9c:f5:c8:c0:33:8a:a7:d1:d0:f1:be:d6:9b:
17:53:97:24:83:00:c3:a5:28:ae:93:52:fa:c8:96:
c1:28:30:ff:bc:82:8e:2e:eb:a0:e4:6e:12:fa:34:
e9:d7:91:4b:4c:29:9b:7d:28:bd:67:ad:2f:bf:58:
1a:d8:8f:30:bd:a7:72:9c:d5:97:3e:dc:cc:05:8c:
8a:2f:50:e1:22:05:5e:a0:f8:a4:69:31:2b:10:64:
9e:d1:d4:15:88:7c:e6:65:65:d7:35:d5:15:41:15:
91:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F1:BD:62:49:B4:03:C0:CE:A8:C4:F7:56:FB:AA:12:5E:72:52:0F
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/ifG9Ykm0A8DOqMT3VvuqEl5yUg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:85c0::-2a13:85c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4b:e4:ce:26:7b:cd:3b:96:59:e6:8f:bc:c2:7a:db:51:d6:f9:
d5:ab:8b:45:fa:c4:7d:cb:29:9f:87:0a:12:31:1a:b1:4c:ed:
8a:42:59:93:39:ed:56:71:e9:fa:38:bf:eb:d4:e5:02:5a:ac:
ad:cb:bf:a2:8e:cc:df:95:01:65:cd:e3:e2:de:55:f2:bd:5a:
1d:0b:c4:32:b6:b9:b5:9f:57:c7:e0:7c:e1:09:c1:54:53:88:
68:08:cc:f8:91:84:9a:34:68:08:98:7e:81:8d:d0:47:19:a7:
e4:cb:37:f9:8f:fb:ea:42:39:02:59:21:1d:81:c4:50:3c:db:
59:08:1c:86:15:51:72:e2:86:55:02:a4:04:49:27:d9:fc:43:
cc:90:68:65:2c:84:1c:36:7a:7d:34:ae:46:13:81:41:67:14:
69:e3:9a:bc:82:7c:5a:b0:f6:19:8a:a8:ad:86:a2:41:df:cb:
b7:93:c9:33:b8:b8:9c:45:82:5d:a2:4f:94:e0:cd:b9:79:1b:
c4:6d:d0:43:9a:98:c3:b6:ef:d2:4a:fb:e0:49:5b:31:bd:2b:
13:7a:cc:c9:26:94:69:ef:c5:36:df:88:7a:a2:ac:e8:a4:c1:
6b:4c:cf:ca:88:52:0f:49:0e:dc:6a:9e:77:75:ff:e4:57:b0:
28:ec:61:fa
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYkmRlaUaB3arHg2RMQDDJfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzA1MTMzODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWYxYmQ2MjQ5YjQwM2MwY2VhOGM0Zjc1NmZiYWExMjVlNzI1MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPxCMfZGs4V7iszCB5BciHaNqPYb
UGQ2KiEMFcfVKWZ3+Q2PqstvvSZrUNMyaZIUwA272jPOl1VNoQ4Cstguy0sS7CBc
V4bOj0XQwW4V3s+JA9Z7caKP0lI0gOKzAlsm/xUThvl9UeEAaEV4z7CfEGOTNYhj
GXZD+yzD79L0qjVu4IXuy9GMsTWGXv5J6RLy2EQLGAu+95z1yMAziqfR0PG+1psX
U5ckgwDDpSiuk1L6yJbBKDD/vIKOLuug5G4S+jTp15FLTCmbfSi9Z60vv1ga2I8w
vadynNWXPtzMBYyKL1DhIgVeoPikaTErEGSe0dQViHzmZWXXNdUVQRWRUwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFInxvWJJtAPAzqjE91b7qhJeclIPMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvaWZHOVlrbTBBOERPcU1UM1Z2dXFFbDV5VWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQYqE4XA
AwYAKhOFwAIwDQYJKoZIhvcNAQELBQADggEBAEvkziZ7zTuWWeaPvMJ621HW+dWr
i0X6xH3LKZ+HChIxGrFM7YpCWZM57VZx6fo4v+vU5QJarK3Lv6KOzN+VAWXN4+Le
VfK9Wh0LxDK2ubWfV8fgfOEJwVRTiGgIzPiRhJo0aAiYfoGN0EcZp+TLN/mP++pC
OQJZIR2BxFA821kIHIYVUXLihlUCpARJJ9n8Q8yQaGUshBw2en00rkYTgUFnFGnj
mryCfFqw9hmKqK2GokHfy7eTyTO4uJxFgl2iT5Tgzbl5G8Rt0EOamMO279JK++BJ
WzG9KxN6zMkmlGnvxTbfiHqirOikwWtMz8qIUg9JDtxqnnd1/+RXsCjsYfo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:27 2024 by rpki-client on console-ams.rpki-client.org