Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2h9fK5oz9z1AQ60Nic829oIesTM.roa
File: 2h9fK5oz9z1AQ60Nic829oIesTM.roa (raw, json)
Hash identifier: gHsfRari33A1DG9Wt0gCoHhHSjG9AC49Y6awDH+itlo=
Subject key identifier: DA:1F:5F:2B:9A:33:F7:3D:40:43:AD:0D:89:CF:36:F6:82:1E:B1:33
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF0579A80A64833E7E22BFDACD7229
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2h9fK5oz9z1AQ60Nic829oIesTM.roa
Signing time: Sun 01 Jan 2023 09:34:47 +0000
ROA not before: Sun 01 Jan 2023 09:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61163
IP address blocks: 2a03:f87:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:05:79:a8:0a:64:83:3e:7e:22:bf:da:cd:72:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da1f5f2b9a33f73d4043ad0d89cf36f6821eb133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b0:df:d8:54:39:22:22:67:93:96:84:bd:ab:
1f:66:1a:b2:14:8e:00:da:c8:80:46:75:8b:c4:f1:
16:01:b6:65:cf:c9:ab:bb:74:2d:c2:9d:c0:26:9d:
48:0d:40:56:e5:fc:1d:bd:7f:92:3d:44:e6:30:ea:
99:7a:ce:aa:1a:8d:8f:87:03:ee:e1:21:54:49:d7:
d3:df:50:e2:db:14:b4:71:54:1d:ef:94:ee:8c:37:
c5:39:09:14:04:09:22:cf:6d:d0:94:4c:4d:87:7b:
bb:32:fd:cf:78:e5:72:6a:60:d6:18:dd:58:cf:4e:
88:74:5b:35:88:36:59:9c:f1:f9:ce:3f:0f:26:93:
cc:a6:2c:a8:ee:ce:f2:cf:18:53:6f:75:9c:48:da:
d6:fc:c1:d2:e1:00:1f:ba:9c:e4:27:60:7b:b0:8e:
aa:7e:1d:da:fd:d0:71:44:25:ea:bc:e6:ca:6d:2e:
0e:2b:6a:30:a4:ce:30:60:d5:d3:53:61:e2:f0:28:
d7:5f:c8:8e:be:cf:85:47:73:4a:75:88:7f:11:34:
22:09:81:fe:8a:dc:8a:01:dc:53:ce:76:06:4a:6a:
07:6f:61:fe:21:94:86:bb:83:bc:e9:f0:ae:54:57:
cb:47:62:78:fa:40:2b:fa:c7:69:cf:d1:29:44:f7:
02:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1F:5F:2B:9A:33:F7:3D:40:43:AD:0D:89:CF:36:F6:82:1E:B1:33
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/2h9fK5oz9z1AQ60Nic829oIesTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f87:3::/48
Signature Algorithm: sha256WithRSAEncryption
07:04:1a:18:68:9d:7e:f7:fc:54:fa:66:30:bc:f9:14:26:cf:
c3:4e:11:f0:8a:0a:02:dc:fb:eb:08:f8:44:81:a2:f8:2c:35:
39:24:bc:5c:90:bb:fc:7d:ca:0e:92:e0:72:83:b1:a3:ee:8c:
82:48:0c:71:9d:ef:78:23:e7:aa:3b:43:8a:be:3d:8e:4a:58:
da:ef:3a:91:66:85:51:1c:7c:79:65:24:58:e8:43:35:9b:64:
32:ac:04:e9:60:bd:74:bc:bd:55:f6:02:35:65:fe:5a:b1:01:
be:41:c0:2f:87:43:ee:98:f2:a3:a0:88:36:1a:cd:e4:fe:4c:
69:20:7c:bb:39:4b:5a:d9:03:21:e8:50:65:28:9a:52:ca:4f:
dc:b9:49:b6:8e:0e:7f:dd:10:c4:b1:b8:89:c3:39:2b:ca:ad:
3d:64:00:ef:d5:72:0d:0b:18:dc:39:91:e9:a8:71:dd:0f:31:
6a:06:40:36:37:17:7f:8a:dc:94:9d:83:9c:1e:92:90:a3:e9:
51:28:7a:1a:d5:ec:e8:6b:1f:9f:ba:40:c8:2e:fb:22:03:d9:
c9:eb:dd:17:40:80:94:24:34:a5:78:c1:4d:71:7f:db:10:af:
2b:f0:62:d9:67:4e:75:55:2a:b0:df:f1:98:47:78:b1:9f:68:
ac:bb:79:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrwV5qApkgz5+Ir/azXIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFmNWYyYjlhMzNmNzNkNDA0M2FkMGQ4OWNmMzZmNjgyMWViMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbDf2FQ5IiJnk5aEvasfZhqyFI4A
2siARnWLxPEWAbZlz8mru3Qtwp3AJp1IDUBW5fwdvX+SPUTmMOqZes6qGo2PhwPu
4SFUSdfT31Di2xS0cVQd75TujDfFOQkUBAkiz23QlExNh3u7Mv3PeOVyamDWGN1Y
z06IdFs1iDZZnPH5zj8PJpPMpiyo7s7yzxhTb3WcSNrW/MHS4QAfupzkJ2B7sI6q
fh3a/dBxRCXqvObKbS4OK2owpM4wYNXTU2Hi8CjXX8iOvs+FR3NKdYh/ETQiCYH+
ityKAdxTznYGSmoHb2H+IZSGu4O86fCuVFfLR2J4+kAr+sdpz9EpRPcCdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNofXyuaM/c9QEOtDYnPNvaCHrEzMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMmg5Zks1b3o5ejFBUTYwTmljODI5b0llc1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhwAD
MA0GCSqGSIb3DQEBCwUAA4IBAQAHBBoYaJ1+9/xU+mYwvPkUJs/DThHwigoC3Pvr
CPhEgaL4LDU5JLxckLv8fcoOkuByg7Gj7oyCSAxxne94I+eqO0OKvj2OSlja7zqR
ZoVRHHx5ZSRY6EM1m2QyrATpYL10vL1V9gI1Zf5asQG+QcAvh0PumPKjoIg2Gs3k
/kxpIHy7OUta2QMh6FBlKJpSyk/cuUm2jg5/3RDEsbiJwzkryq09ZADv1XINCxjc
OZHpqHHdDzFqBkA2Nxd/ityUnYOcHpKQo+lRKHoa1ezoax+fukDILvsiA9nJ690X
QICUJDSleMFNcX/bEK8r8GLZZ051VSqw3/GYR3ixn2isu3l7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org