Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SrAytSSCY7vEfObOO61Ccz12tTk.roa
File: SrAytSSCY7vEfObOO61Ccz12tTk.roa (raw, json)
Hash identifier: AiwZKH8zy8hJ0sK+GK2y0T3oLMzCJg5WF2IELtl28vw=
Subject key identifier: 4A:B0:32:B5:24:82:63:BB:C4:7C:E6:CE:3B:AD:42:73:3D:76:B5:39
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEF9391C83F394E57FA1FF1A680108
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SrAytSSCY7vEfObOO61Ccz12tTk.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33891
IP address blocks: 2a03:f85:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f9:39:1c:83:f3:94:e5:7f:a1:ff:1a:68:01:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ab032b5248263bbc47ce6ce3bad42733d76b539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:a2:32:10:9f:b0:eb:6a:5b:14:36:9b:63:
d7:99:cc:fe:ea:dc:dd:3f:83:c5:3e:b1:17:e5:49:
c4:58:6f:85:5a:50:14:32:30:c8:c2:b6:f4:13:8f:
94:89:05:70:0b:90:c4:d0:35:06:72:7b:a3:75:ee:
70:54:d8:be:ea:e1:45:91:f4:f3:a5:a7:5d:54:ef:
02:83:c0:b0:c7:b8:59:a7:a9:31:6e:32:2f:f3:c9:
6f:66:29:b3:d9:4d:f6:17:c0:c0:b4:57:84:39:0f:
db:2f:01:d6:c3:42:46:c9:70:4a:f1:13:35:5b:c6:
b4:15:c3:81:53:48:2f:59:34:30:0a:00:69:8b:fb:
4a:d3:e2:2a:52:af:5e:39:fa:46:ef:2e:6c:7f:e5:
c9:17:a5:37:f7:fa:ef:58:79:9b:e5:4d:8d:8e:ff:
48:d8:6c:51:1f:41:07:09:9d:bd:6d:09:99:7e:14:
66:6f:0b:89:6e:a6:6d:d5:ec:07:77:fd:df:08:e3:
a8:02:74:26:3a:c7:9b:f9:8e:31:77:a4:04:65:d3:
d0:9c:56:24:fe:1d:4b:32:b1:9c:07:ce:9b:ce:d9:
61:aa:1a:93:5b:cc:fe:29:f7:98:54:ad:16:90:e1:
3d:c7:ec:fa:b2:15:71:9a:fd:b5:e0:4d:9d:60:c9:
02:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B0:32:B5:24:82:63:BB:C4:7C:E6:CE:3B:AD:42:73:3D:76:B5:39
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/SrAytSSCY7vEfObOO61Ccz12tTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:4::/48
Signature Algorithm: sha256WithRSAEncryption
7f:09:86:61:de:d7:a2:ce:d1:08:99:24:cf:e4:4b:40:6c:12:
ce:d3:de:67:a9:bb:71:6b:0a:35:e9:21:73:a8:79:6c:ae:6c:
95:31:97:4c:5b:f0:7d:08:1a:a6:69:e0:fe:99:2d:91:d2:f6:
e0:2a:82:57:20:d7:17:b3:1e:91:de:46:3d:6e:a5:d7:d6:19:
78:e9:47:3e:e5:11:da:e1:31:0c:eb:e9:6a:4d:c0:47:f2:61:
34:ca:00:4f:fc:1f:58:12:9f:ab:d4:af:ac:d4:ee:10:a6:97:
a2:e2:8b:60:92:d3:d9:57:f7:50:92:92:ed:22:cf:fb:45:1e:
a7:ad:15:94:0f:9a:f6:93:a5:05:34:c2:71:99:17:b6:aa:ed:
ba:07:5e:a9:f9:f1:b0:ac:23:f7:da:78:b8:21:27:0d:73:9b:
89:97:ba:35:ee:25:c2:66:ad:c1:0d:18:81:8f:0b:cc:ff:6f:
82:d1:ec:be:8f:bb:90:5d:16:aa:3a:59:4b:ca:32:e6:7a:33:
48:60:d2:8e:8e:74:02:f6:59:cc:c9:36:bb:4b:5a:0c:92:e0:
17:aa:b7:de:93:84:7e:60:07:40:af:ed:a6:cd:7c:7f:57:e5:
4e:6d:fc:e4:de:73:9c:93:21:7e:31:84:40:56:24:83:48:9d:
65:71:42:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrvk5HIPzlOV/of8aaAEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWIwMzJiNTI0ODI2M2JiYzQ3Y2U2Y2UzYmFkNDI3MzNkNzZiNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB6iMhCfsOtqWxQ2m2PXmcz+6tzd
P4PFPrEX5UnEWG+FWlAUMjDIwrb0E4+UiQVwC5DE0DUGcnujde5wVNi+6uFFkfTz
paddVO8Cg8Cwx7hZp6kxbjIv88lvZimz2U32F8DAtFeEOQ/bLwHWw0JGyXBK8RM1
W8a0FcOBU0gvWTQwCgBpi/tK0+IqUq9eOfpG7y5sf+XJF6U39/rvWHmb5U2Njv9I
2GxRH0EHCZ29bQmZfhRmbwuJbqZt1ewHd/3fCOOoAnQmOseb+Y4xd6QEZdPQnFYk
/h1LMrGcB86bztlhqhqTW8z+KfeYVK0WkOE9x+z6shVxmv214E2dYMkC+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEqwMrUkgmO7xHzmzjutQnM9drU5MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvU3JBeXRTU0NZN3ZFZk9iT082MUNjejEydFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAE
MA0GCSqGSIb3DQEBCwUAA4IBAQB/CYZh3teiztEImSTP5EtAbBLO095nqbtxawo1
6SFzqHlsrmyVMZdMW/B9CBqmaeD+mS2R0vbgKoJXINcXsx6R3kY9bqXX1hl46Uc+
5RHa4TEM6+lqTcBH8mE0ygBP/B9YEp+r1K+s1O4Qppei4otgktPZV/dQkpLtIs/7
RR6nrRWUD5r2k6UFNMJxmRe2qu26B16p+fGwrCP32ni4IScNc5uJl7o17iXCZq3B
DRiBjwvM/2+C0ey+j7uQXRaqOllLyjLmejNIYNKOjnQC9lnMyTa7S1oMkuAXqrfe
k4R+YAdAr+2mzXx/V+VObfzk3nOckyF+MYRAViSDSJ1lcUJ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org