Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tLMlGdQ7ljB3I1aLkoZ_IH2TTF8.roa
File: tLMlGdQ7ljB3I1aLkoZ_IH2TTF8.roa (raw, json)
Hash identifier: Hucz3FX5Z70v2KbIWIaYpuNNl8FyK+yUven6TEpBABo=
Subject key identifier: B4:B3:25:19:D4:3B:96:30:77:23:56:8B:92:86:7F:20:7D:93:4C:5F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEF73C58D9F2CB2DB1F2FDD3C18052
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tLMlGdQ7ljB3I1aLkoZ_IH2TTF8.roa
Signing time: Sun 01 Jan 2023 09:34:43 +0000
ROA not before: Sun 01 Jan 2023 09:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25560
IP address blocks: 2a03:f85::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f7:3c:58:d9:f2:cb:2d:b1:f2:fd:d3:c1:80:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4b32519d43b96307723568b92867f207d934c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e9:f2:3d:22:28:ec:f3:03:5e:2b:77:e9:39:
51:b9:70:c9:e5:06:ae:54:fc:a5:27:fa:35:5d:91:
b1:75:13:ca:7e:59:65:6c:1b:1a:74:7c:b4:ab:89:
54:6a:d5:26:3b:70:ce:6c:73:7c:86:c0:4b:36:83:
15:05:d4:7a:97:03:9f:a1:cb:3e:72:72:ff:38:eb:
af:ec:2c:95:18:bd:c2:0b:4e:6c:ee:73:69:1b:4d:
7e:60:c9:a2:a3:01:de:8c:f1:19:33:e8:7f:8d:24:
6a:36:26:72:fc:c9:04:8d:33:a5:f1:8b:da:af:f6:
c4:a0:cf:f6:be:de:93:0d:8b:fe:ce:00:cd:5d:9a:
4a:d8:9f:6d:81:a2:bd:d1:45:1d:f5:c2:df:2b:c0:
31:30:11:fd:b1:1a:02:19:fe:97:0a:2b:0f:e2:c9:
66:2b:6b:22:ba:1a:87:81:7e:41:35:e8:56:c7:98:
a4:1f:a6:72:f3:d0:f6:69:6f:e2:f5:a3:f4:da:f5:
dd:92:31:90:28:ec:ba:4e:5a:e8:02:9d:18:b1:36:
b1:4c:83:0a:fa:25:f5:b6:59:e3:4b:7c:e5:af:09:
3c:62:24:bd:c2:02:5f:33:35:f7:ae:bd:51:eb:28:
c0:f3:1a:c7:49:e5:7d:c9:ce:be:dd:3a:33:be:f4:
cd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B3:25:19:D4:3B:96:30:77:23:56:8B:92:86:7F:20:7D:93:4C:5F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tLMlGdQ7ljB3I1aLkoZ_IH2TTF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85::/48
Signature Algorithm: sha256WithRSAEncryption
25:3a:92:11:2b:c9:9e:70:20:5f:ef:ec:1d:44:1c:45:d3:50:
38:fa:b9:c7:8f:57:f8:22:2b:87:2f:71:d7:b5:96:3a:fa:ee:
3b:cd:2f:62:8d:be:c1:3c:00:a4:de:53:0e:a9:91:d4:48:5a:
93:ad:3b:50:a9:29:74:12:3b:08:81:ec:b2:c6:a5:70:a5:ed:
e0:04:8f:0a:bc:49:8e:34:e3:ab:24:b4:2a:f0:45:82:ea:84:
78:10:47:af:4e:6b:15:c3:17:4b:88:81:ea:ab:73:d6:92:ed:
6b:ab:bd:a0:8c:c7:94:32:b0:78:6b:78:d4:76:12:08:dd:2a:
7f:d1:4f:7a:ee:f2:3c:bf:69:5a:d6:78:7a:94:6e:65:1b:77:
f2:18:5d:93:73:2e:a3:07:ad:d2:f1:ba:25:f0:80:7c:c6:f7:
10:c3:a2:01:fd:23:39:0b:b3:c3:f9:fe:84:07:a5:d6:ee:3d:
f4:52:38:c6:23:96:74:c5:69:d0:39:59:d1:35:97:13:7f:9d:
35:9a:86:2e:9d:8d:7d:e3:3f:ed:36:8f:81:32:77:80:2b:f6:
13:ef:cc:39:43:0e:20:4f:86:38:06:a2:7b:2e:9a:65:d5:c4:
8a:ce:3f:8d:3b:92:82:3a:92:66:70:ac:48:47:ab:08:e7:39:
59:30:33:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsrvc8WNnyyy2x8v3TwYBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGIzMjUxOWQ0M2I5NjMwNzcyMzU2OGI5Mjg2N2YyMDdkOTM0YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+nyPSIo7PMDXit36TlRuXDJ5Qau
VPylJ/o1XZGxdRPKflllbBsadHy0q4lUatUmO3DObHN8hsBLNoMVBdR6lwOfocs+
cnL/OOuv7CyVGL3CC05s7nNpG01+YMmiowHejPEZM+h/jSRqNiZy/MkEjTOl8Yva
r/bEoM/2vt6TDYv+zgDNXZpK2J9tgaK90UUd9cLfK8AxMBH9sRoCGf6XCisP4slm
K2siuhqHgX5BNehWx5ikH6Zy89D2aW/i9aP02vXdkjGQKOy6TlroAp0YsTaxTIMK
+iX1tlnjS3zlrwk8YiS9wgJfMzX3rr1R6yjA8xrHSeV9yc6+3TozvvTNvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLSzJRnUO5YwdyNWi5KGfyB9k0xfMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdExNbEdkUTdsakIzSTFhTGtvWl9JSDJUVEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAlOpIRK8mecCBf7+wdRBxF01A4+rnHj1f4IiuH
L3HXtZY6+u47zS9ijb7BPACk3lMOqZHUSFqTrTtQqSl0EjsIgeyyxqVwpe3gBI8K
vEmONOOrJLQq8EWC6oR4EEevTmsVwxdLiIHqq3PWku1rq72gjMeUMrB4a3jUdhII
3Sp/0U967vI8v2la1nh6lG5lG3fyGF2Tcy6jB63S8bol8IB8xvcQw6IB/SM5C7PD
+f6EB6XW7j30UjjGI5Z0xWnQOVnRNZcTf501moYunY194z/tNo+BMneAK/YT78w5
Qw4gT4Y4BqJ7Lppl1cSKzj+NO5KCOpJmcKxIR6sI5zlZMDPd
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:24 2024 by rpki-client on console-ams.rpki-client.org