Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PK0A9ftSR6G6UzV0h5GpC_cLwTY.roa
File: PK0A9ftSR6G6UzV0h5GpC_cLwTY.roa (raw, json)
Hash identifier: 8O1FgKLjVLhq+MVaeFGQ2do0TrloM9wTH/O+D2Fw+sk=
Subject key identifier: 3C:AD:00:F5:FB:52:47:A1:BA:53:35:74:87:91:A9:0B:F7:0B:C1:36
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0189B57C71EF8A2EDA70C28FBD8D2CF4760E
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PK0A9ftSR6G6UzV0h5GpC_cLwTY.roa
Signing time: Wed 02 Aug 2023 09:02:58 +0000
ROA not before: Wed 02 Aug 2023 09:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200615
IP address blocks: 2a09:e683:1::/48 maxlen: 48
2a09:e685::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:7c:71:ef:8a:2e:da:70:c2:8f:bd:8d:2c:f4:76:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 2 09:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cad00f5fb5247a1ba5335748791a90bf70bc136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:47:e6:be:1b:24:5b:5f:7e:f5:4c:42:5b:
c2:b5:c5:a5:4b:d6:a6:23:ea:e2:5e:82:1b:db:1b:
11:aa:01:17:b4:7a:aa:8a:65:18:2b:83:9b:3b:d6:
0c:c8:26:6a:d4:f1:bd:11:36:36:7b:3d:37:80:e5:
d2:ff:91:eb:97:58:2a:8a:1f:f4:a8:21:eb:07:b5:
43:a1:9e:bc:3f:99:34:ed:1d:8a:d0:e9:2a:10:aa:
e5:a8:4a:3f:15:09:27:7e:da:6d:ca:9e:79:6a:cc:
6b:20:3f:31:df:5c:77:f8:67:d1:ff:f2:90:59:81:
1b:1b:1e:d4:56:fa:9e:31:9c:12:d4:23:e6:c7:e5:
5f:29:99:95:a7:d2:6b:60:68:35:30:b8:46:69:71:
db:01:58:d4:5a:78:a6:97:4f:c1:7b:1f:3f:57:eb:
82:34:a7:d6:cd:ff:6d:c5:d4:1b:b5:45:76:99:fa:
cf:84:00:a0:64:59:11:f6:42:dc:45:33:f4:36:e2:
19:c3:f2:2f:d1:89:ad:aa:c5:73:87:0d:29:60:bd:
4d:18:a8:0b:c1:6f:fe:cb:68:60:0b:92:9b:37:9d:
36:f4:d1:12:8a:15:85:27:22:47:f9:b5:90:c4:16:
3d:22:01:c3:99:4b:e7:24:8a:3b:68:f2:aa:3b:81:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AD:00:F5:FB:52:47:A1:BA:53:35:74:87:91:A9:0B:F7:0B:C1:36
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PK0A9ftSR6G6UzV0h5GpC_cLwTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e683:1::/48
2a09:e685::/48
Signature Algorithm: sha256WithRSAEncryption
12:25:38:9f:bb:6d:93:25:55:f2:98:73:cd:b0:ab:3d:28:ac:
96:e1:08:e5:29:fa:42:2c:4e:08:8a:3d:90:b0:fa:b3:54:47:
f6:37:b5:de:17:12:44:89:ac:80:ed:23:bd:f5:61:33:3e:08:
88:99:ad:41:ff:2d:65:17:89:ff:62:87:08:30:6c:16:75:b4:
3c:aa:c7:12:aa:b3:54:b9:32:87:a8:da:9e:d2:ff:65:fb:ec:
12:22:83:a6:20:c9:b6:05:8d:87:52:83:ca:1c:67:48:db:d8:
12:72:8a:04:09:50:44:39:70:47:80:0a:55:bc:23:da:54:80:
97:d5:f3:7c:42:58:04:dc:83:14:9b:1e:1c:36:df:38:9b:54:
e6:70:44:7f:c4:8c:5b:99:b3:e5:28:67:88:9b:d9:46:30:34:
6f:0a:ef:aa:dd:17:66:b3:42:db:35:8d:d1:81:d4:2a:ae:b5:
20:7f:91:9b:58:d1:5f:ac:05:9b:27:e5:88:78:9e:15:dd:4c:
3a:90:5b:79:44:68:8b:29:ec:dc:31:fc:b3:a3:97:5c:ef:99:
77:7d:67:10:5e:12:31:2e:dd:fb:31:94:8f:1c:7d:3d:43:23:
21:67:1b:93:40:d0:2d:db:0e:75:ae:d8:85:a1:68:85:85:ed:
2f:09:09:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm1fHHvii7acMKPvY0s9HYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODAyMDkwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FkMDBmNWZiNTI0N2ExYmE1MzM1NzQ4NzkxYTkwYmY3MGJjMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT5H5r4bJFtffvVMQlvCtcWlS9am
I+riXoIb2xsRqgEXtHqqimUYK4ObO9YMyCZq1PG9ETY2ez03gOXS/5Hrl1gqih/0
qCHrB7VDoZ68P5k07R2K0OkqEKrlqEo/FQknftptyp55asxrID8x31x3+GfR//KQ
WYEbGx7UVvqeMZwS1CPmx+VfKZmVp9JrYGg1MLhGaXHbAVjUWniml0/Bex8/V+uC
NKfWzf9txdQbtUV2mfrPhACgZFkR9kLcRTP0NuIZw/Iv0YmtqsVzhw0pYL1NGKgL
wW/+y2hgC5KbN5029NESihWFJyJH+bWQxBY9IgHDmUvnJIo7aPKqO4FQLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDytAPX7UkehulM1dIeRqQv3C8E2MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUEswQTlmdFNSNkc2VXpWMGg1R3BDX2NMd1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgnmgwAB
AwcAKgnmhQAAMA0GCSqGSIb3DQEBCwUAA4IBAQASJTifu22TJVXymHPNsKs9KKyW
4QjlKfpCLE4Iij2QsPqzVEf2N7XeFxJEiayA7SO99WEzPgiIma1B/y1lF4n/YocI
MGwWdbQ8qscSqrNUuTKHqNqe0v9l++wSIoOmIMm2BY2HUoPKHGdI29gScooECVBE
OXBHgApVvCPaVICX1fN8QlgE3IMUmx4cNt84m1TmcER/xIxbmbPlKGeIm9lGMDRv
Cu+q3Rdms0LbNY3RgdQqrrUgf5GbWNFfrAWbJ+WIeJ4V3Uw6kFt5RGiLKezcMfyz
o5dc75l3fWcQXhIxLt37MZSPHH09QyMhZxuTQNAt2w51rtiFoWiFhe0vCQnw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org