Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JkHeEwExYkdYSLw9KUtvgXGRjbs.roa
File: JkHeEwExYkdYSLw9KUtvgXGRjbs.roa (raw, json)
Hash identifier: bWT0npDGRErGTfEroBvbKvRGe+Iqg8/APk3/x4f4goM=
Subject key identifier: 26:41:DE:13:01:31:62:47:58:48:BC:3D:29:4B:6F:81:71:91:8D:BB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E88AC35744B5ACB2FF2DF2C0A67A13
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JkHeEwExYkdYSLw9KUtvgXGRjbs.roa
Signing time: Mon 02 Jan 2023 09:55:43 +0000
ROA not before: Mon 02 Jan 2023 09:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56428
IP address blocks: 2a01:7120:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:8a:c3:57:44:b5:ac:b2:ff:2d:f2:c0:a6:7a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2641de13013162475848bc3d294b6f8171918dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a3:db:2e:11:fa:c6:4d:6d:46:73:20:7f:92:
b3:70:32:f1:f2:40:4f:d4:b7:51:97:83:cb:0d:00:
b1:16:28:79:ee:17:3a:1e:cf:48:0c:35:ec:f3:1a:
9e:f2:9e:65:aa:27:8d:fa:bf:7c:29:30:25:35:db:
27:53:b4:d7:4b:c9:e1:bc:72:ce:b8:9d:0b:9f:74:
2c:a0:fa:93:b0:6c:40:9e:82:4d:08:8b:b5:c0:49:
81:b8:51:b0:9e:34:51:42:bb:2b:52:0f:be:b1:3a:
4b:07:25:83:b8:75:8e:73:c8:60:e9:ec:d0:c2:a9:
ff:75:4a:21:5c:f2:0a:f8:cb:62:71:e9:bb:03:15:
e8:53:58:b7:0c:34:1f:4e:7d:ba:29:a0:1c:eb:98:
18:28:8b:58:2a:95:12:a2:3f:36:d5:10:c1:77:16:
b6:bf:5b:ae:f3:f1:97:21:eb:c4:5d:24:53:4e:0a:
03:67:a0:6c:54:93:60:53:9f:9a:80:e7:fb:2a:65:
bf:f0:13:da:da:66:f5:a3:4d:89:fd:a4:e3:80:28:
19:5f:c7:50:7e:32:ca:97:c7:38:c8:3b:52:0a:94:
3e:63:b7:e0:0d:de:b6:67:ac:e9:3b:15:5c:e4:d7:
11:a1:ef:64:e4:e0:06:b0:ea:03:4b:bc:6e:98:65:
57:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:41:DE:13:01:31:62:47:58:48:BC:3D:29:4B:6F:81:71:91:8D:BB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/JkHeEwExYkdYSLw9KUtvgXGRjbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7120:7::/48
Signature Algorithm: sha256WithRSAEncryption
98:1b:f4:a4:4c:9f:1a:44:15:07:5c:72:34:67:4f:bc:37:8e:
f3:c2:25:bf:a6:bb:21:ae:57:3f:dc:7c:43:bb:75:26:02:54:
15:31:d7:02:f2:54:6e:f9:2b:fe:2c:2b:04:11:71:fb:47:f7:
8d:22:13:e7:89:a0:f9:c4:94:9a:7b:91:d1:6c:b2:e8:32:23:
67:a3:c1:bf:92:dd:40:0b:a4:d4:ba:7a:ac:13:2c:9e:a8:30:
e9:97:37:86:47:f2:cb:09:93:9d:4c:4b:60:8a:72:7d:ad:42:
70:7c:21:d9:2b:63:8b:18:64:1c:9e:6a:e2:18:8e:39:b6:1d:
b4:5f:92:c3:e8:8c:10:04:0e:c7:6c:25:fe:f8:ed:95:0b:39:
43:82:23:3f:14:24:1e:45:60:a0:99:25:5f:b2:ea:3a:6c:70:
97:67:08:f5:9f:c3:c9:f3:7f:3f:98:2d:ea:3f:35:87:47:6e:
c2:03:50:8f:a3:95:dd:34:d7:7e:1c:eb:84:84:f5:c9:bc:59:
b0:63:81:b4:31:ab:f4:85:92:9a:d1:6b:9b:1d:2d:57:63:60:
c9:18:d9:17:b3:06:e1:0f:c2:f1:fc:7a:a6:5a:8c:45:92:98:
81:44:18:62:9d:96:7e:9d:bf:1e:72:4c:35:1d:7c:e1:f7:b5:
3f:b2:f1:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVx6IrDV0S1rLL/LfLApnoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQxZGUxMzAxMzE2MjQ3NTg0OGJjM2QyOTRiNmY4MTcxOTE4ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKPbLhH6xk1tRnMgf5KzcDLx8kBP
1LdRl4PLDQCxFih57hc6Hs9IDDXs8xqe8p5lqieN+r98KTAlNdsnU7TXS8nhvHLO
uJ0Ln3QsoPqTsGxAnoJNCIu1wEmBuFGwnjRRQrsrUg++sTpLByWDuHWOc8hg6ezQ
wqn/dUohXPIK+Mticem7AxXoU1i3DDQfTn26KaAc65gYKItYKpUSoj821RDBdxa2
v1uu8/GXIevEXSRTTgoDZ6BsVJNgU5+agOf7KmW/8BPa2mb1o02J/aTjgCgZX8dQ
fjLKl8c4yDtSCpQ+Y7fgDd62Z6zpOxVc5NcRoe9k5OAGsOoDS7xumGVXRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCZB3hMBMWJHWEi8PSlLb4FxkY27MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSmtIZUV3RXhZa2RZU0x3OUtVdHZnWEdSamJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFxIAAH
MA0GCSqGSIb3DQEBCwUAA4IBAQCYG/SkTJ8aRBUHXHI0Z0+8N47zwiW/prshrlc/
3HxDu3UmAlQVMdcC8lRu+Sv+LCsEEXH7R/eNIhPniaD5xJSae5HRbLLoMiNno8G/
kt1AC6TUunqsEyyeqDDplzeGR/LLCZOdTEtginJ9rUJwfCHZK2OLGGQcnmriGI45
th20X5LD6IwQBA7HbCX++O2VCzlDgiM/FCQeRWCgmSVfsuo6bHCXZwj1n8PJ838/
mC3qPzWHR27CA1CPo5XdNNd+HOuEhPXJvFmwY4G0Mav0hZKa0WubHS1XY2DJGNkX
swbhD8Lx/HqmWoxFkpiBRBhinZZ+nb8eckw1HXzh97U/svFJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org