Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Sg3_KFHCudYWwQzIsKDeL5iMTLo.roa
File: Sg3_KFHCudYWwQzIsKDeL5iMTLo.roa (raw, json)
Hash identifier: YKmbbvmdLzsAacKnNeTUx80tdZLwKejcsiZE3b8/dsA=
Subject key identifier: 4A:0D:FF:28:51:C2:B9:D6:16:C1:0C:C8:B0:A0:DE:2F:98:8C:4C:BA
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0186979F9E5E01CFB64359A33ECDA4EF7CDA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Sg3_KFHCudYWwQzIsKDeL5iMTLo.roa
Signing time: Tue 28 Feb 2023 10:44:25 +0000
ROA not before: Tue 28 Feb 2023 10:44:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0b:b87:ffef::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9f:9e:5e:01:cf:b6:43:59:a3:3e:cd:a4:ef:7c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 28 10:44:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a0dff2851c2b9d616c10cc8b0a0de2f988c4cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:4f:a4:35:44:5a:7a:8a:b5:2d:20:73:0b:
22:99:46:c7:1b:3f:84:54:b0:7d:31:58:d8:38:1e:
eb:7b:3a:33:bc:32:6e:7d:95:6a:47:79:55:f0:2d:
0d:af:ee:27:2a:64:5c:fe:f5:a6:b7:4a:2b:8b:f2:
18:2c:6f:90:8f:28:e1:42:8e:d2:9b:36:ca:97:d9:
c6:04:4c:ba:98:38:02:21:eb:83:ed:84:d0:95:c1:
e5:d6:02:1b:c2:f9:fa:e9:06:96:96:b7:48:30:27:
a8:dc:ce:74:32:68:85:37:09:01:c2:fa:22:ed:89:
3a:cc:d3:e6:c6:63:ff:e4:c4:9f:49:f8:33:e6:3a:
51:ea:44:de:a9:54:32:8a:7c:9c:d9:0c:5c:65:d9:
00:00:16:58:3e:a9:6c:7d:d4:e2:b6:1c:a6:56:0b:
05:ef:98:7e:92:34:c3:9d:3d:e6:82:cb:f5:52:33:
1e:ba:df:d1:a9:22:60:f7:94:92:ba:30:e5:ed:46:
f8:8e:7f:e9:c2:71:42:c2:06:56:43:7d:5e:fc:df:
59:a5:8b:8b:09:3b:76:da:5a:12:a7:0a:34:10:e0:
a9:77:43:e8:8c:ea:3b:00:49:b9:74:70:09:d4:3d:
c7:f8:35:12:dd:d9:50:a0:47:49:b7:90:b4:78:4e:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0D:FF:28:51:C2:B9:D6:16:C1:0C:C8:B0:A0:DE:2F:98:8C:4C:BA
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Sg3_KFHCudYWwQzIsKDeL5iMTLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffef::/48
Signature Algorithm: sha256WithRSAEncryption
71:a9:cb:c4:46:0e:7c:e6:77:47:c5:bf:bd:a0:ae:ad:b6:97:
8d:4d:b2:3c:e1:93:97:ef:21:ea:ea:68:d1:6e:b2:c3:f2:23:
81:5d:f1:1c:34:ef:b1:24:f3:40:b3:1e:73:ee:1e:3a:5d:d3:
0b:de:da:29:8c:47:0f:d5:73:5e:ef:4a:e2:68:1c:4c:b8:d3:
ce:6c:12:57:50:de:f6:b6:08:0b:52:37:67:62:63:00:3e:fc:
43:5b:9a:34:87:b9:3f:9b:b1:26:9c:a0:15:df:d0:af:67:fc:
a5:66:5f:66:aa:ec:90:b8:d2:57:1f:2f:cc:80:d1:72:a7:06:
85:29:a4:63:58:a0:26:bc:27:40:44:66:1b:b1:40:70:9b:5b:
80:75:3b:13:7c:37:74:0d:ae:ce:a5:fe:8a:52:3e:38:1b:e4:
2a:fd:9a:0c:09:c6:a2:7d:0e:01:8b:86:a0:99:cb:42:fe:cb:
39:82:56:80:09:a8:ed:5c:2e:02:81:d6:a5:bc:ca:ed:2e:5c:
9e:5f:e1:8a:cd:aa:bd:37:8e:c1:9c:7d:ad:fd:8a:21:4a:e1:
f9:92:5d:17:38:43:f3:dd:23:7b:6c:ae:99:2f:1c:35:92:26:
57:a4:60:ce:08:d4:f9:5f:25:b4:7d:b2:b3:bd:bc:38:8a:81:
6d:f1:f0:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYaXn55eAc+2Q1mjPs2k73zaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMjI4MTA0NDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBkZmYyODUxYzJiOWQ2MTZjMTBjYzhiMGEwZGUyZjk4OGM0Y2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkClPpDVEWnqKtS0gcwsimUbHGz+E
VLB9MVjYOB7rezozvDJufZVqR3lV8C0Nr+4nKmRc/vWmt0ori/IYLG+QjyjhQo7S
mzbKl9nGBEy6mDgCIeuD7YTQlcHl1gIbwvn66QaWlrdIMCeo3M50MmiFNwkBwvoi
7Yk6zNPmxmP/5MSfSfgz5jpR6kTeqVQyinyc2QxcZdkAABZYPqlsfdTithymVgsF
75h+kjTDnT3mgsv1UjMeut/RqSJg95SSujDl7Ub4jn/pwnFCwgZWQ31e/N9ZpYuL
CTt22loSpwo0EOCpd0PojOo7AEm5dHAJ1D3H+DUS3dlQoEdJt5C0eE7FTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEoN/yhRwrnWFsEMyLCg3i+YjEy6MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvU2czX0tGSEN1ZFlXd1F6SXNLRGVMNWlNVExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//v
MA0GCSqGSIb3DQEBCwUAA4IBAQBxqcvERg585ndHxb+9oK6ttpeNTbI84ZOX7yHq
6mjRbrLD8iOBXfEcNO+xJPNAsx5z7h46XdML3topjEcP1XNe70riaBxMuNPObBJX
UN72tggLUjdnYmMAPvxDW5o0h7k/m7EmnKAV39CvZ/ylZl9mquyQuNJXHy/MgNFy
pwaFKaRjWKAmvCdARGYbsUBwm1uAdTsTfDd0Da7Opf6KUj44G+Qq/ZoMCcaifQ4B
i4agmctC/ss5glaACajtXC4CgdalvMrtLlyeX+GKzaq9N47BnH2t/YohSuH5kl0X
OEPz3SN7bK6ZLxw1kiZXpGDOCNT5XyW0fbKzvbw4ioFt8fAi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org