Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/7e1057-3d1a-4f6a-bf87-cfa8f9d9f81c/1/vTytOfOXLJP2_rZ9GEjg30OSt_I.roa
File: vTytOfOXLJP2_rZ9GEjg30OSt_I.roa (raw, json)
Hash identifier: ajklgpvu5sjqUw61oQ0jD0sUSxZHTlu3nTVnVTwi2ts=
Subject key identifier: BD:3C:AD:39:F3:97:2C:93:F6:FE:B6:7D:18:48:E0:DF:43:92:B7:F2
Certificate issuer: /CN=4098174db451d9fefdeec15f9b9c7929daae9980
Certificate serial: 01856D540EEB2DFD2E060EB623EC6D51BF95
Authority key identifier: 40:98:17:4D:B4:51:D9:FE:FD:EE:C1:5F:9B:9C:79:29:DA:AE:99:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QJgXTbRR2f797sFfm5x5KdqumYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/7e1057-3d1a-4f6a-bf87-cfa8f9d9f81c/1/vTytOfOXLJP2_rZ9GEjg30OSt_I.roa
Signing time: Sun 01 Jan 2023 12:35:03 +0000
ROA not before: Sun 01 Jan 2023 12:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60019
IP address blocks: 2a02:7d60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:0e:eb:2d:fd:2e:06:0e:b6:23:ec:6d:51:bf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4098174db451d9fefdeec15f9b9c7929daae9980
Validity
Not Before: Jan 1 12:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3cad39f3972c93f6feb67d1848e0df4392b7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4c:e7:17:53:ba:06:9d:b8:d7:4b:81:0f:2b:
0b:c4:8c:c5:5f:3a:d4:d8:e8:07:04:61:a0:ea:1c:
0e:ad:1b:38:88:fd:4d:97:c6:c2:9f:43:39:d9:00:
0f:7a:8c:c1:f6:2c:0e:da:79:e8:ea:f4:08:01:23:
94:a6:0a:16:49:07:a2:4a:07:5e:bb:44:79:36:b8:
69:b4:e3:1a:42:89:99:30:a0:02:48:4b:2c:07:55:
a1:fa:67:1a:68:af:76:e5:f4:7e:94:21:aa:ea:a2:
e1:e2:b3:04:6e:68:6c:68:8f:e7:f8:90:3c:22:e8:
04:b3:47:f2:6a:03:d3:0b:1a:8f:ae:6f:c5:fd:f1:
71:91:4d:72:17:57:73:d0:39:f6:a4:cb:f4:cf:7b:
c7:6d:27:58:c2:cb:7e:fc:8d:dd:12:50:02:65:cf:
24:aa:30:b9:44:3c:72:b0:51:1f:db:40:6b:af:61:
c9:2d:e6:28:43:a3:16:99:c3:be:e8:3e:69:d7:be:
bb:ca:9b:c0:ba:b9:60:e7:9b:a4:fc:79:dd:75:e7:
07:0e:cf:12:6a:02:23:c9:f8:dd:08:36:a9:20:74:
54:40:a6:b7:d9:bf:a6:1b:9e:7a:46:a2:86:13:15:
19:9d:00:8a:68:0c:4e:3b:60:ec:5a:3e:e9:30:e2:
2c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3C:AD:39:F3:97:2C:93:F6:FE:B6:7D:18:48:E0:DF:43:92:B7:F2
X509v3 Authority Key Identifier:
keyid:40:98:17:4D:B4:51:D9:FE:FD:EE:C1:5F:9B:9C:79:29:DA:AE:99:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QJgXTbRR2f797sFfm5x5KdqumYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/7e1057-3d1a-4f6a-bf87-cfa8f9d9f81c/1/vTytOfOXLJP2_rZ9GEjg30OSt_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/7e1057-3d1a-4f6a-bf87-cfa8f9d9f81c/1/QJgXTbRR2f797sFfm5x5KdqumYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:7d60::/32
Signature Algorithm: sha256WithRSAEncryption
65:07:a7:5d:b8:62:b7:74:4b:7f:f2:ef:a3:66:3e:3b:4f:00:
ad:5f:0c:3a:56:73:56:57:f6:9e:03:6f:61:c7:08:02:87:82:
40:7b:7f:0c:2b:01:4f:92:df:03:8d:cd:87:d2:73:b3:e2:64:
65:e3:ff:28:20:eb:09:54:57:82:f0:8b:c9:d2:77:2d:ae:ab:
01:b6:74:b1:8a:fd:f0:a1:91:e0:c1:11:ac:be:b9:be:7d:c5:
70:04:4b:d7:c8:45:da:de:1f:29:fa:99:56:79:99:1d:ab:d8:
a9:ab:bd:ba:32:a6:00:e0:06:06:fb:c1:ed:86:01:60:f0:4d:
57:3b:e2:5e:12:d5:56:8c:dd:cb:8c:fb:64:36:f0:1d:df:a5:
87:c9:47:72:36:26:09:2a:02:e2:6a:09:da:41:bc:a1:9f:7a:
d2:b1:14:f2:7d:a0:fb:d4:7d:e5:00:9d:01:92:ff:0a:87:34:
04:7a:d3:11:31:b6:18:d9:ac:92:10:66:0f:ab:67:da:04:d2:
df:de:a3:c0:3e:1a:4b:a3:23:7f:53:20:5b:36:09:48:12:ed:
5b:71:54:23:5f:ca:51:f5:96:07:c4:46:6b:4a:09:d8:f7:63:
93:85:cb:a1:34:ed:e9:2b:6f:23:f5:92:7a:cf:46:59:0f:a7:
48:71:c0:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtVA7rLf0uBg62I+xtUb+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOTgxNzRkYjQ1MWQ5ZmVmZGVlYzE1ZjliOWM3OTI5ZGFh
ZTk5ODAwHhcNMjMwMTAxMTIzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNjYWQzOWYzOTcyYzkzZjZmZWI2N2QxODQ4ZTBkZjQzOTJiN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0znF1O6Bp2410uBDysLxIzFXzrU
2OgHBGGg6hwOrRs4iP1Nl8bCn0M52QAPeozB9iwO2nno6vQIASOUpgoWSQeiSgde
u0R5NrhptOMaQomZMKACSEssB1Wh+mcaaK925fR+lCGq6qLh4rMEbmhsaI/n+JA8
IugEs0fyagPTCxqPrm/F/fFxkU1yF1dz0Dn2pMv0z3vHbSdYwst+/I3dElACZc8k
qjC5RDxysFEf20Brr2HJLeYoQ6MWmcO+6D5p1767ypvAurlg55uk/HnddecHDs8S
agIjyfjdCDapIHRUQKa32b+mG556RqKGExUZnQCKaAxOO2DsWj7pMOIsKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL08rTnzlyyT9v62fRhI4N9DkrfyMB8GA1UdIwQY
MBaAFECYF020Udn+/e7BX5uceSnarpmAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUpnWFRiUlIyZjc5N3NGZm01eDVLZHF1bVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83ZTEwNTctM2QxYS00ZjZhLWJmODct
Y2ZhOGY5ZDlmODFjLzEvdlR5dE9mT1hMSlAyX3JaOUdFamczME9TdF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83ZTEwNTctM2QxYS00ZjZhLWJmODctY2ZhOGY5ZDlmODFj
LzEvUUpnWFRiUlIyZjc5N3NGZm01eDVLZHF1bVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgJ9YDAN
BgkqhkiG9w0BAQsFAAOCAQEAZQenXbhit3RLf/Lvo2Y+O08ArV8MOlZzVlf2ngNv
YccIAoeCQHt/DCsBT5LfA43Nh9Jzs+JkZeP/KCDrCVRXgvCLydJ3La6rAbZ0sYr9
8KGR4MERrL65vn3FcARL18hF2t4fKfqZVnmZHavYqau9ujKmAOAGBvvB7YYBYPBN
VzviXhLVVozdy4z7ZDbwHd+lh8lHcjYmCSoC4moJ2kG8oZ960rEU8n2g+9R95QCd
AZL/Coc0BHrTETG2GNmskhBmD6tn2gTS396jwD4aS6Mjf1MgWzYJSBLtW3FUI1/K
UfWWB8RGa0oJ2Pdjk4XLoTTt6StvI/WSes9GWQ+nSHHA+A==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:27 2024 by rpki-client on console-ams.rpki-client.org