Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/CB1G8LGTjkos7MaTw1iQJ9aRW_Y.roa
File: CB1G8LGTjkos7MaTw1iQJ9aRW_Y.roa (raw, json)
Hash identifier: FUeukpsYzRlkeFe+32QuyBl3fApyQxh9VH569O8yreU=
Subject key identifier: 08:1D:46:F0:B1:93:8E:4A:2C:EC:C6:93:C3:58:90:27:D6:91:5B:F6
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 018C87FA03C18DD07E8A80B2F81925C58945
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/CB1G8LGTjkos7MaTw1iQJ9aRW_Y.roa
Signing time: Wed 20 Dec 2023 16:05:58 +0000
ROA not before: Wed 20 Dec 2023 16:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216308
IP address blocks: 2a10:4646:390::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:fa:03:c1:8d:d0:7e:8a:80:b2:f8:19:25:c5:89:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Dec 20 16:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=081d46f0b1938e4a2cecc693c3589027d6915bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:01:2a:3e:65:a1:3f:77:b3:87:50:86:ea:18:
9f:34:de:b8:c0:0a:36:7a:75:8d:01:ef:98:e4:24:
2d:51:14:5a:78:83:78:a2:b0:49:bf:13:b7:ff:dd:
1d:8b:ab:dd:b4:df:87:f1:4e:17:25:5b:5e:53:fb:
07:a1:41:6f:89:c9:40:3b:5b:a4:ad:cf:2f:5f:b7:
86:39:9b:9f:58:e4:08:53:e7:4e:09:21:d5:70:1c:
fb:43:d7:c2:98:ec:74:e6:ab:50:ac:39:e9:55:6f:
98:57:f7:67:dc:d8:25:5b:8a:8f:4b:eb:14:d7:01:
71:ef:da:6e:47:c0:d5:3b:9b:48:48:86:2b:3f:2b:
87:33:d3:de:8d:cf:3c:9c:c7:a6:ca:a8:ac:22:12:
b8:16:bb:88:99:4e:9a:5d:f2:69:fd:9f:08:7a:be:
a5:ad:77:0a:9c:f3:19:06:f8:c8:01:10:5b:9c:7d:
d1:77:6d:43:a5:d4:99:9a:9e:c9:fa:f7:81:96:a8:
5d:e1:32:cd:0e:d6:2c:a6:f0:51:41:7b:aa:76:51:
a6:f9:00:02:2c:c4:37:20:e1:e2:6e:87:d7:87:af:
c1:7a:3a:eb:6e:7e:66:d8:03:5d:80:a7:20:9c:e4:
58:9b:45:16:20:13:6c:a5:5c:3a:4c:8e:96:7a:c2:
f3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1D:46:F0:B1:93:8E:4A:2C:EC:C6:93:C3:58:90:27:D6:91:5B:F6
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/CB1G8LGTjkos7MaTw1iQJ9aRW_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:390::/44
Signature Algorithm: sha256WithRSAEncryption
da:0f:c3:29:9c:f2:df:a6:e3:c0:68:cd:97:f5:b7:12:0b:cf:
2f:66:a3:9c:fd:7f:c8:1b:c1:91:1c:60:a7:80:fa:f6:ff:16:
82:87:d1:73:54:44:e3:4b:91:c5:2a:4d:86:e4:16:b9:af:be:
83:f2:39:4c:53:6d:e3:95:4a:bf:73:6c:a2:75:20:38:c2:7b:
3d:50:49:ad:0b:bb:9f:73:eb:8c:4a:d3:f9:e3:ef:d9:09:6b:
e0:ef:79:60:4d:97:71:4c:4d:0c:dc:b5:91:3e:1a:28:d2:a3:
6c:c4:34:34:c3:db:5d:53:8e:1c:9d:fa:95:ab:31:08:81:da:
27:75:e0:38:9b:35:cb:f6:5b:52:22:8f:74:85:81:d6:f7:f1:
03:7b:59:45:ff:9d:32:2c:81:59:a4:d0:a5:a9:98:12:76:31:
6f:7d:fe:43:5f:d2:0c:fe:c7:06:4f:31:f9:fd:77:30:dc:5e:
32:27:15:1b:60:ab:8c:6a:29:c4:d0:72:7b:d1:1a:55:d4:1d:
ab:6c:1f:20:75:59:0d:2f:65:a6:ed:74:9e:a2:54:7c:07:b4:
06:de:ce:9d:43:c6:8c:bc:5a:19:ea:4d:ce:04:9b:fa:b4:eb:
97:fa:0f:62:d9:c4:58:80:74:96:fa:dc:45:b8:15:82:84:bb:
a7:e9:e3:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyH+gPBjdB+ioCy+BklxYlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMxMjIwMTYwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFkNDZmMGIxOTM4ZTRhMmNlY2M2OTNjMzU4OTAyN2Q2OTE1YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQEqPmWhP3ezh1CG6hifNN64wAo2
enWNAe+Y5CQtURRaeIN4orBJvxO3/90di6vdtN+H8U4XJVteU/sHoUFviclAO1uk
rc8vX7eGOZufWOQIU+dOCSHVcBz7Q9fCmOx05qtQrDnpVW+YV/dn3NglW4qPS+sU
1wFx79puR8DVO5tISIYrPyuHM9Pejc88nMemyqisIhK4FruImU6aXfJp/Z8Ier6l
rXcKnPMZBvjIARBbnH3Rd21DpdSZmp7J+veBlqhd4TLNDtYspvBRQXuqdlGm+QAC
LMQ3IOHibofXh6/Bejrrbn5m2ANdgKcgnORYm0UWIBNspVw6TI6WesLzawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAgdRvCxk45KLOzGk8NYkCfWkVv2MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvQ0IxRzhMR1Rqa29zN01hVHcxaVFKOWFSV19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDaD8MpnPLfpuPAaM2X9bcSC88vZqOc/X/IG8GR
HGCngPr2/xaCh9FzVETjS5HFKk2G5Ba5r76D8jlMU23jlUq/c2yidSA4wns9UEmt
C7ufc+uMStP54+/ZCWvg73lgTZdxTE0M3LWRPhoo0qNsxDQ0w9tdU44cnfqVqzEI
gdondeA4mzXL9ltSIo90hYHW9/EDe1lF/50yLIFZpNClqZgSdjFvff5DX9IM/scG
TzH5/Xcw3F4yJxUbYKuMainE0HJ70RpV1B2rbB8gdVkNL2Wm7XSeolR8B7QG3s6d
Q8aMvFoZ6k3OBJv6tOuX+g9i2cRYgHSW+txFuBWChLun6ePf
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:50 2024 by rpki-client on console-ams.rpki-client.org