Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/d43085-d94e-469d-9778-3b8ec1a65880/1/TRs1PkmrPSKmsT-v8Uj1CvNeYpY.roa
File: TRs1PkmrPSKmsT-v8Uj1CvNeYpY.roa (raw, json)
Hash identifier: YxuojYAhGT8kPC/9jAr1m7Ohr2b7lw81R/fGONAELNk=
Subject key identifier: 4D:1B:35:3E:49:AB:3D:22:A6:B1:3F:AF:F1:48:F5:0A:F3:5E:62:96
Certificate issuer: /CN=718b138ba935234f11ca1025d667f133f07d55fd
Certificate serial: 018CC9BBE0B0E22E8852E97727B4D1570FD5
Authority key identifier: 71:8B:13:8B:A9:35:23:4F:11:CA:10:25:D6:67:F1:33:F0:7D:55:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cYsTi6k1I08RyhAl1mfxM_B9Vf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/d43085-d94e-469d-9778-3b8ec1a65880/1/TRs1PkmrPSKmsT-v8Uj1CvNeYpY.roa
Signing time: Tue 02 Jan 2024 10:33:02 +0000
ROA not before: Tue 02 Jan 2024 10:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202282
IP address blocks: 2a07:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Feb 2024 09:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:e0:b0:e2:2e:88:52:e9:77:27:b4:d1:57:0f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=718b138ba935234f11ca1025d667f133f07d55fd
Validity
Not Before: Jan 2 10:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1b353e49ab3d22a6b13faff148f50af35e6296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:af:24:51:39:3a:af:24:61:14:14:27:18:af:
5f:50:2d:e2:b1:63:f4:15:d4:57:c1:f3:92:f9:b8:
c9:aa:56:b6:8c:7e:8d:e7:53:24:0c:e2:93:3f:ac:
95:6b:70:2e:b2:1c:45:74:73:9d:ec:6b:19:60:e8:
7d:90:9b:38:e4:b5:92:7d:41:fd:75:1d:e7:4b:c6:
2e:0b:54:46:13:fe:2f:b0:41:d9:c0:80:69:e8:50:
16:d0:ce:33:b4:c2:fe:57:25:4d:e3:35:83:7c:8a:
7e:b2:0a:a3:c2:59:ea:96:74:25:e9:ee:69:e0:23:
29:d9:29:a7:6d:06:e9:10:c3:e7:5b:55:1f:e0:f2:
d6:4f:c3:9d:f9:fa:44:43:e5:c3:89:ab:cd:a5:76:
1a:28:d9:f5:f4:73:a7:b7:96:bb:7e:95:d3:b2:f7:
47:49:1d:ce:78:82:27:e9:15:9c:c6:d8:b7:d2:6f:
7b:63:87:3b:6b:f5:28:63:6d:0f:7e:8d:58:f4:08:
27:66:7d:d1:35:9c:c2:e9:e8:6f:1e:11:c3:a7:77:
95:e5:d9:d3:84:e9:d0:d9:b3:6f:51:a4:c0:d2:45:
56:95:1a:96:49:e8:27:a2:e6:86:57:57:f6:6d:ac:
49:fd:5c:eb:9b:3f:c3:6b:2d:b3:49:6c:0a:87:4a:
8c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1B:35:3E:49:AB:3D:22:A6:B1:3F:AF:F1:48:F5:0A:F3:5E:62:96
X509v3 Authority Key Identifier:
keyid:71:8B:13:8B:A9:35:23:4F:11:CA:10:25:D6:67:F1:33:F0:7D:55:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cYsTi6k1I08RyhAl1mfxM_B9Vf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d43085-d94e-469d-9778-3b8ec1a65880/1/TRs1PkmrPSKmsT-v8Uj1CvNeYpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d43085-d94e-469d-9778-3b8ec1a65880/1/cYsTi6k1I08RyhAl1mfxM_B9Vf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e400::/29
Signature Algorithm: sha256WithRSAEncryption
b3:9e:5d:d3:5c:08:8b:d3:61:99:59:d4:90:a9:3b:b4:55:5f:
28:9c:8d:23:66:51:b2:43:5f:3d:8e:63:99:e9:81:9f:6a:1f:
da:a7:a9:2f:fa:d1:39:1e:12:3f:a4:be:6b:f6:a3:c5:1d:f4:
e0:3b:66:30:88:ac:cd:6a:e4:64:e5:82:81:90:f8:45:8d:4f:
52:b5:97:82:3b:61:58:64:2a:d1:b9:63:d7:16:25:9c:96:a1:
a7:37:af:6c:74:8a:48:81:c6:4e:80:af:6c:9e:8a:b7:7b:15:
18:c0:4e:06:fd:00:02:f9:3a:6a:01:46:00:62:73:a6:6b:1e:
4d:38:51:3b:06:4d:cb:21:20:5c:70:9b:fe:1a:17:20:d2:75:
3a:d2:6e:81:92:25:66:e7:cc:4e:d9:ff:0a:31:6d:bf:c3:8a:
fd:e9:5a:c9:cf:31:3e:3f:87:89:ad:f0:92:fa:d8:43:97:a5:
a4:86:ef:d2:e7:cc:08:4f:1a:e4:5b:3d:a5:e8:03:a3:9e:40:
84:d7:14:f4:bb:8e:f5:d6:6a:f9:da:8b:8a:34:e1:70:66:c7:
99:93:73:bb:65:3e:d4:79:34:ad:aa:07:38:1a:1f:8f:d5:5b:
ca:95:61:34:ab:5f:72:c8:81:c4:dd:37:f8:85:f6:f4:00:01:
4b:87:2a:c9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJu+Cw4i6IUul3J7TRVw/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOGIxMzhiYTkzNTIzNGYxMWNhMTAyNWQ2NjdmMTMzZjA3
ZDU1ZmQwHhcNMjQwMTAyMTAzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFiMzUzZTQ5YWIzZDIyYTZiMTNmYWZmMTQ4ZjUwYWYzNWU2Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna8kUTk6ryRhFBQnGK9fUC3isWP0
FdRXwfOS+bjJqla2jH6N51MkDOKTP6yVa3AushxFdHOd7GsZYOh9kJs45LWSfUH9
dR3nS8YuC1RGE/4vsEHZwIBp6FAW0M4ztML+VyVN4zWDfIp+sgqjwlnqlnQl6e5p
4CMp2SmnbQbpEMPnW1Uf4PLWT8Od+fpEQ+XDiavNpXYaKNn19HOnt5a7fpXTsvdH
SR3OeIIn6RWcxti30m97Y4c7a/UoY20Pfo1Y9AgnZn3RNZzC6ehvHhHDp3eV5dnT
hOnQ2bNvUaTA0kVWlRqWSegnouaGV1f2baxJ/Vzrmz/Day2zSWwKh0qMUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE0bNT5Jqz0iprE/r/FI9QrzXmKWMB8GA1UdIwQY
MBaAFHGLE4upNSNPEcoQJdZn8TPwfVX9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1lzVGk2azFJMDhSeWhBbDFtZnhNX0I5VmYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kNDMwODUtZDk0ZS00NjlkLTk3Nzgt
M2I4ZWMxYTY1ODgwLzEvVFJzMVBrbXJQU0ttc1QtdjhVajFDdk5lWXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kNDMwODUtZDk0ZS00NjlkLTk3NzgtM2I4ZWMxYTY1ODgw
LzEvY1lzVGk2azFJMDhSeWhBbDFtZnhNX0I5VmYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgfkADAN
BgkqhkiG9w0BAQsFAAOCAQEAs55d01wIi9NhmVnUkKk7tFVfKJyNI2ZRskNfPY5j
memBn2of2qepL/rROR4SP6S+a/ajxR304DtmMIiszWrkZOWCgZD4RY1PUrWXgjth
WGQq0blj1xYlnJahpzevbHSKSIHGToCvbJ6Kt3sVGMBOBv0AAvk6agFGAGJzpmse
TThROwZNyyEgXHCb/hoXINJ1OtJugZIlZufMTtn/CjFtv8OK/elayc8xPj+Hia3w
kvrYQ5elpIbv0ufMCE8a5Fs9pegDo55AhNcU9LuO9dZq+dqLijThcGbHmZNzu2U+
1Hk0raoHOBofj9VbypVhNKtfcsiBxN03+IX29AABS4cqyQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:44 2025 by rpki-client