Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/1znWPy-MvPv4GJ6Esbohdp-Hzl8.roa
File: 1znWPy-MvPv4GJ6Esbohdp-Hzl8.roa (raw, json)
Hash identifier: JY0awl4z2yIQEQ7wIEhcIzAfjeKx3xSyAQ65VHVFnGs=
Subject key identifier: D7:39:D6:3F:2F:8C:BC:FB:F8:18:9E:84:B1:BA:21:76:9F:87:CE:5F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01872DCC7E598E0AE8E7E872177B62FBEAB4
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/1znWPy-MvPv4GJ6Esbohdp-Hzl8.roa
Signing time: Wed 29 Mar 2023 14:36:29 +0000
ROA not before: Wed 29 Mar 2023 14:36:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203888
IP address blocks: 2a0a:280:3000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jul 2023 04:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:cc:7e:59:8e:0a:e8:e7:e8:72:17:7b:62:fb:ea:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 29 14:36:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d739d63f2f8cbcfbf8189e84b1ba21769f87ce5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e6:84:1b:73:48:aa:2c:e8:db:5a:d0:5c:89:
19:fa:40:b8:ac:3b:0b:45:16:af:0c:f0:46:52:0d:
11:da:00:ab:9a:3d:e4:9a:f0:46:64:66:cb:c5:69:
70:a9:0a:06:58:29:34:fb:fe:16:00:21:75:6b:12:
1f:9d:14:92:3c:74:a6:ff:47:d3:18:d9:a8:07:7b:
1b:46:80:b6:cb:ba:31:f3:f0:14:0b:4c:8c:f1:f1:
9a:c0:1e:b1:98:29:f3:b2:52:c9:fb:3d:73:3e:ff:
92:fd:a7:c0:1d:2b:99:df:20:69:00:68:77:90:2d:
94:6c:9a:c2:99:16:19:9f:59:c8:20:bc:7b:d0:25:
ba:35:d4:af:6d:d9:aa:94:b9:5a:47:dd:c8:1e:fa:
3f:36:9d:8a:50:ab:fa:41:5a:bb:d4:ce:1b:3c:5a:
46:8d:4a:60:82:1e:69:9a:f6:b4:42:b6:c2:de:12:
98:76:48:71:51:07:46:6e:c4:90:1a:40:12:04:8d:
03:8b:92:2a:b7:d0:23:3a:a2:ca:15:c7:a1:60:b7:
96:f6:c3:68:27:95:ec:96:f1:5b:a6:5a:90:54:1b:
28:03:f0:ca:ec:f5:8c:08:df:80:13:19:dd:ba:67:
6c:08:a9:9f:65:7b:e1:37:e4:4d:c4:cc:69:15:99:
51:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:39:D6:3F:2F:8C:BC:FB:F8:18:9E:84:B1:BA:21:76:9F:87:CE:5F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/1znWPy-MvPv4GJ6Esbohdp-Hzl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:3000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:13:dc:0d:bd:2c:7c:4b:ac:e5:25:b4:d6:9c:9a:2f:2a:23:
40:4b:16:da:d6:02:d8:95:ed:ef:02:af:58:35:ba:79:cf:9e:
a9:48:a9:35:81:e3:e0:5e:f4:60:79:88:89:98:19:38:1c:dd:
59:7b:3a:6f:f7:b6:6d:3f:d1:3b:57:36:2f:9f:23:3a:c1:93:
d9:b5:17:5b:ee:05:70:6e:6d:91:b0:7a:5b:41:e5:1e:41:f3:
7b:74:42:2d:15:ea:7b:2c:67:03:6e:0f:ef:ee:9b:d7:ef:c9:
f4:a1:6b:af:f8:a7:3f:49:c4:43:11:31:2d:5a:6b:a2:d6:07:
dc:b7:1c:16:a4:01:42:cb:25:22:ef:ac:8a:2e:8c:ee:ab:31:
1e:28:cc:68:44:ec:82:44:d0:fa:4d:9c:9e:1c:cf:2b:30:44:
9a:d6:f4:4d:d1:d4:eb:4a:d1:22:2e:26:a6:27:9e:da:87:97:
67:32:8e:a3:f4:1b:6e:72:34:ad:18:1d:2a:72:68:3f:e6:79:
34:07:8e:3f:e6:7d:56:36:a6:6e:9d:63:df:3c:3a:7d:ee:f2:
40:ca:b2:e8:8f:da:0e:a2:4b:d0:a3:ab:c4:82:13:3a:28:fd:
25:93:f7:d3:55:1c:4b:bd:a7:47:38:e4:a2:ce:57:ac:38:e4:
1f:24:fb:7f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYctzH5Zjgro5+hyF3ti++q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzI5MTQzNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM5ZDYzZjJmOGNiY2ZiZjgxODllODRiMWJhMjE3NjlmODdjZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeaEG3NIqizo21rQXIkZ+kC4rDsL
RRavDPBGUg0R2gCrmj3kmvBGZGbLxWlwqQoGWCk0+/4WACF1axIfnRSSPHSm/0fT
GNmoB3sbRoC2y7ox8/AUC0yM8fGawB6xmCnzslLJ+z1zPv+S/afAHSuZ3yBpAGh3
kC2UbJrCmRYZn1nIILx70CW6NdSvbdmqlLlaR93IHvo/Np2KUKv6QVq71M4bPFpG
jUpggh5pmva0QrbC3hKYdkhxUQdGbsSQGkASBI0Di5Iqt9AjOqLKFcehYLeW9sNo
J5XslvFbplqQVBsoA/DK7PWMCN+AExndumdsCKmfZXvhN+RNxMxpFZlR/QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNc51j8vjLz7+BiehLG6IXafh85fMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvMXpuV1B5LU12UHY0R0o2RXNib2hkcC1Iemw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgDAw
DQYJKoZIhvcNAQELBQADggEBAIoT3A29LHxLrOUltNacmi8qI0BLFtrWAtiV7e8C
r1g1unnPnqlIqTWB4+Be9GB5iImYGTgc3Vl7Om/3tm0/0TtXNi+fIzrBk9m1F1vu
BXBubZGweltB5R5B83t0Qi0V6nssZwNuD+/um9fvyfSha6/4pz9JxEMRMS1aa6LW
B9y3HBakAULLJSLvrIoujO6rMR4ozGhE7IJE0PpNnJ4czyswRJrW9E3R1OtK0SIu
JqYnntqHl2cyjqP0G25yNK0YHSpyaD/meTQHjj/mfVY2pm6dY988On3u8kDKsuiP
2g6iS9Cjq8SCEzoo/SWT99NVHEu9p0c45KLOV6w45B8k+38=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org