Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/4qERJGIlOZo5mUD7HGagW0SgPqw.roa
File: 4qERJGIlOZo5mUD7HGagW0SgPqw.roa (raw, json)
Hash identifier: 5YCw765FJRtvICGF1zT+eMo1YffLL2lQ3wsVZLFl21g=
Subject key identifier: E2:A1:11:24:62:25:39:9A:39:99:40:FB:1C:66:A0:5B:44:A0:3E:AC
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018A286591E4D3AB4473361888407578C7E1
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/4qERJGIlOZo5mUD7HGagW0SgPqw.roa
Signing time: Thu 24 Aug 2023 16:34:19 +0000
ROA not before: Thu 24 Aug 2023 16:34:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216412
IP address blocks: 2a0a:280:b000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:65:91:e4:d3:ab:44:73:36:18:88:40:75:78:c7:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Aug 24 16:34:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a111246225399a399940fb1c66a05b44a03eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:2f:34:5d:3a:3e:db:03:8d:e1:e9:60:83:
3d:27:ab:a1:8e:41:d5:7a:aa:33:e7:ce:83:9d:1f:
26:b2:82:2e:0e:83:fa:01:16:80:6f:15:20:ca:30:
11:b4:53:a4:e4:66:3a:79:4f:9d:cc:55:5a:45:e7:
a9:b0:5b:e4:85:0b:6d:7a:c1:13:dc:84:67:58:89:
aa:39:b7:a7:82:6b:f6:97:a8:e3:ba:47:3f:b3:98:
d9:94:dc:83:b4:02:19:66:e6:1b:79:ca:73:d3:fb:
31:24:b8:a3:95:a3:ec:aa:16:71:a1:f2:f0:17:8e:
35:82:c7:7c:3f:13:95:2f:3f:cf:b9:c0:3f:ab:60:
ee:0c:97:bd:33:24:c2:4e:bd:ec:05:04:48:d3:a1:
d1:fe:21:8e:25:93:ac:4d:d6:0e:71:32:74:c0:63:
86:e5:45:51:58:ae:bc:c7:f5:7a:7b:b5:15:69:8e:
36:4a:93:5f:d2:13:1f:58:47:7d:42:c8:1c:0c:82:
98:8f:75:a5:32:f0:48:10:5a:cf:b8:98:60:cf:5e:
92:60:0a:f5:04:95:1f:8c:91:46:3d:c0:7c:9e:2d:
0f:a8:a5:1e:5a:c4:48:5c:6c:15:c9:7d:1c:46:60:
a6:f6:65:6e:56:19:c2:49:c7:65:6f:1c:d7:f9:8f:
90:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A1:11:24:62:25:39:9A:39:99:40:FB:1C:66:A0:5B:44:A0:3E:AC
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/4qERJGIlOZo5mUD7HGagW0SgPqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:b000::/36
Signature Algorithm: sha256WithRSAEncryption
15:27:87:17:41:f7:d8:96:15:2c:14:a3:08:b7:e0:31:5e:fe:
e4:54:d4:3d:1b:1c:02:25:a9:d6:da:23:69:f8:c8:fc:34:0a:
76:49:39:e5:fe:d1:29:66:3d:fc:54:74:fe:74:81:e0:d6:d5:
66:ae:12:0c:2e:d7:ae:f0:6c:2a:6e:d2:0a:75:60:32:ec:66:
69:52:19:78:2e:6e:df:ae:21:92:55:27:89:0e:1c:c3:7e:b7:
6d:36:f1:56:a9:7e:14:91:76:ea:1b:8b:13:a6:cc:6f:38:96:
84:18:9b:af:f7:ba:99:7b:32:77:c7:52:c2:dc:2a:08:d0:bc:
e8:5d:c6:77:22:56:34:8a:30:9a:16:f8:ef:df:05:d2:26:8d:
e2:e0:09:ca:f4:f2:ac:ce:85:4c:a7:bf:34:20:86:df:91:04:
24:97:83:e1:5d:cc:8f:82:9e:bd:b4:a6:e7:48:38:50:6b:e1:
2b:ae:f9:f0:73:a2:f8:03:20:e3:01:11:74:54:85:98:37:4e:
14:a4:d9:1d:9a:64:1e:cd:9a:d2:de:85:5c:bc:73:c5:35:c5:
d7:61:15:b1:3f:71:45:65:36:f8:9e:3a:2a:3e:25:3d:1a:95:
50:da:46:00:45:65:3d:52:27:26:70:cf:0d:12:e8:19:a8:02:
d7:15:50:95
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYooZZHk06tEczYYiEB1eMfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwODI0MTYzNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmExMTEyNDYyMjUzOTlhMzk5OTQwZmIxYzY2YTA1YjQ0YTAzZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBAvNF06PtsDjeHpYIM9J6uhjkHV
eqoz586DnR8msoIuDoP6ARaAbxUgyjARtFOk5GY6eU+dzFVaReepsFvkhQttesET
3IRnWImqObengmv2l6jjukc/s5jZlNyDtAIZZuYbecpz0/sxJLijlaPsqhZxofLw
F441gsd8PxOVLz/PucA/q2DuDJe9MyTCTr3sBQRI06HR/iGOJZOsTdYOcTJ0wGOG
5UVRWK68x/V6e7UVaY42SpNf0hMfWEd9QsgcDIKYj3WlMvBIEFrPuJhgz16SYAr1
BJUfjJFGPcB8ni0PqKUeWsRIXGwVyX0cRmCm9mVuVhnCScdlbxzX+Y+QywIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOKhESRiJTmaOZlA+xxmoFtEoD6sMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvNHFFUkpHSWxPWm81bVVEN0hHYWdXMFNnUHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgoCgLAw
DQYJKoZIhvcNAQELBQADggEBABUnhxdB99iWFSwUowi34DFe/uRU1D0bHAIlqdba
I2n4yPw0CnZJOeX+0SlmPfxUdP50geDW1WauEgwu167wbCpu0gp1YDLsZmlSGXgu
bt+uIZJVJ4kOHMN+t2028VapfhSRduobixOmzG84loQYm6/3upl7MnfHUsLcKgjQ
vOhdxnciVjSKMJoW+O/fBdImjeLgCcr08qzOhUynvzQght+RBCSXg+FdzI+Cnr20
pudIOFBr4Suu+fBzovgDIOMBEXRUhZg3ThSk2R2aZB7NmtLehVy8c8U1xddhFbE/
cUVlNvieOio+JT0alVDaRgBFZT1SJyZwzw0S6BmoAtcVUJU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:32 2024 by rpki-client on console-ams.rpki-client.org