Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IUmkdyILYJiJlnZYh1rhTz7CwE4.roa
File: IUmkdyILYJiJlnZYh1rhTz7CwE4.roa (raw, json)
Hash identifier: QzsvJlGhaHSdS1K/Inl/+VsbuUD1yaA1X6Xd0YcmV74=
Subject key identifier: 21:49:A4:77:22:0B:60:98:89:96:76:58:87:5A:E1:4F:3E:C2:C0:4E
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018732E2C278558255B8AEF2D5835ED5E495
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IUmkdyILYJiJlnZYh1rhTz7CwE4.roa
Signing time: Thu 30 Mar 2023 14:18:54 +0000
ROA not before: Thu 30 Mar 2023 14:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208022
IP address blocks: 2a0a:281::/32 maxlen: 48
2a12:ef40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Aug 2023 14:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:e2:c2:78:55:82:55:b8:ae:f2:d5:83:5e:d5:e4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Mar 30 14:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2149a477220b609889967658875ae14f3ec2c04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e3:4a:59:d6:d6:ce:70:a0:8c:2a:6a:77:54:
17:3a:08:eb:8b:16:bd:1a:cb:4f:fc:b3:c6:95:69:
31:02:69:bb:a0:4b:4a:97:9d:94:f7:d5:ec:ac:7f:
8b:d7:93:cb:83:7c:e8:ff:72:3b:ad:ac:d2:c0:54:
12:11:40:90:be:34:5c:2d:8b:ec:0d:bb:11:6c:1f:
23:ac:f3:10:b0:9b:f9:25:e2:03:62:20:a0:7f:04:
d6:ba:f8:7c:a1:17:f4:41:a8:de:4f:20:4b:f4:ac:
12:b1:7c:42:ad:a7:f7:f0:83:ac:b5:80:6d:54:d0:
17:e4:10:4e:c4:4f:f7:d4:fd:ee:7e:90:58:1f:f8:
aa:7d:3c:94:b4:7e:2d:25:74:98:5e:7f:3c:7a:6d:
05:16:ec:47:27:7f:9a:fe:cb:f6:3b:d3:ed:b9:d0:
d4:43:ef:91:d8:2b:16:e7:14:12:02:42:2c:33:d0:
42:d0:d8:6a:4d:29:e4:9c:08:80:a1:47:52:57:31:
e7:3c:c9:ea:20:81:ca:a9:0f:17:05:ec:63:ba:79:
b7:78:25:09:1a:b1:0d:54:8f:46:fa:df:34:f7:41:
d0:cd:45:1b:34:86:f3:4c:27:e1:a6:4d:8f:fa:b1:
ba:51:ca:da:63:7e:c9:fa:13:0a:c9:07:91:18:8c:
c3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:49:A4:77:22:0B:60:98:89:96:76:58:87:5A:E1:4F:3E:C2:C0:4E
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/IUmkdyILYJiJlnZYh1rhTz7CwE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:281::/32
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
58:6d:99:38:9a:3e:11:78:74:19:a3:11:00:57:5e:02:2d:4a:
31:f4:8c:7c:aa:d6:b3:23:78:8e:a3:f4:19:a7:ed:97:40:9e:
6c:cf:bd:89:af:bb:93:14:67:da:96:e4:b8:db:a2:ce:a1:29:
a6:04:91:75:c8:0b:96:48:1d:c0:55:3a:2c:30:f9:84:4a:9f:
51:6e:f8:5d:17:f7:40:44:7b:e5:05:1e:93:9c:1d:0a:6b:d1:
48:f6:8d:ef:f9:c7:44:4a:2a:d7:a3:80:f2:0b:44:a6:dd:a9:
3e:6c:c4:9c:6a:55:47:32:5b:28:1f:44:2c:e8:5f:5a:9b:26:
e3:f9:c5:cc:f7:92:d2:d8:b0:85:91:b5:ba:c5:9c:7f:bb:4e:
0e:61:5f:38:5c:23:c4:fd:95:2b:e1:d3:a1:01:d2:1d:b2:5f:
67:a5:01:74:39:d8:79:5e:1b:c2:c0:e2:51:d9:21:ff:ce:06:
b9:75:11:b0:81:df:ee:79:4b:14:01:8a:c2:35:80:d1:54:b9:
04:eb:6c:3c:65:13:09:a2:fd:df:cf:38:a1:27:8d:c4:90:2c:
b4:8b:d5:87:1e:79:ba:b9:2a:7e:0b:b0:54:02:3a:86:1f:b2:
af:55:23:15:dd:bb:fb:64:df:11:6e:a3:5a:52:3e:4f:3b:ea:
88:bf:63:80
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYcy4sJ4VYJVuK7y1YNe1eSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMzMwMTQxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ5YTQ3NzIyMGI2MDk4ODk5Njc2NTg4NzVhZTE0ZjNlYzJjMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeNKWdbWznCgjCpqd1QXOgjrixa9
GstP/LPGlWkxAmm7oEtKl52U99XsrH+L15PLg3zo/3I7razSwFQSEUCQvjRcLYvs
DbsRbB8jrPMQsJv5JeIDYiCgfwTWuvh8oRf0QajeTyBL9KwSsXxCraf38IOstYBt
VNAX5BBOxE/31P3ufpBYH/iqfTyUtH4tJXSYXn88em0FFuxHJ3+a/sv2O9PtudDU
Q++R2CsW5xQSAkIsM9BC0NhqTSnknAiAoUdSVzHnPMnqIIHKqQ8XBexjunm3eCUJ
GrENVI9G+t8090HQzUUbNIbzTCfhpk2P+rG6UcraY37J+hMKyQeRGIzDyQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCFJpHciC2CYiZZ2WIda4U8+wsBOMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvSVVta2R5SUxZSmlKbG5aWWgxcmhUejdDd0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgoCgQMF
AyoS70AwDQYJKoZIhvcNAQELBQADggEBAFhtmTiaPhF4dBmjEQBXXgItSjH0jHyq
1rMjeI6j9Bmn7ZdAnmzPvYmvu5MUZ9qW5Ljbos6hKaYEkXXIC5ZIHcBVOiww+YRK
n1Fu+F0X90BEe+UFHpOcHQpr0Uj2je/5x0RKKtejgPILRKbdqT5sxJxqVUcyWygf
RCzoX1qbJuP5xcz3ktLYsIWRtbrFnH+7Tg5hXzhcI8T9lSvh06EB0h2yX2elAXQ5
2HleG8LA4lHZIf/OBrl1EbCB3+55SxQBisI1gNFUuQTrbDxlEwmi/d/POKEnjcSQ
LLSL1Yceebq5Kn4LsFQCOoYfsq9VIxXdu/tk3xFuo1pSPk876oi/Y4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org