Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/rgtjr48SaaMbDI2hnqmvZjMxcv8.roa
File: rgtjr48SaaMbDI2hnqmvZjMxcv8.roa (raw, json)
Hash identifier: tetRT9YAm1UVrHRLRVttitN3tgTfdxjDbEa+Vk7rCiQ=
Subject key identifier: AE:0B:63:AF:8F:12:69:A3:1B:0C:8D:A1:9E:A9:AF:66:33:31:72:FF
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D0C8CA8B1B00169F7D8B872B2D58C
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/rgtjr48SaaMbDI2hnqmvZjMxcv8.roa
Signing time: Tue 02 Jan 2024 08:31:59 +0000
ROA not before: Tue 02 Jan 2024 08:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208510
IP address blocks: 2a0a:280:2000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 06:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:0c:8c:a8:b1:b0:01:69:f7:d8:b8:72:b2:d5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0b63af8f1269a31b0c8da19ea9af66333172ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f5:08:76:71:f2:42:e2:d6:16:eb:e0:87:20:
1f:14:82:a3:8c:25:49:d0:6b:ab:70:48:da:0f:08:
db:5a:d7:1d:85:94:ec:22:65:80:c2:c2:cb:8a:7d:
a6:fe:3e:02:2d:5d:5e:95:59:9d:b0:2c:39:c5:c8:
74:17:00:72:bb:76:52:b0:38:6e:d1:14:39:d9:24:
85:e2:2f:64:31:43:2f:70:1e:f3:8e:51:14:f0:ca:
75:ba:74:88:8e:91:05:ba:39:e8:a7:4b:2a:2b:ba:
3f:48:64:63:dc:71:ad:61:00:ea:9d:0b:6b:33:b4:
e7:37:50:82:30:32:88:bb:4a:2c:b6:e8:76:33:53:
5e:33:82:d4:ec:62:38:bd:67:fc:5b:2b:4c:c3:e3:
b8:cc:e4:50:a6:d9:f3:e1:fa:ba:ea:34:ca:4b:b6:
c8:e4:e0:3e:5a:8f:b9:28:e8:34:64:c3:9a:26:cd:
84:83:06:f6:3b:b0:ab:ad:5a:9f:04:45:88:7d:97:
1e:48:74:d3:63:51:fc:14:c5:2d:a7:09:de:94:39:
b1:83:8c:cd:46:79:39:94:bc:2b:80:3e:e9:83:bc:
f9:64:d3:f6:ce:62:a7:3a:d9:5d:6c:15:c8:ae:77:
81:41:89:bb:65:97:c9:4b:e7:1b:2e:43:d6:6c:a8:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0B:63:AF:8F:12:69:A3:1B:0C:8D:A1:9E:A9:AF:66:33:31:72:FF
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/rgtjr48SaaMbDI2hnqmvZjMxcv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2000::/40
Signature Algorithm: sha256WithRSAEncryption
33:2f:60:25:4f:24:4d:a7:77:84:ad:4d:3b:2b:bf:6e:63:25:
8d:2f:e1:e8:9b:12:09:fc:a1:bb:49:b5:8f:27:0c:6a:31:dd:
c2:9a:60:12:4e:92:36:49:a2:61:2b:7a:7b:24:e2:3c:f9:0b:
52:22:e6:dd:1c:fe:8f:2a:c5:95:1d:a9:15:84:ca:14:45:02:
30:d3:c8:21:00:01:a4:ea:73:ef:02:f8:93:9c:41:55:f5:c1:
fc:2d:e9:d2:99:60:b9:59:0f:25:8a:c5:36:0d:a7:a3:dd:54:
40:43:e5:4e:11:b6:c1:6d:2f:eb:9c:74:58:da:e1:ac:8d:c7:
bc:11:8a:aa:d0:d2:5a:d9:fa:8d:a9:fe:af:12:77:bb:e8:5a:
77:46:b2:75:15:af:56:d8:aa:c1:e0:53:9f:37:f9:52:98:49:
61:25:86:40:bc:7a:bc:cf:54:07:3e:f1:88:af:cc:28:e0:40:
d3:bc:8a:38:5c:91:c3:d6:c9:51:03:f0:68:8d:0c:dd:22:86:
f8:8c:43:9b:75:da:36:ed:5a:a7:a1:34:87:68:18:06:9d:e9:
db:35:ef:4e:9b:f8:f8:1e:be:53:48:42:65:b8:44:3a:7b:b4:
cb:26:b7:8b:59:c4:a7:8f:49:25:89:ce:c1:8c:03:fa:17:37:
61:07:ff:f4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTQyMqLGwAWn32LhystWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBiNjNhZjhmMTI2OWEzMWIwYzhkYTE5ZWE5YWY2NjMzMzE3MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPUIdnHyQuLWFuvghyAfFIKjjCVJ
0GurcEjaDwjbWtcdhZTsImWAwsLLin2m/j4CLV1elVmdsCw5xch0FwByu3ZSsDhu
0RQ52SSF4i9kMUMvcB7zjlEU8Mp1unSIjpEFujnop0sqK7o/SGRj3HGtYQDqnQtr
M7TnN1CCMDKIu0ostuh2M1NeM4LU7GI4vWf8WytMw+O4zORQptnz4fq66jTKS7bI
5OA+Wo+5KOg0ZMOaJs2Egwb2O7CrrVqfBEWIfZceSHTTY1H8FMUtpwnelDmxg4zN
Rnk5lLwrgD7pg7z5ZNP2zmKnOtldbBXIrneBQYm7ZZfJS+cbLkPWbKiXDQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK4LY6+PEmmjGwyNoZ6pr2YzMXL/MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvcmd0anI0OFNhYU1iREkyaG5xbXZaak14Y3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCAw
DQYJKoZIhvcNAQELBQADggEBADMvYCVPJE2nd4StTTsrv25jJY0v4eibEgn8obtJ
tY8nDGox3cKaYBJOkjZJomErensk4jz5C1Ii5t0c/o8qxZUdqRWEyhRFAjDTyCEA
AaTqc+8C+JOcQVX1wfwt6dKZYLlZDyWKxTYNp6PdVEBD5U4RtsFtL+ucdFja4ayN
x7wRiqrQ0lrZ+o2p/q8Sd7voWndGsnUVr1bYqsHgU583+VKYSWElhkC8erzPVAc+
8YivzCjgQNO8ijhckcPWyVED8GiNDN0ihviMQ5t12jbtWqehNIdoGAad6ds1706b
+PgevlNIQmW4RDp7tMsmt4tZxKePSSWJzsGMA/oXN2EH//Q=
-----END CERTIFICATE-----
Generated at Tue Jan 23 09:26:31 2024 by rpki-client on console-fra.rpki-client.org