Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SJ3KJBE5GhQc88LxwW0gDiSYYa4.roa
File: SJ3KJBE5GhQc88LxwW0gDiSYYa4.roa (raw, json)
Hash identifier: cYHNF9efH5E27uvqkcB2VmLoFBRUby60QbCEuhd3wDo=
Subject key identifier: 48:9D:CA:24:11:39:1A:14:1C:F3:C2:F1:C1:6D:20:0E:24:98:61:AE
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0185ED6EB38D680DB8E43838EF2418C3154E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SJ3KJBE5GhQc88LxwW0gDiSYYa4.roa
Signing time: Thu 26 Jan 2023 09:35:33 +0000
ROA not before: Thu 26 Jan 2023 09:35:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38230
IP address blocks: 2a0e:8f01::/35 maxlen: 48
2a0e:8f01::/48 maxlen: 48
2a0e:8f01:8000::/48 maxlen: 48
2a0e:8f01:10b::/48 maxlen: 48
2a0e:8f01:10c::/48 maxlen: 48
2a0e:8f01:104::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:6e:b3:8d:68:0d:b8:e4:38:38:ef:24:18:c3:15:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 26 09:35:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=489dca2411391a141cf3c2f1c16d200e249861ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:b6:a8:6a:00:82:ce:56:77:65:72:6d:13:
34:3a:3e:83:35:0a:76:33:29:64:98:5a:4d:20:b4:
42:6a:79:44:f9:9c:36:b9:b0:c8:23:cf:06:73:fb:
9d:fe:e6:92:06:95:f4:e0:38:3b:c3:a4:44:21:5d:
90:14:11:d6:fc:35:fb:ee:96:9d:09:20:3f:25:85:
1b:79:1a:ec:41:54:6a:fa:da:2d:94:82:67:f6:64:
d9:6b:16:16:41:f5:c2:a9:98:56:e3:79:33:83:f3:
3e:78:28:5e:fa:dd:fa:16:67:b2:20:9b:6f:b6:a1:
b0:6d:7c:ee:cb:3e:5b:d8:eb:b1:8b:66:a8:1a:cd:
89:07:6b:a6:ea:09:88:72:73:d3:2f:ec:e7:c9:90:
12:6f:9b:b4:7a:ed:d7:4d:aa:73:2a:5a:59:32:8b:
c4:50:6d:eb:86:ce:5d:4c:69:58:eb:cb:f1:37:1a:
25:3b:86:8c:cb:bf:e1:df:24:bb:61:b7:30:28:8a:
52:45:e6:b3:d9:13:2c:74:71:ef:09:9e:da:4c:fd:
81:b6:68:9c:75:52:e5:f0:c6:b3:1d:8e:e9:df:72:
c1:f3:14:33:23:1a:18:96:4f:31:97:b2:5d:79:8d:
92:9b:4b:6b:db:1f:14:80:23:e9:98:00:a8:73:4b:
86:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9D:CA:24:11:39:1A:14:1C:F3:C2:F1:C1:6D:20:0E:24:98:61:AE
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SJ3KJBE5GhQc88LxwW0gDiSYYa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f01::/35
2a0e:8f01:8000::/48
Signature Algorithm: sha256WithRSAEncryption
41:b2:60:ed:6c:84:ff:a4:de:36:c3:7e:30:1c:59:c7:b5:cf:
38:6c:b7:0e:be:fe:db:4e:b4:4c:ca:a3:a9:2b:3e:21:e2:7d:
94:da:14:89:87:6c:51:e9:e3:c4:fa:5d:97:67:98:31:92:3b:
44:fc:fe:dc:46:7b:9a:7f:cd:9e:9b:54:1f:cb:ba:ba:9a:43:
0f:8b:61:05:6b:7c:14:76:bd:e8:3f:1d:9e:9d:73:e2:24:b5:
b0:8c:69:00:66:89:c9:a3:9a:4f:f3:8c:ba:ac:65:9f:a5:67:
69:1c:fd:97:f7:25:ad:17:50:6a:98:39:e1:ad:66:b7:c6:3f:
ca:64:30:ed:be:f0:f5:c5:d4:ee:1d:df:10:ac:3a:1a:b2:0b:
17:4f:2f:50:ff:e3:de:22:cc:4b:0a:bd:40:0c:76:6d:2f:ec:
87:28:eb:19:77:e5:33:41:51:21:01:24:61:f1:d5:4f:35:b1:
c5:01:da:d8:b0:7d:6a:1b:86:20:ce:1a:e4:a4:35:ca:0e:ca:
6e:ce:07:2d:fd:b1:eb:2e:3f:79:27:fd:04:9a:67:17:57:d8:
ae:42:66:ff:90:30:93:ab:7c:38:a6:69:c4:bc:05:2d:7d:ce:
56:eb:b4:fb:24:12:38:92:70:07:00:0e:75:f8:23:d4:ee:dd:
a4:5c:59:67
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYXtbrONaA245Dg47yQYwxVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTI2MDkzNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODlkY2EyNDExMzkxYTE0MWNmM2MyZjFjMTZkMjAwZTI0OTg2MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2G2qGoAgs5Wd2VybRM0Oj6DNQp2
MylkmFpNILRCanlE+Zw2ubDII88Gc/ud/uaSBpX04Dg7w6REIV2QFBHW/DX77pad
CSA/JYUbeRrsQVRq+totlIJn9mTZaxYWQfXCqZhW43kzg/M+eChe+t36FmeyIJtv
tqGwbXzuyz5b2Ouxi2aoGs2JB2um6gmIcnPTL+znyZASb5u0eu3XTapzKlpZMovE
UG3rhs5dTGlY68vxNxolO4aMy7/h3yS7YbcwKIpSReaz2RMsdHHvCZ7aTP2Btmic
dVLl8MazHY7p33LB8xQzIxoYlk8xl7JdeY2Sm0tr2x8UgCPpmACoc0uGXQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFEidyiQRORoUHPPC8cFtIA4kmGGuMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvU0ozS0pCRTVHaFFjODhMeHdXMGdEaVNZWWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYFKg6PAQAD
BwAqDo8BgAAwDQYJKoZIhvcNAQELBQADggEBAEGyYO1shP+k3jbDfjAcWce1zzhs
tw6+/ttOtEzKo6krPiHifZTaFImHbFHp48T6XZdnmDGSO0T8/txGe5p/zZ6bVB/L
urqaQw+LYQVrfBR2veg/HZ6dc+IktbCMaQBmicmjmk/zjLqsZZ+lZ2kc/Zf3Ja0X
UGqYOeGtZrfGP8pkMO2+8PXF1O4d3xCsOhqyCxdPL1D/494izEsKvUAMdm0v7Ico
6xl35TNBUSEBJGHx1U81scUB2tiwfWobhiDOGuSkNcoOym7OBy39sesuP3kn/QSa
ZxdX2K5CZv+QMJOrfDimacS8BS19zlbrtPskEjiScAcADnX4I9Tu3aRcWWc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org