Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/3SFNiYHARNh3RRtN7DtM7djTsBU.roa
File: 3SFNiYHARNh3RRtN7DtM7djTsBU.roa (raw, json)
Hash identifier: 1BGSCgP9oWGCTv+SlmNYrGAe5iS8kLMrSNmhWMgArQE=
Subject key identifier: DD:21:4D:89:81:C0:44:D8:77:45:1B:4D:EC:3B:4C:ED:D8:D3:B0:15
Certificate issuer: /CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d
Certificate serial: 018E6722E986D212E4F45C4B3EA5295CE50F
Authority key identifier: A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/3SFNiYHARNh3RRtN7DtM7djTsBU.roa
Signing time: Fri 22 Mar 2024 17:08:44 +0000
ROA not before: Fri 22 Mar 2024 17:08:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60318
IP address blocks: 2a06:b300::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 19:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:67:22:e9:86:d2:12:e4:f4:5c:4b:3e:a5:29:5c:e5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d
Validity
Not Before: Mar 22 17:08:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd214d8981c044d877451b4dec3b4cedd8d3b015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:0d:29:f5:3c:1a:1b:56:37:66:7a:6a:3e:
67:91:a7:3c:00:9f:e5:c7:6d:d1:22:80:92:80:34:
75:c4:f0:89:fb:15:66:b5:b1:06:31:b4:3e:81:80:
d8:73:7e:be:57:16:1a:8f:9d:44:91:a8:44:71:b5:
4e:7d:5c:47:f2:64:84:74:23:45:3f:ff:99:4e:58:
38:1d:42:e1:c4:a2:59:96:2c:e3:20:51:36:04:f6:
b6:5d:bd:ab:49:b9:08:96:5d:c3:79:2d:16:fa:2f:
8d:69:23:69:be:f3:dd:e1:67:5e:d2:54:dc:a8:79:
59:0a:f6:7d:0f:ec:f7:93:06:eb:f5:4e:df:21:8d:
2c:6a:5f:27:98:e8:6c:d7:6f:b9:e4:e7:c2:bb:31:
d8:93:cf:15:d8:b8:8f:16:59:29:61:1f:dc:f4:81:
12:d8:9e:b5:75:93:0f:49:ae:45:61:45:43:e9:1f:
e1:db:6b:15:08:11:91:df:a4:d3:5a:18:2a:9e:13:
a0:41:e3:20:bb:84:52:a1:f4:f3:e4:0e:5c:5d:af:
bd:c9:6f:b9:81:74:23:23:67:47:e0:13:5a:22:36:
35:17:7c:47:76:08:7e:af:cf:93:0e:bb:98:e6:4f:
38:8a:b2:05:16:e2:8d:15:d8:aa:13:e8:91:69:18:
dd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:21:4D:89:81:C0:44:D8:77:45:1B:4D:EC:3B:4C:ED:D8:D3:B0:15
X509v3 Authority Key Identifier:
keyid:A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/3SFNiYHARNh3RRtN7DtM7djTsBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b300::/48
Signature Algorithm: sha256WithRSAEncryption
14:3d:8f:a1:9b:31:3f:76:bb:f1:eb:9d:5c:1a:01:9c:3f:3f:
ca:d3:09:88:85:c8:1c:01:59:3b:7d:c1:d6:ea:73:c4:b4:a9:
96:11:fd:18:46:35:3d:25:fb:92:e1:2d:62:60:aa:3f:73:05:
eb:13:91:f2:94:18:c8:b2:3c:d9:10:04:09:fa:c7:ce:7e:77:
93:e3:84:dd:c5:1f:73:20:d7:4e:26:0a:16:33:2f:f3:fa:88:
32:1f:dc:c9:c4:db:7f:0f:fd:7b:91:51:22:d8:c1:30:aa:eb:
28:e4:e0:e4:16:0d:11:69:26:0a:4b:b2:aa:75:b4:dd:a1:39:
54:e6:d3:70:2c:7a:3b:96:06:f9:07:2d:2e:72:6d:55:91:20:
c9:d0:f9:7d:23:dc:52:bd:94:88:05:ed:db:e5:ba:6b:54:6c:
61:85:82:e4:ea:4a:99:9f:cf:88:f1:37:20:3f:7c:b9:ba:c9:
ab:a8:b3:0a:9c:82:bc:e0:45:3e:73:51:04:06:41:92:3b:4c:
86:3a:1f:18:8c:d5:5f:2b:9a:50:87:00:f3:a9:18:44:02:ba:
69:2b:44:67:04:e2:fc:d0:b5:b3:cf:b7:6c:90:ae:b5:0b:39:
6b:e8:67:5e:1d:1f:3b:f7:10:6e:2a:7c:d1:14:d3:58:6c:44:
b4:ce:e7:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY5nIumG0hLk9FxLPqUpXOUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTA1OTA0ZWM4MTc0NmEwYTY2ZDIwN2Y1ZDM2ZjhkOTc4
ODhhMGQwHhcNMjQwMzIyMTcwODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDIxNGQ4OTgxYzA0NGQ4Nzc0NTFiNGRlYzNiNGNlZGQ4ZDNiMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1INKfU8GhtWN2Z6aj5nkac8AJ/l
x23RIoCSgDR1xPCJ+xVmtbEGMbQ+gYDYc36+VxYaj51EkahEcbVOfVxH8mSEdCNF
P/+ZTlg4HULhxKJZlizjIFE2BPa2Xb2rSbkIll3DeS0W+i+NaSNpvvPd4Wde0lTc
qHlZCvZ9D+z3kwbr9U7fIY0sal8nmOhs12+55OfCuzHYk88V2LiPFlkpYR/c9IES
2J61dZMPSa5FYUVD6R/h22sVCBGR36TTWhgqnhOgQeMgu4RSofTz5A5cXa+9yW+5
gXQjI2dH4BNaIjY1F3xHdgh+r8+TDruY5k84irIFFuKNFdiqE+iRaRjdewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN0hTYmBwETYd0UbTew7TO3Y07AVMB8GA1UdIwQY
MBaAFKagWQTsgXRqCmbSB/XTb42XiIoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDkt
NWRmNmE0NjMwMzViLzEvM1NGTmlZSEFSTmgzUlJ0TjdEdE03ZGpUc0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDktNWRmNmE0NjMwMzVi
LzEvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgazAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAUPY+hmzE/drvx651cGgGcPz/K0wmIhcgcAVk7
fcHW6nPEtKmWEf0YRjU9JfuS4S1iYKo/cwXrE5HylBjIsjzZEAQJ+sfOfneT44Td
xR9zINdOJgoWMy/z+ogyH9zJxNt/D/17kVEi2MEwquso5ODkFg0RaSYKS7KqdbTd
oTlU5tNwLHo7lgb5By0ucm1VkSDJ0Pl9I9xSvZSIBe3b5bprVGxhhYLk6kqZn8+I
8TcgP3y5usmrqLMKnIK84EU+c1EEBkGSO0yGOh8YjNVfK5pQhwDzqRhEArppK0Rn
BOL80LWzz7dskK61Czlr6GdeHR879xBuKnzRFNNYbES0zudZ
-----END CERTIFICATE-----
Generated at Sat Apr 13 20:10:50 2024 by rpki-client on console-ams.rpki-client.org