Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/aTs_XgsW6DrDjxNLkqpm36DW-x8.roa
File: aTs_XgsW6DrDjxNLkqpm36DW-x8.roa (raw, json)
Hash identifier: lnx7TAPhvh7PXhPvv52WeU/Cza4Ms19K2AJQnqnXWbc=
Subject key identifier: 69:3B:3F:5E:0B:16:E8:3A:C3:8F:13:4B:92:AA:66:DF:A0:D6:FB:1F
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8F1B7B9C6FB8C1604A6B013B27966A6
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/aTs_XgsW6DrDjxNLkqpm36DW-x8.roa
Signing time: Thu 16 Nov 2023 16:23:21 +0000
ROA not before: Thu 16 Nov 2023 16:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12302
IP address blocks: 2a01:8fa::/32 maxlen: 32
2a01:878::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f1:b7:b9:c6:fb:8c:16:04:a6:b0:13:b2:79:66:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=693b3f5e0b16e83ac38f134b92aa66dfa0d6fb1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:41:82:f1:b8:18:3d:76:28:35:d4:13:0f:9d:
b4:7d:5f:d3:a7:3a:d8:4b:ad:9f:6a:8d:72:98:64:
5e:9c:f8:ae:4a:f1:de:ee:1e:17:fe:38:58:2d:e1:
31:be:33:ab:7d:7e:87:65:f4:9c:2f:83:27:e5:ac:
86:55:e9:9e:90:0f:c8:c5:0f:ff:bd:28:9a:70:e9:
7a:17:da:ed:05:18:dc:36:c9:95:39:31:26:d5:64:
83:c5:1d:56:a4:51:fb:a3:e8:fa:17:03:8a:0f:97:
c9:0d:e3:43:9b:f6:f1:7b:19:7f:98:1d:5d:c4:de:
d9:c2:0a:cd:0e:39:82:a0:d8:f7:67:59:81:01:97:
65:30:39:dc:21:4c:3b:d7:db:b7:5b:67:68:aa:b5:
94:ec:5a:a6:66:ef:40:14:bd:e6:5a:d1:43:8b:a5:
77:dc:a0:cb:e1:41:9b:34:89:80:81:f2:28:f5:ae:
cf:f7:70:74:a3:f2:b8:1f:4d:87:d4:2e:f4:26:20:
eb:e7:bd:cd:6e:79:e8:36:8e:34:e5:e5:29:11:a1:
ee:9a:a3:8b:e4:f6:99:3c:44:3a:be:93:19:a0:58:
9e:e9:20:be:b3:3c:da:68:8d:ec:da:4c:85:dc:36:
c7:30:a2:43:57:b5:63:2f:35:cc:31:01:98:e8:a0:
a8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3B:3F:5E:0B:16:E8:3A:C3:8F:13:4B:92:AA:66:DF:A0:D6:FB:1F
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/aTs_XgsW6DrDjxNLkqpm36DW-x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:878::/32
2a01:8fa::/32
Signature Algorithm: sha256WithRSAEncryption
6a:48:f3:8f:18:43:30:0f:70:d0:b6:3a:73:21:98:c3:94:51:
8a:69:12:8d:ec:9c:c7:c9:97:71:7c:07:bc:a9:6f:21:8a:d3:
7a:49:d3:de:9e:5a:1c:87:0f:47:31:04:3a:e2:9e:6b:cc:de:
ac:c6:7a:9b:ec:cd:5a:5d:df:8c:d6:a9:0a:7c:c9:9e:2b:b6:
22:f4:c4:81:a8:de:f2:67:ae:27:ca:4e:58:fe:1c:c2:a2:49:
70:12:7f:92:77:91:cd:6f:3f:da:93:30:f5:8c:77:04:70:b1:
8d:c1:5e:4e:10:9b:46:56:75:7f:64:fc:13:fb:c6:96:0a:17:
2f:fc:32:e7:c7:f6:79:66:d8:9d:75:6f:70:81:f5:e0:b5:be:
43:54:89:7d:ed:87:2c:bb:fa:54:68:b0:38:48:20:20:9c:9e:
b2:cf:33:dc:4a:4a:7b:34:17:b0:6b:97:83:ac:d5:b5:b1:93:
33:a6:c4:83:33:87:c6:26:fe:5b:61:60:39:cc:ab:ce:4c:4b:
af:95:6d:9a:8b:cb:de:c1:08:e5:8c:c1:cc:2a:06:55:80:e8:
e5:d5:e2:dc:d6:3c:7d:1b:a3:e5:8e:8e:50:52:df:b7:28:59:
23:ae:15:d7:4b:80:10:63:5a:25:3a:62:9f:5f:42:52:16:44:
45:82:64:7f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvY8be5xvuMFgSmsBOyeWamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNiM2Y1ZTBiMTZlODNhYzM4ZjEzNGI5MmFhNjZkZmEwZDZmYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUGC8bgYPXYoNdQTD520fV/TpzrY
S62fao1ymGRenPiuSvHe7h4X/jhYLeExvjOrfX6HZfScL4Mn5ayGVemekA/IxQ//
vSiacOl6F9rtBRjcNsmVOTEm1WSDxR1WpFH7o+j6FwOKD5fJDeNDm/bxexl/mB1d
xN7ZwgrNDjmCoNj3Z1mBAZdlMDncIUw719u3W2doqrWU7FqmZu9AFL3mWtFDi6V3
3KDL4UGbNImAgfIo9a7P93B0o/K4H02H1C70JiDr573NbnnoNo405eUpEaHumqOL
5PaZPEQ6vpMZoFie6SC+szzaaI3s2kyF3DbHMKJDV7VjLzXMMQGY6KCokQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGk7P14LFug6w48TS5KqZt+g1vsfMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvYVRzX1hnc1c2RHJEanhOTGtxcG0zNkRXLXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgEIeAMF
ACoBCPowDQYJKoZIhvcNAQELBQADggEBAGpI848YQzAPcNC2OnMhmMOUUYppEo3s
nMfJl3F8B7ypbyGK03pJ096eWhyHD0cxBDrinmvM3qzGepvszVpd34zWqQp8yZ4r
tiL0xIGo3vJnrifKTlj+HMKiSXASf5J3kc1vP9qTMPWMdwRwsY3BXk4Qm0ZWdX9k
/BP7xpYKFy/8MufH9nlm2J11b3CB9eC1vkNUiX3thyy7+lRosDhIICCcnrLPM9xK
Sns0F7Brl4Os1bWxkzOmxIMzh8Ym/lthYDnMq85MS6+VbZqLy97BCOWMwcwqBlWA
6OXV4tzWPH0bo+WOjlBS37coWSOuFddLgBBjWiU6Yp9fQlIWREWCZH8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:55 2024 by rpki-client on console-fra.rpki-client.org