Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/TQ7oACkJrR7esqm_DmmAhsNKNUE.roa
File: TQ7oACkJrR7esqm_DmmAhsNKNUE.roa (raw, json)
Hash identifier: iecnq5iZb3WfTDLnN47WSnIlvaCGuRHjTFVCwr80DlE=
Subject key identifier: 4D:0E:E8:00:29:09:AD:1E:DE:B2:A9:BF:0E:69:80:86:C3:4A:35:41
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 018CC86F511D8EA493C59863259C13A7B11D
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/TQ7oACkJrR7esqm_DmmAhsNKNUE.roa
Signing time: Tue 02 Jan 2024 04:29:47 +0000
ROA not before: Tue 02 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210616
IP address blocks: 2a0e:3247:8001::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 12:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:51:1d:8e:a4:93:c5:98:63:25:9c:13:a7:b1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Jan 2 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d0ee8002909ad1edeb2a9bf0e698086c34a3541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d9:2b:ee:8b:bd:16:29:89:00:05:b9:ec:47:
5f:83:d6:c1:2a:ba:c5:f3:cf:4a:70:f9:b3:d8:ab:
a7:77:3a:2f:ed:c7:04:7e:79:ae:4a:9b:46:42:ee:
05:6d:8c:04:11:80:00:14:9f:b8:70:ce:8d:60:63:
1b:07:57:f8:d6:91:43:5e:4f:75:0d:33:fe:63:4d:
4b:90:cf:52:f8:32:e8:50:35:67:e0:f2:8b:17:f8:
d3:85:ad:7f:67:d5:79:4f:57:55:48:4d:72:53:d3:
82:14:e9:c5:ac:4b:6e:74:32:09:cd:28:dd:f3:7f:
0f:ef:6d:27:75:b2:bb:8a:73:e6:21:c4:36:b3:90:
cb:0a:53:b3:38:3c:5f:b0:f3:dd:cb:53:a1:81:4c:
d6:49:28:6f:b3:3f:96:c6:7d:54:8e:11:42:de:7e:
da:c2:2a:8a:6c:51:39:4a:3c:e8:84:4f:09:ec:69:
5c:29:be:6b:08:a9:da:3f:5b:1a:bd:0d:99:0d:e1:
95:7d:aa:ba:49:26:62:66:76:9b:e4:5f:de:ef:65:
23:ce:2e:ea:be:99:4d:ee:b7:97:9b:25:2f:4e:05:
f4:5d:2b:12:c2:2b:8b:ba:5a:e8:66:d7:8b:70:c1:
fc:07:2b:77:14:fd:58:f3:97:1f:9a:a0:d0:0b:f6:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0E:E8:00:29:09:AD:1E:DE:B2:A9:BF:0E:69:80:86:C3:4A:35:41
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/TQ7oACkJrR7esqm_DmmAhsNKNUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:3247:8001::/48
Signature Algorithm: sha256WithRSAEncryption
d9:3e:49:73:5e:15:7c:96:8b:79:9e:93:33:29:0b:5a:94:79:
a2:f0:49:6e:80:91:55:9c:5f:d4:8b:8d:e0:43:92:c4:bf:41:
f7:4a:9c:2b:c1:20:23:99:00:6f:9f:43:49:17:31:73:d0:ad:
05:4f:21:8c:f5:5c:2c:6a:4a:f5:c8:76:ca:6a:90:eb:f3:3a:
67:cc:e9:a9:22:44:43:2b:8b:4c:2c:f7:a6:68:3f:8d:83:85:
fe:08:50:db:8c:4d:26:a4:c2:75:8a:26:8b:6b:9b:2f:dd:68:
ee:da:c5:98:73:82:54:70:50:0e:06:7c:16:db:ab:35:79:e1:
b8:a0:d9:bb:94:33:f7:81:01:4f:82:09:9d:50:ac:d4:98:34:
4d:cd:02:d3:81:20:92:38:e0:7e:0e:11:37:d4:2f:87:11:51:
e5:0b:8f:fc:9c:d6:4b:a7:e5:1c:e5:cb:b1:25:7e:f0:9f:a6:
0d:4e:cd:f5:e3:c8:2a:df:20:87:2e:23:54:6a:6a:10:89:ed:
3b:93:dc:8f:56:9b:f4:ce:e0:42:97:32:40:56:c6:d6:17:5d:
bb:77:77:f0:69:38:60:2a:a6:27:e1:a0:c6:1f:6c:1b:49:56:
b0:11:75:96:c5:8a:a5:ee:30:5e:86:1c:46:95:f1:be:05:9c:
5d:bb:18:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb1EdjqSTxZhjJZwTp7EdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjQwMTAyMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBlZTgwMDI5MDlhZDFlZGViMmE5YmYwZTY5ODA4NmMzNGEzNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytkr7ou9FimJAAW57Edfg9bBKrrF
889KcPmz2Kundzov7ccEfnmuSptGQu4FbYwEEYAAFJ+4cM6NYGMbB1f41pFDXk91
DTP+Y01LkM9S+DLoUDVn4PKLF/jTha1/Z9V5T1dVSE1yU9OCFOnFrEtudDIJzSjd
838P720ndbK7inPmIcQ2s5DLClOzODxfsPPdy1OhgUzWSShvsz+Wxn1UjhFC3n7a
wiqKbFE5SjzohE8J7GlcKb5rCKnaP1savQ2ZDeGVfaq6SSZiZnab5F/e72Ujzi7q
vplN7reXmyUvTgX0XSsSwiuLulroZteLcMH8Byt3FP1Y85cfmqDQC/YnUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE0O6AApCa0e3rKpvw5pgIbDSjVBMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvVFE3b0FDa0pyUjdlc3FtX0RtbUFoc05LTlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4yR4AB
MA0GCSqGSIb3DQEBCwUAA4IBAQDZPklzXhV8lot5npMzKQtalHmi8ElugJFVnF/U
i43gQ5LEv0H3SpwrwSAjmQBvn0NJFzFz0K0FTyGM9Vwsakr1yHbKapDr8zpnzOmp
IkRDK4tMLPemaD+Ng4X+CFDbjE0mpMJ1iiaLa5sv3Wju2sWYc4JUcFAOBnwW26s1
eeG4oNm7lDP3gQFPggmdUKzUmDRNzQLTgSCSOOB+DhE31C+HEVHlC4/8nNZLp+Uc
5cuxJX7wn6YNTs3148gq3yCHLiNUamoQie07k9yPVpv0zuBClzJAVsbWF127d3fw
aThgKqYn4aDGH2wbSVawEXWWxYql7jBehhxGlfG+BZxduxgd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:37 2024 by rpki-client on console-ams.rpki-client.org