Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/3woT-sbi_Z3aMOqEdOMsKMabeis.roa
File: 3woT-sbi_Z3aMOqEdOMsKMabeis.roa (raw, json)
Hash identifier: /2lQOQHX/oQywYiIsBjxsYWSgFnG0/rTfeAKGNTGb28=
Subject key identifier: DF:0A:13:FA:C6:E2:FD:9D:DA:30:EA:84:74:E3:2C:28:C6:9B:7A:2B
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0185710C3B5F69F3ECB6E9DAAA5A153FB05E
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/3woT-sbi_Z3aMOqEdOMsKMabeis.roa
Signing time: Mon 02 Jan 2023 05:55:04 +0000
ROA not before: Mon 02 Jan 2023 05:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 2a04:ff00:500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:3b:5f:69:f3:ec:b6:e9:da:aa:5a:15:3f:b0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 05:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df0a13fac6e2fd9dda30ea8474e32c28c69b7a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:97:eb:c0:29:2b:69:2e:65:a5:1f:00:8e:
53:63:85:bd:ef:90:f3:7e:24:8c:39:ad:3a:57:2d:
72:ce:21:17:b8:eb:cd:71:47:52:07:d0:69:5c:c0:
4a:30:f4:5a:44:b3:4f:7b:81:c6:46:bf:8a:fc:95:
14:46:f3:bf:da:4a:00:95:f6:58:88:df:ab:f3:7f:
47:90:16:2d:39:23:0c:04:2d:63:5c:5c:d0:09:03:
c2:4c:4b:0a:af:2b:a8:79:8c:21:7e:8f:46:a7:d7:
12:49:7b:b2:68:96:32:40:c2:eb:e9:a1:85:5f:2a:
5a:e1:2a:2a:e3:28:07:1c:c3:59:62:47:cb:e1:41:
0b:4f:fd:ca:96:58:80:99:fe:e6:32:3e:41:e9:43:
9d:bc:53:68:ab:ec:da:69:e5:b1:26:db:57:eb:d2:
9b:a1:09:2a:0a:a6:94:09:34:e5:ef:15:72:85:cf:
a6:de:7b:1b:b7:fa:55:29:ff:52:a6:b8:58:e6:da:
09:d9:ac:b1:f6:c3:d0:14:f6:85:31:9d:87:67:a0:
78:a1:af:7d:22:09:78:44:33:3c:02:a2:c9:92:4d:
45:4b:48:c7:b1:ed:ba:96:98:b1:60:72:f4:e8:47:
01:1b:b0:47:34:b1:35:cd:ed:55:77:3d:60:40:06:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0A:13:FA:C6:E2:FD:9D:DA:30:EA:84:74:E3:2C:28:C6:9B:7A:2B
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/3woT-sbi_Z3aMOqEdOMsKMabeis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:500::/48
Signature Algorithm: sha256WithRSAEncryption
64:57:eb:1d:9e:27:b1:c4:6e:94:6e:f1:2f:cf:64:26:63:2c:
dd:9b:d6:2d:49:11:58:f5:ff:35:10:56:ed:0d:b5:01:11:9e:
9f:15:77:94:1d:d1:76:7d:40:b7:07:9a:57:bb:39:88:91:df:
55:4c:db:16:34:44:c1:45:fe:04:6b:13:53:35:0d:26:1d:a1:
10:73:54:87:56:3c:2d:1c:a0:32:cc:ab:09:dd:98:de:0d:84:
6e:0a:ae:ed:08:0d:ab:b9:b5:0e:9b:f4:b8:e4:eb:1b:a7:fd:
29:2d:dc:11:7c:1a:ab:3c:da:05:49:af:d9:77:2d:83:7a:7e:
be:3f:be:d6:75:65:07:62:6a:87:86:ea:3a:f0:fd:a7:ae:2f:
f9:2e:77:1a:57:e3:c9:81:4f:84:09:d9:69:f5:c7:10:c8:2c:
84:82:88:1a:62:eb:0f:53:a8:92:4c:72:2d:63:e2:b7:2f:07:
4b:63:dd:17:ca:5a:cc:05:d4:16:d5:2c:55:39:f7:df:49:14:
25:fe:4b:c7:13:d6:73:9d:28:00:7b:2e:94:03:d5:4c:80:47:
00:f2:85:7c:6d:22:46:11:53:87:14:96:4b:ad:77:98:dc:e9:
4e:68:32:99:d6:f4:2c:fd:ed:8f:24:d4:43:86:f5:da:2b:2d:
3c:39:de:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxDDtfafPstunaqloVP7BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwMTAyMDU1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjBhMTNmYWM2ZTJmZDlkZGEzMGVhODQ3NGUzMmMyOGM2OWI3YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluaX68ApK2kuZaUfAI5TY4W975Dz
fiSMOa06Vy1yziEXuOvNcUdSB9BpXMBKMPRaRLNPe4HGRr+K/JUURvO/2koAlfZY
iN+r839HkBYtOSMMBC1jXFzQCQPCTEsKryuoeYwhfo9Gp9cSSXuyaJYyQMLr6aGF
Xypa4Soq4ygHHMNZYkfL4UELT/3KlliAmf7mMj5B6UOdvFNoq+zaaeWxJttX69Kb
oQkqCqaUCTTl7xVyhc+m3nsbt/pVKf9SprhY5toJ2ayx9sPQFPaFMZ2HZ6B4oa99
Igl4RDM8AqLJkk1FS0jHse26lpixYHL06EcBG7BHNLE1ze1Vdz1gQAaE5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN8KE/rG4v2d2jDqhHTjLCjGm3orMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvM3dvVC1zYmlfWjNhTU9xRWRPTXNLTWFiZWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgT/AAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQBkV+sdniexxG6UbvEvz2QmYyzdm9YtSRFY9f81
EFbtDbUBEZ6fFXeUHdF2fUC3B5pXuzmIkd9VTNsWNETBRf4EaxNTNQ0mHaEQc1SH
VjwtHKAyzKsJ3ZjeDYRuCq7tCA2rubUOm/S45Osbp/0pLdwRfBqrPNoFSa/Zdy2D
en6+P77WdWUHYmqHhuo68P2nri/5LncaV+PJgU+ECdlp9ccQyCyEgogaYusPU6iS
THItY+K3LwdLY90XylrMBdQW1SxVOfffSRQl/kvHE9ZznSgAey6UA9VMgEcA8oV8
bSJGEVOHFJZLrXeY3OlOaDKZ1vQs/e2PJNRDhvXaKy08Od5s
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:25 2024 by rpki-client on console-fra.rpki-client.org