Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/Tiy20Es-1jTst6jVGvARbrzdZZ8.roa
File: Tiy20Es-1jTst6jVGvARbrzdZZ8.roa (raw, json)
Hash identifier: umAr4H5LZVyDbNbbSLs6Ev2V/l7sVM/LyBapWpQcxrY=
Subject key identifier: 4E:2C:B6:D0:4B:3E:D6:34:EC:B7:A8:D5:1A:F0:11:6E:BC:DD:65:9F
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018A5653752A906A17D89A146905C06BFF71
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/Tiy20Es-1jTst6jVGvARbrzdZZ8.roa
Signing time: Sat 02 Sep 2023 14:37:04 +0000
ROA not before: Sat 02 Sep 2023 14:37:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 19:11:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:56:53:75:2a:90:6a:17:d8:9a:14:69:05:c0:6b:ff:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Sep 2 14:37:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e2cb6d04b3ed634ecb7a8d51af0116ebcdd659f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:75:f8:d1:6e:a2:86:e4:f0:45:be:ef:b3:0d:
67:2b:7f:08:b6:b8:60:99:d8:6d:95:5c:a7:4c:51:
60:dd:ae:c8:56:28:74:f3:a1:bf:60:06:59:1f:a6:
9f:95:62:5f:05:2e:2a:ec:91:32:b8:e1:aa:cf:f9:
45:5c:e5:3b:67:51:32:5f:5f:9e:74:7b:fa:05:db:
cf:12:65:b0:ed:c0:ab:80:4f:2e:52:95:de:45:da:
e1:77:20:3e:14:7a:42:9b:a3:77:39:34:1b:f8:c6:
64:48:23:17:9a:81:cc:57:cd:a9:df:db:ea:9d:89:
c6:f9:17:3f:24:9c:81:2e:20:fa:de:1d:92:47:d3:
02:03:23:34:2b:a9:a2:b8:7b:b9:34:8e:81:89:89:
df:71:92:7f:3d:f3:e7:26:0e:4e:c7:39:9f:4f:82:
da:be:87:3f:6a:20:88:2a:b2:19:7e:6f:ee:03:51:
89:f0:54:77:23:ab:25:3d:e2:5f:cb:b5:fb:b7:16:
d8:69:b2:8a:5d:af:04:57:59:55:d7:a2:4d:62:31:
a3:76:52:fc:a4:fe:d8:83:d4:97:a3:1b:3b:2a:58:
dc:b6:09:97:48:72:b8:dd:8f:bb:1b:c7:d5:07:af:
02:9e:a9:3e:bb:74:7b:c5:09:47:65:27:23:99:bd:
b1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2C:B6:D0:4B:3E:D6:34:EC:B7:A8:D5:1A:F0:11:6E:BC:DD:65:9F
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/Tiy20Es-1jTst6jVGvARbrzdZZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
Signature Algorithm: sha256WithRSAEncryption
9d:0b:b4:ed:c4:fb:4d:9e:7e:e6:81:fc:76:16:a2:b2:ce:e6:
63:8e:f6:21:0a:4b:22:81:df:9b:6a:03:d6:73:da:52:aa:7d:
f2:7b:99:7b:04:cf:fc:bc:99:43:37:b7:9d:14:28:fc:e7:e0:
80:d5:35:aa:17:72:2f:9b:ca:3f:bf:23:f2:61:24:e7:e6:31:
76:f9:b7:54:9f:32:09:ab:bc:58:f1:21:f4:ba:86:cb:55:e7:
38:21:1c:47:14:24:64:8b:51:03:0b:c9:1a:70:66:d3:48:34:
84:a9:33:99:56:cf:d7:1c:1e:48:7b:a7:99:b1:e1:a3:8f:20:
f8:ed:35:95:6b:cf:59:4c:1f:eb:82:37:94:73:2e:86:3a:9b:
0b:e0:d5:9d:f8:ab:98:de:c0:0f:f3:55:61:05:41:bd:28:c3:
66:3b:e2:11:d7:ea:70:f8:f9:e7:75:81:f2:01:b0:13:b7:5a:
41:33:c6:c8:8b:52:cd:91:ac:bf:d2:d8:35:6d:c5:6e:bc:fa:
f0:b8:2f:ba:e7:ad:b3:30:f7:e0:d2:3a:fb:2b:b9:91:bf:52:
c9:b5:65:69:e7:68:63:03:66:b9:0c:fb:bd:88:31:57:f7:bc:
29:81:b4:6f:59:58:1b:6e:a6:46:16:fc:7a:b9:ac:2e:77:6f:
90:87:9b:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpWU3UqkGoX2JoUaQXAa/9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwOTAyMTQzNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTJjYjZkMDRiM2VkNjM0ZWNiN2E4ZDUxYWYwMTE2ZWJjZGQ2NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3X40W6ihuTwRb7vsw1nK38Itrhg
mdhtlVynTFFg3a7IVih086G/YAZZH6aflWJfBS4q7JEyuOGqz/lFXOU7Z1EyX1+e
dHv6BdvPEmWw7cCrgE8uUpXeRdrhdyA+FHpCm6N3OTQb+MZkSCMXmoHMV82p39vq
nYnG+Rc/JJyBLiD63h2SR9MCAyM0K6miuHu5NI6BiYnfcZJ/PfPnJg5OxzmfT4La
voc/aiCIKrIZfm/uA1GJ8FR3I6slPeJfy7X7txbYabKKXa8EV1lV16JNYjGjdlL8
pP7Yg9SXoxs7KljctgmXSHK43Y+7G8fVB68Cnqk+u3R7xQlHZScjmb2xBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE4sttBLPtY07Leo1RrwEW683WWfMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvVGl5MjBFcy0xalRzdDZqVkd2QVJicnpkWlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfbgDAN
BgkqhkiG9w0BAQsFAAOCAQEAnQu07cT7TZ5+5oH8dhaiss7mY472IQpLIoHfm2oD
1nPaUqp98nuZewTP/LyZQze3nRQo/OfggNU1qhdyL5vKP78j8mEk5+Yxdvm3VJ8y
Cau8WPEh9LqGy1XnOCEcRxQkZItRAwvJGnBm00g0hKkzmVbP1xweSHunmbHho48g
+O01lWvPWUwf64I3lHMuhjqbC+DVnfirmN7AD/NVYQVBvSjDZjviEdfqcPj553WB
8gGwE7daQTPGyItSzZGsv9LYNW3Fbrz68LgvuuetszD34NI6+yu5kb9SybVlaedo
YwNmuQz7vYgxV/e8KYG0b1lYG26mRhb8ermsLndvkIebYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org