Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/nYc6hbWk37ElH5BSX61jImyZnfU.roa
File: nYc6hbWk37ElH5BSX61jImyZnfU.roa (raw, json)
Hash identifier: rsjsfMup5JykD6VcJ2tf8xt99ye2AIFd8YcMtxE5ZdU=
Subject key identifier: 9D:87:3A:85:B5:A4:DF:B1:25:1F:90:52:5F:AD:63:22:6C:99:9D:F5
Certificate issuer: /CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Certificate serial: 018570FBB16503A4FDBA1145C28D60513CAD
Authority key identifier: 4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/nYc6hbWk37ElH5BSX61jImyZnfU.roa
Signing time: Mon 02 Jan 2023 05:37:01 +0000
ROA not before: Mon 02 Jan 2023 05:37:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57757
IP address blocks: 2a0e:4480::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b1:65:03:a4:fd:ba:11:45:c2:8d:60:51:3c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Validity
Not Before: Jan 2 05:37:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d873a85b5a4dfb1251f90525fad63226c999df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:27:e1:84:f4:55:df:5e:d5:28:7a:34:33:b4:
b2:20:59:79:88:e4:03:01:a5:58:0b:03:31:e9:80:
b5:92:a4:95:b1:68:59:9b:1e:c3:49:1f:9a:3e:ec:
d6:41:f7:4e:f3:5c:09:78:07:8b:58:24:f1:11:6c:
12:79:5d:9a:eb:06:ae:54:57:cb:0a:66:86:34:68:
46:c1:c7:3a:e9:b6:fb:08:03:65:e5:d2:7a:5b:5e:
a0:94:32:26:37:3d:cb:42:52:23:10:22:b8:d0:97:
19:f6:5c:7b:96:05:e1:d3:e8:c7:20:90:81:c0:7a:
e6:04:ae:d9:35:a5:da:b3:57:08:fc:04:8e:09:35:
0c:d1:e7:7f:ac:75:b9:43:82:d5:f2:ce:a6:4f:d7:
1d:1f:6b:92:74:ca:21:11:43:3e:da:f5:db:d6:d6:
9b:c3:99:28:46:a0:49:4e:9e:ea:d5:72:ce:40:95:
35:bf:25:81:99:60:f6:04:8a:67:8b:c6:a0:73:4f:
e4:4c:eb:4f:1a:ce:af:ee:68:45:25:4f:2f:17:9a:
a8:60:bc:78:04:cb:16:3a:fd:29:2a:e7:f5:6f:ef:
6e:25:5a:5a:c0:1b:d6:a0:6f:e3:da:b7:31:0e:85:
4f:b5:fc:a4:05:18:2a:ae:2f:13:45:f3:92:59:b4:
44:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:87:3A:85:B5:A4:DF:B1:25:1F:90:52:5F:AD:63:22:6C:99:9D:F5
X509v3 Authority Key Identifier:
keyid:4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/nYc6hbWk37ElH5BSX61jImyZnfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/TATgEjGx24ILH11UKDSrBfaT_Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4480::/32
Signature Algorithm: sha256WithRSAEncryption
58:75:03:90:3e:f8:cc:17:f6:4e:02:f4:f8:52:ee:41:5f:fb:
47:be:c6:9c:35:b0:af:5a:48:4a:b7:03:8d:c0:10:0d:69:83:
bb:29:1a:08:84:87:aa:ed:61:75:9f:3b:c3:7d:df:cb:a7:f5:
d4:c9:f5:c0:20:ca:a8:00:74:f9:74:ed:ba:45:cb:1b:1e:74:
3d:3c:21:7a:e3:81:fc:91:22:f9:56:3b:3a:89:69:67:02:aa:
1e:d2:63:be:40:52:7c:fc:d9:b1:c3:86:f1:17:87:a4:89:77:
42:7b:92:65:a7:aa:82:b8:68:b3:14:46:55:bf:3b:cc:b7:20:
c9:7c:ed:65:4e:fb:07:8d:3c:65:40:23:4d:e3:50:e8:b0:ed:
df:32:7e:b8:df:e8:6f:b1:31:84:d0:c9:67:37:0c:dc:03:75:
c0:2f:67:ea:bb:51:ae:e9:1a:b7:65:dd:33:ac:bf:b5:03:74:
58:c9:3d:05:f0:a2:85:83:6b:43:09:c5:6f:a7:ef:57:e9:65:
38:24:13:0b:8c:ed:e4:d9:71:9f:53:e4:c0:f0:ab:6e:3c:7a:
32:bd:7c:3f:a6:80:84:c1:d0:bd:1b:9d:0e:84:fe:5f:f4:77:
d0:99:6b:c9:79:01:98:7d:14:32:29:02:ee:ff:dd:69:a1:15:
0e:26:9b:da
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVw+7FlA6T9uhFFwo1gUTytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDRlMDEyMzFiMWRiODIwYjFmNWQ1NDI4MzRhYjA1ZjY5
M2ZkNzgwHhcNMjMwMTAyMDUzNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg3M2E4NWI1YTRkZmIxMjUxZjkwNTI1ZmFkNjMyMjZjOTk5ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ifhhPRV317VKHo0M7SyIFl5iOQD
AaVYCwMx6YC1kqSVsWhZmx7DSR+aPuzWQfdO81wJeAeLWCTxEWwSeV2a6wauVFfL
CmaGNGhGwcc66bb7CANl5dJ6W16glDImNz3LQlIjECK40JcZ9lx7lgXh0+jHIJCB
wHrmBK7ZNaXas1cI/ASOCTUM0ed/rHW5Q4LV8s6mT9cdH2uSdMohEUM+2vXb1tab
w5koRqBJTp7q1XLOQJU1vyWBmWD2BIpni8agc0/kTOtPGs6v7mhFJU8vF5qoYLx4
BMsWOv0pKuf1b+9uJVpawBvWoG/j2rcxDoVPtfykBRgqri8TRfOSWbREywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ2HOoW1pN+xJR+QUl+tYyJsmZ31MB8GA1UdIwQY
MBaAFEwE4BIxsduCCx9dVCg0qwX2k/14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDct
Y2RhMTE3ZmU4MzBkLzEvblljNmhiV2szN0VsSDVCU1g2MWpJbXlabmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDctY2RhMTE3ZmU4MzBk
LzEvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5EgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWHUDkD74zBf2TgL0+FLuQV/7R77GnDWwr1pISrcD
jcAQDWmDuykaCISHqu1hdZ87w33fy6f11Mn1wCDKqAB0+XTtukXLGx50PTwheuOB
/JEi+VY7OolpZwKqHtJjvkBSfPzZscOG8ReHpIl3QnuSZaeqgrhosxRGVb87zLcg
yXztZU77B408ZUAjTeNQ6LDt3zJ+uN/ob7ExhNDJZzcM3AN1wC9n6rtRrukat2Xd
M6y/tQN0WMk9BfCihYNrQwnFb6fvV+llOCQTC4zt5Nlxn1PkwPCrbjx6Mr18P6aA
hMHQvRudDoT+X/R30JlryXkBmH0UMikC7v/daaEVDiab2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:33 2024 by rpki-client on console-ams.rpki-client.org