Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/3HzvdakL8ilp4wJt3L910MWiAvk.roa
File: 3HzvdakL8ilp4wJt3L910MWiAvk.roa (raw, json)
Hash identifier: 5Yns7tkH5cwRFqBeweEclQcT3luXAT1CDq70kcYwBPE=
Subject key identifier: DC:7C:EF:75:A9:0B:F2:29:69:E3:02:6D:DC:BF:75:D0:C5:A2:02:F9
Certificate issuer: /CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Certificate serial: 01856E2F91AF4906E00A5567A6D27119F9CE
Authority key identifier: 35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/3HzvdakL8ilp4wJt3L910MWiAvk.roa
Signing time: Sun 01 Jan 2023 16:34:49 +0000
ROA not before: Sun 01 Jan 2023 16:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12337
IP address blocks: 2001:67c:1933::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:91:af:49:06:e0:0a:55:67:a6:d2:71:19:f9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Validity
Not Before: Jan 1 16:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc7cef75a90bf22969e3026ddcbf75d0c5a202f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c7:c6:86:be:b2:96:e1:8e:fd:13:08:6f:83:
2a:47:05:77:17:b2:3f:f9:75:d0:fa:27:ce:55:04:
16:9b:63:00:ea:85:06:21:29:73:66:0e:05:99:96:
93:0c:b4:d3:97:6a:8f:eb:23:05:54:ee:b7:3f:7b:
ed:03:f9:df:64:55:c6:0e:92:ad:c2:35:c6:73:e3:
26:9c:28:6b:d1:21:ec:fa:c6:31:8b:6c:20:fe:e8:
13:c8:01:65:95:be:d5:52:25:7d:41:45:6f:08:cb:
91:dc:1c:46:b1:f9:b6:10:a3:4b:3b:40:da:27:99:
ee:00:5f:bb:6d:19:3c:bf:95:cc:fb:b2:cc:9e:7e:
ad:a3:0e:6e:6f:31:25:de:cd:25:83:8c:13:a7:7d:
21:ef:af:3f:24:91:f1:59:ca:b3:4c:f9:78:c2:70:
ef:7e:b7:8c:4f:89:bb:09:d6:db:48:f0:26:bf:fe:
4a:ad:9b:74:44:1e:f1:84:6e:02:45:4b:ec:cf:ff:
62:21:63:5c:8f:22:51:e3:9a:97:00:5c:56:90:81:
2a:cc:81:ea:dc:ec:dd:fb:b7:44:be:fd:d1:10:06:
82:40:e2:5c:29:59:6c:fe:07:94:ce:ea:bf:88:c1:
b9:05:20:67:9a:86:c8:c2:92:6b:5e:9a:c1:46:7d:
54:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7C:EF:75:A9:0B:F2:29:69:E3:02:6D:DC:BF:75:D0:C5:A2:02:F9
X509v3 Authority Key Identifier:
keyid:35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/3HzvdakL8ilp4wJt3L910MWiAvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1933::/48
Signature Algorithm: sha256WithRSAEncryption
4f:4b:a6:ce:69:ca:2d:c7:7d:3b:71:52:04:46:9c:ba:aa:72:
b9:2d:7c:f6:a9:f6:e5:f9:e2:48:3e:48:77:91:9e:8e:ca:c0:
ce:7a:a7:68:0f:dd:89:b9:2f:35:10:55:66:a9:ff:fb:6a:0f:
db:aa:c4:30:2d:32:21:b5:2c:3c:cc:ca:5f:c2:5b:e5:68:9a:
f9:c2:08:c3:eb:44:4a:ed:79:dd:d9:7d:a2:ba:46:ed:7e:ed:
d6:74:85:c8:a6:d7:3a:e4:a8:d7:a0:e6:c6:e2:da:0b:98:5d:
b5:5a:06:9c:c7:fd:02:2f:44:49:bf:41:be:74:c6:55:d1:57:
2d:9f:6d:b4:34:e8:65:df:3e:5a:ec:2a:1a:f4:d8:41:db:37:
67:c0:98:93:9b:76:73:96:ce:fc:f5:62:22:d6:78:b9:81:19:
47:c6:a0:fd:99:b6:3f:3b:54:3c:cf:fc:c3:d7:35:a6:bf:ee:
7d:b8:00:43:2b:81:5b:2e:4d:c7:bc:57:4f:af:7c:16:73:0a:
19:91:be:6a:32:28:38:bf:bc:22:12:ff:ba:97:7b:ee:d9:1c:
12:6e:bd:7c:f1:3a:1e:83:35:12:9d:9a:74:7d:49:32:2f:98:
30:44:a4:e9:1d:0d:f0:2a:92:13:f6:4c:85:16:03:e3:74:23:
0f:0b:3c:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuL5GvSQbgClVnptJxGfnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YWMzMDhjOTRmNTdiMTFjZWUxYmE4NGVmMTI3ODQ0N2M2
Nzg1ZWIwHhcNMjMwMTAxMTYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdjZWY3NWE5MGJmMjI5NjllMzAyNmRkY2JmNzVkMGM1YTIwMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusfGhr6yluGO/RMIb4MqRwV3F7I/
+XXQ+ifOVQQWm2MA6oUGISlzZg4FmZaTDLTTl2qP6yMFVO63P3vtA/nfZFXGDpKt
wjXGc+MmnChr0SHs+sYxi2wg/ugTyAFllb7VUiV9QUVvCMuR3BxGsfm2EKNLO0Da
J5nuAF+7bRk8v5XM+7LMnn6tow5ubzEl3s0lg4wTp30h768/JJHxWcqzTPl4wnDv
freMT4m7CdbbSPAmv/5KrZt0RB7xhG4CRUvsz/9iIWNcjyJR45qXAFxWkIEqzIHq
3Ozd+7dEvv3REAaCQOJcKVls/geUzuq/iMG5BSBnmobIwpJrXprBRn1UVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNx873WpC/IpaeMCbdy/ddDFogL5MB8GA1UdIwQY
MBaAFDWsMIyU9XsRzuG6hO8SeER8Z4XrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDct
NjBkMzU1NTRjZTY0LzEvM0h6dmRha0w4aWxwNHdKdDNMOTEwTVdpQXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDctNjBkMzU1NTRjZTY0
LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBkz
MA0GCSqGSIb3DQEBCwUAA4IBAQBPS6bOacotx307cVIERpy6qnK5LXz2qfbl+eJI
Pkh3kZ6OysDOeqdoD92JuS81EFVmqf/7ag/bqsQwLTIhtSw8zMpfwlvlaJr5wgjD
60RK7Xnd2X2iukbtfu3WdIXIptc65KjXoObG4toLmF21Wgacx/0CL0RJv0G+dMZV
0Vctn220NOhl3z5a7Coa9NhB2zdnwJiTm3Zzls789WIi1ni5gRlHxqD9mbY/O1Q8
z/zD1zWmv+59uABDK4FbLk3HvFdPr3wWcwoZkb5qMig4v7wiEv+6l3vu2RwSbr18
8ToegzUSnZp0fUkyL5gwRKTpHQ3wKpIT9kyFFgPjdCMPCzw4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:46 2024 by rpki-client on console-fra.rpki-client.org