Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/TevEIjfxiOC05pRG0xxPdasCw7E.roa
File: TevEIjfxiOC05pRG0xxPdasCw7E.roa (raw, json)
Hash identifier: Gp71sTIUo0GPlndwfZNhB5RPRwhWNFER2r2TMxn3aNk=
Subject key identifier: 4D:EB:C4:22:37:F1:88:E0:B4:E6:94:46:D3:1C:4F:75:AB:02:C3:B1
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018C1B567B20B98E34FC6C4FAC9F9E3AA9D7
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/TevEIjfxiOC05pRG0xxPdasCw7E.roa
Signing time: Wed 29 Nov 2023 13:48:21 +0000
ROA not before: Wed 29 Nov 2023 13:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a14:b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:56:7b:20:b9:8e:34:fc:6c:4f:ac:9f:9e:3a:a9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Nov 29 13:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4debc42237f188e0b4e69446d31c4f75ab02c3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f4:e1:1d:a0:65:85:7a:ec:3f:42:34:ba:44:
93:d1:80:b4:a1:66:a0:63:38:43:49:2f:a4:83:ef:
16:fd:86:56:a7:eb:bd:33:e2:0c:5d:8d:f0:4a:5b:
19:83:41:29:ff:8b:64:05:b3:ec:fe:5d:62:5f:4f:
c0:36:e2:8e:be:0e:ae:a4:6d:f7:d0:e1:54:0e:dd:
d8:5e:b1:00:3b:e6:e1:b0:ed:0f:76:8a:c7:9a:22:
51:f1:be:20:6d:5c:ec:7c:58:f8:6b:ef:f8:c8:3c:
39:1a:42:c8:f8:55:2e:e6:3e:42:32:2d:a4:e9:1e:
83:35:5d:81:59:57:14:bc:12:cd:fa:a7:ae:29:9f:
5a:f0:d7:81:a8:f8:d1:28:42:f0:0a:e8:41:b7:ad:
7b:81:82:3f:bd:63:f7:48:0f:95:a7:6f:53:39:e1:
66:38:54:f4:eb:0c:65:a2:08:b7:a8:b9:a5:03:79:
01:fc:86:15:41:d3:d5:05:34:9b:aa:3e:2d:4c:1a:
12:1b:e1:96:0d:a4:f6:26:35:93:7d:96:50:bd:f7:
88:23:d6:b4:54:e6:55:22:ef:b3:f1:ad:e2:54:71:
ba:09:ca:3b:8c:fa:f1:04:42:94:2b:03:30:8a:cb:
e1:4c:45:e4:5d:22:f2:f2:e3:71:77:65:ff:c9:4b:
24:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:EB:C4:22:37:F1:88:E0:B4:E6:94:46:D3:1C:4F:75:AB:02:C3:B1
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/TevEIjfxiOC05pRG0xxPdasCw7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b80::/32
Signature Algorithm: sha256WithRSAEncryption
6f:84:88:3d:cf:1a:20:f8:bd:58:d8:db:05:3d:a3:6e:5a:f3:
5b:11:89:7c:ad:45:8a:3a:22:ac:49:6d:4e:0c:b9:12:10:6e:
b1:8c:8d:59:a6:41:d2:1b:bd:0a:e5:df:5c:63:2e:2d:f5:26:
b1:f2:3a:34:f7:c5:14:1d:3d:ba:3c:d3:d9:eb:b0:1a:e2:f6:
37:58:d4:c0:68:c0:5b:2b:e1:33:2a:2f:48:25:95:6b:f3:61:
36:e0:a3:11:a4:51:47:33:24:bb:28:4f:1a:e9:df:42:e1:a1:
bb:ee:a1:f4:37:f2:cb:f8:70:30:b9:0c:fa:de:b6:51:9c:40:
dc:68:97:05:70:92:a7:85:ef:ae:2f:37:48:9b:38:a4:eb:09:
f1:3b:77:d9:ca:ff:d6:1a:11:59:65:7c:cf:82:c9:33:10:44:
57:14:d5:ca:8e:24:dd:91:d3:0a:a0:28:8f:d4:19:8f:b8:e6:
57:e3:ac:bb:e9:87:b2:7f:00:74:45:53:83:79:01:d0:e5:d0:
e8:c0:c8:50:e9:3f:50:6c:8c:c0:e4:60:b9:f9:fa:9b:3d:1f:
ae:fa:d1:a1:0a:20:50:a7:5e:7a:63:1a:ea:a3:29:25:06:c1:
9e:0f:ad:64:f4:39:4a:39:77:19:50:e5:58:ed:ef:6d:14:1b:
66:e5:26:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwbVnsguY40/GxPrJ+eOqnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjMxMTI5MTM0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGViYzQyMjM3ZjE4OGUwYjRlNjk0NDZkMzFjNGY3NWFiMDJjM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/ThHaBlhXrsP0I0ukST0YC0oWag
YzhDSS+kg+8W/YZWp+u9M+IMXY3wSlsZg0Ep/4tkBbPs/l1iX0/ANuKOvg6upG33
0OFUDt3YXrEAO+bhsO0PdorHmiJR8b4gbVzsfFj4a+/4yDw5GkLI+FUu5j5CMi2k
6R6DNV2BWVcUvBLN+qeuKZ9a8NeBqPjRKELwCuhBt617gYI/vWP3SA+Vp29TOeFm
OFT06wxlogi3qLmlA3kB/IYVQdPVBTSbqj4tTBoSG+GWDaT2JjWTfZZQvfeII9a0
VOZVIu+z8a3iVHG6Cco7jPrxBEKUKwMwisvhTEXkXSLy8uNxd2X/yUskRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE3rxCI38YjgtOaURtMcT3WrAsOxMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvVGV2RUlqZnhpT0MwNXBSRzB4eFBkYXNDdzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAb4SIPc8aIPi9WNjbBT2jblrzWxGJfK1FijoirElt
Tgy5EhBusYyNWaZB0hu9CuXfXGMuLfUmsfI6NPfFFB09ujzT2euwGuL2N1jUwGjA
WyvhMyovSCWVa/NhNuCjEaRRRzMkuyhPGunfQuGhu+6h9Dfyy/hwMLkM+t62UZxA
3GiXBXCSp4Xvri83SJs4pOsJ8Tt32cr/1hoRWWV8z4LJMxBEVxTVyo4k3ZHTCqAo
j9QZj7jmV+Osu+mHsn8AdEVTg3kB0OXQ6MDIUOk/UGyMwORgufn6mz0frvrRoQog
UKdeemMa6qMpJQbBng+tZPQ5Sjl3GVDlWO3vbRQbZuUmNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:46 2024 by rpki-client on console-ams.rpki-client.org