Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/sR0iLPy9XYkljorxZ1QWDEG7jFQ.roa
File: sR0iLPy9XYkljorxZ1QWDEG7jFQ.roa (raw, json)
Hash identifier: quOuqoFSY6uRdzHdkb+e6QWpf4bCY6dDD4NslBqjrj8=
Subject key identifier: B1:1D:22:2C:FC:BD:5D:89:25:8E:8A:F1:67:54:16:0C:41:BB:8C:54
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 018602BF7952D6308ED02098C4D4806F3FC3
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/sR0iLPy9XYkljorxZ1QWDEG7jFQ.roa
Signing time: Mon 30 Jan 2023 12:55:48 +0000
ROA not before: Mon 30 Jan 2023 12:55:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34465
IP address blocks: 2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:ee01::/48 maxlen: 48
2a12:8fc6:be01::/48 maxlen: 48
2a12:8fc6:ace3::/48 maxlen: 48
2a12:8fc6:cd04::/48 maxlen: 48
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:aa00::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 31 Jan 2023 08:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:bf:79:52:d6:30:8e:d0:20:98:c4:d4:80:6f:3f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 30 12:55:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b11d222cfcbd5d89258e8af16754160c41bb8c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d9:d7:94:4e:e4:1e:35:bf:ad:c4:96:6d:9e:
9c:7b:de:90:4b:7f:0f:db:84:83:55:bf:3e:c7:24:
27:b6:23:30:9a:4c:be:97:e1:40:b6:b4:0c:bf:7b:
a3:20:43:ed:77:6c:51:6e:8e:80:bf:64:70:6d:d2:
f6:a5:c4:07:92:f3:b7:05:f8:cc:e7:62:c8:ed:22:
fe:c3:be:d0:05:a4:1c:e8:6e:e5:79:9e:40:04:35:
dd:00:de:59:0f:47:dd:22:4e:11:73:b1:93:c7:49:
50:0a:67:71:44:ae:26:60:de:8b:62:7e:e8:74:a3:
5a:93:b9:07:58:b9:c8:db:af:b3:ee:bd:ac:80:4b:
36:c1:69:4b:2e:49:34:11:d6:3a:2d:30:38:33:9e:
fa:f7:6d:fe:c2:da:df:6c:b8:19:86:23:06:fa:12:
99:50:82:86:a0:f3:48:9e:3e:f0:cc:56:35:c5:3b:
e7:ce:d0:13:bb:69:f2:ec:cc:1d:3c:81:10:71:65:
8f:53:53:74:b4:4a:bf:fd:d1:d2:37:e9:61:06:91:
b2:b3:ae:b4:eb:6f:a1:18:53:41:de:50:3e:aa:47:
3f:74:21:46:02:ca:5b:74:ea:08:ff:c4:23:31:32:
45:03:16:e5:b4:63:51:89:cd:d0:94:fd:1c:36:0d:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1D:22:2C:FC:BD:5D:89:25:8E:8A:F1:67:54:16:0C:41:BB:8C:54
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/sR0iLPy9XYkljorxZ1QWDEG7jFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
94:c2:70:49:4a:13:92:d1:df:47:14:49:a4:51:1b:0f:9a:19:
5e:77:05:6b:af:56:3a:3f:67:5b:9a:cb:df:94:5f:fc:a5:15:
d2:02:7f:19:d6:92:0c:93:10:65:21:25:a6:9a:41:d5:d0:da:
fa:50:36:70:66:96:f5:6c:54:68:18:03:89:e0:0e:82:da:2f:
40:12:3a:11:a7:f2:32:b0:90:2a:fb:bd:a4:ed:ca:9c:76:31:
22:f8:42:86:3f:9f:f1:85:f5:ae:75:45:8d:0a:61:72:16:c4:
5a:2b:6d:38:9f:cd:8a:22:b3:59:d6:42:97:e6:63:f3:c7:2a:
67:cf:48:22:d6:33:93:97:1b:a1:11:1c:44:79:0f:8f:cc:94:
77:ca:41:98:ab:e5:fc:c5:23:26:df:b7:d2:82:2d:87:0b:14:
ba:75:64:34:f1:5a:92:05:05:99:99:34:13:d8:cc:9c:a2:30:
d8:a2:0c:b8:67:7f:74:4e:e2:ee:1e:41:59:34:5a:6f:59:dc:
90:09:e5:45:b1:07:a1:9e:3e:53:f7:30:53:e3:29:0a:4e:7f:
bf:42:ba:c3:73:b1:a4:e3:7e:02:3b:5e:e5:0d:5d:19:9c:30:
de:f7:4e:0e:59:1d:5c:87:e1:31:5c:60:d8:f5:73:9a:e7:44:
b9:85:a0:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYCv3lS1jCO0CCYxNSAbz/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMTMwMTI1NTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFkMjIyY2ZjYmQ1ZDg5MjU4ZThhZjE2NzU0MTYwYzQxYmI4YzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9nXlE7kHjW/rcSWbZ6ce96QS38P
24SDVb8+xyQntiMwmky+l+FAtrQMv3ujIEPtd2xRbo6Av2RwbdL2pcQHkvO3BfjM
52LI7SL+w77QBaQc6G7leZ5ABDXdAN5ZD0fdIk4Rc7GTx0lQCmdxRK4mYN6LYn7o
dKNak7kHWLnI26+z7r2sgEs2wWlLLkk0EdY6LTA4M576923+wtrfbLgZhiMG+hKZ
UIKGoPNInj7wzFY1xTvnztATu2ny7MwdPIEQcWWPU1N0tEq//dHSN+lhBpGys660
62+hGFNB3lA+qkc/dCFGAspbdOoI/8QjMTJFAxbltGNRic3QlP0cNg1DvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLEdIiz8vV2JJY6K8WdUFgxBu4xUMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvc1IwaUxQeTlYWWtsam9yeFoxUVdERUc3akZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAlMJwSUoTktHfRxRJpFEbD5oZXncFa69WOj9nW5rL
35Rf/KUV0gJ/GdaSDJMQZSElpppB1dDa+lA2cGaW9WxUaBgDieAOgtovQBI6Eafy
MrCQKvu9pO3KnHYxIvhChj+f8YX1rnVFjQphchbEWittOJ/NiiKzWdZCl+Zj88cq
Z89IItYzk5cboREcRHkPj8yUd8pBmKvl/MUjJt+30oIthwsUunVkNPFakgUFmZk0
E9jMnKIw2KIMuGd/dE7i7h5BWTRab1nckAnlRbEHoZ4+U/cwU+MpCk5/v0K6w3Ox
pON+Ajte5Q1dGZww3vdODlkdXIfhMVxg2PVzmudEuYWg3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org