Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ty3yyFSlC8IXsOrVYVMcxy6I1P8.roa
File: ty3yyFSlC8IXsOrVYVMcxy6I1P8.roa (raw, json)
Hash identifier: XoLFESM+eI0EapSAyH9496RLgT/Euqwsgma7g/j70kQ=
Subject key identifier: B7:2D:F2:C8:54:A5:0B:C2:17:B0:EA:D5:61:53:1C:C7:2E:88:D4:FF
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 018AEA47AB1FBC3888106167A0F50D41A44A
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ty3yyFSlC8IXsOrVYVMcxy6I1P8.roa
Signing time: Sun 01 Oct 2023 08:07:59 +0000
ROA not before: Sun 01 Oct 2023 08:07:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 116.50.16.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:47:ab:1f:bc:38:88:10:61:67:a0:f5:0d:41:a4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Oct 1 08:07:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b72df2c854a50bc217b0ead561531cc72e88d4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:68:08:3b:22:fc:ef:0b:df:d6:58:d6:c8:
33:31:e2:4c:cd:73:ff:5f:c7:6d:35:34:2f:05:e6:
3e:d1:e0:b3:22:03:d7:e8:a9:33:6e:43:c1:a5:2e:
79:05:47:c8:9f:01:02:02:cb:4a:6c:ed:d9:8c:59:
e9:54:b7:f2:53:aa:9e:20:75:ed:21:12:5b:45:9e:
b4:00:b8:ff:d9:01:63:04:dc:fd:7d:7b:1b:ec:7a:
f6:8a:0f:66:e9:fe:5a:2b:e3:9b:e9:68:c7:76:06:
bd:f6:0f:33:06:10:39:2d:73:22:62:e7:18:f7:1c:
f2:24:6b:27:83:cd:13:a7:36:16:07:67:f1:dd:f6:
ec:f5:e4:63:a7:4a:ca:1c:ce:0f:c9:a1:6c:bc:4b:
bb:3e:9b:83:50:6a:24:e6:55:c3:b0:db:d6:f4:e7:
fd:3c:55:a1:7f:85:65:57:57:1b:76:e1:f7:69:24:
06:df:3a:47:04:5f:54:96:11:f5:19:76:3c:88:20:
04:f5:54:c7:df:8c:d6:a3:9e:01:70:da:ac:f8:d2:
d9:70:76:94:f3:54:fc:af:d2:b9:e7:27:0b:92:d3:
e9:a5:81:1b:cc:a9:cb:98:d9:06:83:b6:ce:61:b3:
aa:da:e6:7c:f6:61:86:06:0e:d0:22:10:1e:0b:ac:
e5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2D:F2:C8:54:A5:0B:C2:17:B0:EA:D5:61:53:1C:C7:2E:88:D4:FF
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ty3yyFSlC8IXsOrVYVMcxy6I1P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.50.16.0/21
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
43:5a:bf:e3:d5:69:6c:15:ee:c3:e1:90:08:28:65:99:08:64:
73:3e:00:28:57:20:db:46:72:51:48:90:bf:f9:7a:86:61:a2:
e6:c2:6b:61:b0:bf:2d:b0:80:52:eb:56:92:d9:52:73:0e:8d:
28:8f:43:f1:52:54:14:44:0a:2f:18:80:41:26:31:71:be:eb:
29:83:67:4a:05:73:ad:3b:75:d0:2e:e8:36:8c:a3:71:44:49:
6f:5f:1f:a8:5a:c6:df:06:34:03:bd:9d:f4:06:fa:1c:b4:c3:
07:46:07:22:f7:15:d9:e3:68:fa:2a:6c:ad:ba:64:61:be:76:
c6:57:5e:d3:95:ad:36:fb:b7:d4:12:e8:35:97:d6:05:84:c8:
af:02:bd:9f:9d:05:59:5c:9c:ae:fb:54:42:ff:4a:32:73:c0:
25:c2:4f:00:39:bd:b8:b5:4a:d2:95:54:be:21:69:22:40:71:
6a:85:59:7a:59:f6:63:da:35:2a:a6:0f:b5:f9:54:cb:f6:28:
c1:b0:18:71:18:41:62:0d:66:12:51:03:dc:9a:a3:b7:a8:dd:
29:1b:e1:95:39:36:59:37:d2:65:17:2f:6c:e5:63:4a:84:42:
5a:98:49:6b:86:68:48:bd:40:57:25:2d:34:bf:36:58:f9:3c:
00:f5:2b:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrqR6sfvDiIEGFnoPUNQaRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMxMDAxMDgwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJkZjJjODU0YTUwYmMyMTdiMGVhZDU2MTUzMWNjNzJlODhkNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidxoCDsi/O8L39ZY1sgzMeJMzXP/
X8dtNTQvBeY+0eCzIgPX6KkzbkPBpS55BUfInwECAstKbO3ZjFnpVLfyU6qeIHXt
IRJbRZ60ALj/2QFjBNz9fXsb7Hr2ig9m6f5aK+Ob6WjHdga99g8zBhA5LXMiYucY
9xzyJGsng80TpzYWB2fx3fbs9eRjp0rKHM4PyaFsvEu7PpuDUGok5lXDsNvW9Of9
PFWhf4VlV1cbduH3aSQG3zpHBF9UlhH1GXY8iCAE9VTH34zWo54BcNqs+NLZcHaU
81T8r9K55ycLktPppYEbzKnLmNkGg7bOYbOq2uZ89mGGBg7QIhAeC6zlOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLct8shUpQvCF7Dq1WFTHMcuiNT/MB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvdHkzeXlGU2xDOElYc09yVllWTWN4eTZJMVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDdDIQAwQE
xg4QMA0GCSqGSIb3DQEBCwUAA4IBAQBDWr/j1WlsFe7D4ZAIKGWZCGRzPgAoVyDb
RnJRSJC/+XqGYaLmwmthsL8tsIBS61aS2VJzDo0oj0PxUlQURAovGIBBJjFxvusp
g2dKBXOtO3XQLug2jKNxRElvXx+oWsbfBjQDvZ30BvoctMMHRgci9xXZ42j6Kmyt
umRhvnbGV17Tla02+7fUEug1l9YFhMivAr2fnQVZXJyu+1RC/0oyc8Alwk8AOb24
tUrSlVS+IWkiQHFqhVl6WfZj2jUqpg+1+VTL9ijBsBhxGEFiDWYSUQPcmqO3qN0p
G+GVOTZZN9JlFy9s5WNKhEJamElrhmhIvUBXJS00vzZY+TwA9SuY
-----END CERTIFICATE-----
Generated at Thu Nov 9 00:33:07 2023 by rpki-client on console-fra.rpki-client.org