Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VpDd0jN2XSrG3csadFm0i-ARrNg.roa
File: VpDd0jN2XSrG3csadFm0i-ARrNg.roa (raw, json)
Hash identifier: fvRHsWGa89MSF/u8NRUNmNev+3a7leRFubSKMyaVDx0=
Subject key identifier: 56:90:DD:D2:33:76:5D:2A:C6:DD:CB:1A:74:59:B4:8B:E0:11:AC:D8
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: 01856EA6C20E4B4E4AAC4A4E4B486F9B4BE4
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VpDd0jN2XSrG3csadFm0i-ARrNg.roa
Signing time: Sun 01 Jan 2023 18:45:00 +0000
ROA not before: Sun 01 Jan 2023 18:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Mar 2023 19:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c2:0e:4b:4e:4a:ac:4a:4e:4b:48:6f:9b:4b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: Jan 1 18:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5690ddd233765d2ac6ddcb1a7459b48be011acd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:61:05:95:b6:82:b7:b8:d3:23:11:16:8d:02:
1f:4b:e4:5b:0a:8b:51:22:d6:6d:73:89:46:6a:52:
69:b8:20:52:99:68:24:bf:fb:d4:51:a6:dc:bc:c5:
ce:8e:30:52:f8:bc:a8:56:89:ea:aa:2a:d2:39:4c:
b2:bb:d2:2e:47:98:05:73:a9:1e:23:cd:09:71:aa:
64:e6:04:17:99:f9:c3:bb:a5:b6:93:95:c1:e7:8e:
8c:10:4f:04:41:3a:f3:c5:9f:91:a6:49:e1:9a:73:
b2:f0:38:30:3d:18:96:bc:cf:87:76:60:22:0f:e0:
32:97:4f:b6:e0:d8:ed:c4:f5:a2:8b:16:6a:8f:c3:
5a:fa:5e:26:fa:ba:25:6d:48:15:94:a2:58:a8:1c:
17:99:45:6a:71:83:65:99:62:90:92:a8:e4:dd:98:
91:ac:a9:1c:ec:1e:4b:48:57:e0:65:3e:f9:da:75:
ce:89:2a:7a:2d:f0:b2:a5:91:98:86:6d:03:d4:10:
62:8e:9c:0c:8a:eb:ef:c5:6f:09:0b:94:4a:c6:f9:
d8:43:75:0b:0a:10:a3:1f:1d:13:2b:f3:50:8c:e4:
b9:2f:46:01:11:f8:0f:59:d6:c7:94:3b:56:5a:32:
e3:71:9b:a7:86:85:57:e3:65:ca:5c:78:38:04:63:
d9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:90:DD:D2:33:76:5D:2A:C6:DD:CB:1A:74:59:B4:8B:E0:11:AC:D8
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VpDd0jN2XSrG3csadFm0i-ARrNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/40
Signature Algorithm: sha256WithRSAEncryption
48:93:a1:aa:01:fd:d3:e0:b7:ca:ff:bd:af:9c:75:a6:f7:e1:
6d:67:1c:90:4c:21:ed:3f:ff:c0:1c:f9:91:57:49:cc:88:f7:
2c:12:3a:d5:9f:a5:f6:ea:ed:c6:30:64:9f:1c:2f:82:20:fb:
d8:a1:3f:52:4f:fc:b6:43:dc:e1:84:6d:d8:85:da:c8:74:25:
02:13:dd:9c:ba:21:2b:69:53:71:2e:8f:82:65:31:fa:10:39:
4d:55:8d:15:93:b4:2b:94:eb:80:f4:f3:63:60:81:f9:6a:7c:
19:be:9d:8e:8e:4c:1b:eb:3e:ab:da:47:82:74:f2:aa:6f:e2:
c1:b2:8c:58:39:4b:55:47:b1:0e:e2:ab:7e:59:ec:75:21:82:
26:d6:64:ff:b4:08:d2:05:8e:59:e8:c3:29:1d:4f:a2:a3:50:
dd:61:96:05:dc:05:ce:0b:5c:ad:2c:dc:5d:61:8a:a9:d3:1f:
88:ee:26:3a:80:c0:f0:1d:be:6a:df:d7:15:7f:33:d0:08:95:
78:5a:97:41:08:e8:78:e2:7e:71:be:9d:5e:26:a6:c5:d0:a3:
97:85:e3:71:de:0f:17:21:4b:f7:16:1a:85:8a:12:f9:9c:a4:
e1:37:61:af:87:ac:64:0c:98:7a:3f:b8:2f:1d:ed:6d:ac:0d:
78:76:4a:c3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVupsIOS05KrEpOS0hvm0vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjkwZGRkMjMzNzY1ZDJhYzZkZGNiMWE3NDU5YjQ4YmUwMTFhY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWEFlbaCt7jTIxEWjQIfS+RbCotR
ItZtc4lGalJpuCBSmWgkv/vUUabcvMXOjjBS+LyoVonqqirSOUyyu9IuR5gFc6ke
I80Jcapk5gQXmfnDu6W2k5XB546MEE8EQTrzxZ+RpknhmnOy8DgwPRiWvM+HdmAi
D+Ayl0+24NjtxPWiixZqj8Na+l4m+rolbUgVlKJYqBwXmUVqcYNlmWKQkqjk3ZiR
rKkc7B5LSFfgZT752nXOiSp6LfCypZGYhm0D1BBijpwMiuvvxW8JC5RKxvnYQ3UL
ChCjHx0TK/NQjOS5L0YBEfgPWdbHlDtWWjLjcZunhoVX42XKXHg4BGPZ6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFaQ3dIzdl0qxt3LGnRZtIvgEazYMB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvVnBEZDBqTjJYU3JHM2NzYWRGbTBpLUFSck5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhKKwAAw
DQYJKoZIhvcNAQELBQADggEBAEiToaoB/dPgt8r/va+cdab34W1nHJBMIe0//8Ac
+ZFXScyI9ywSOtWfpfbq7cYwZJ8cL4Ig+9ihP1JP/LZD3OGEbdiF2sh0JQIT3Zy6
IStpU3Euj4JlMfoQOU1VjRWTtCuU64D082NggflqfBm+nY6OTBvrPqvaR4J08qpv
4sGyjFg5S1VHsQ7iq35Z7HUhgibWZP+0CNIFjlnowykdT6KjUN1hlgXcBc4LXK0s
3F1hiqnTH4juJjqAwPAdvmrf1xV/M9AIlXhal0EI6HjifnG+nV4mpsXQo5eF43He
DxchS/cWGoWKEvmcpOE3Ya+HrGQMmHo/uC8d7W2sDXh2SsM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:23 2024 by rpki-client on console-ams.rpki-client.org