Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTop118z2HOZP_uBblLWGGS5qH4.roa
File: iTop118z2HOZP_uBblLWGGS5qH4.roa (raw, json)
Hash identifier: SLU3s/M3iojPFgIDk9uuE9gQXu4ZBIYyHzlPHNeWHlE=
Subject key identifier: 89:3A:29:D7:5F:33:D8:73:99:3F:FB:81:6E:52:D6:18:64:B9:A8:7E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185F3F4DE18B0B08E49CF514410881C90C4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTop118z2HOZP_uBblLWGGS5qH4.roa
Signing time: Fri 27 Jan 2023 15:59:49 +0000
ROA not before: Fri 27 Jan 2023 15:59:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41732
IP address blocks: 2a0e:b107:820::/48 maxlen: 48
2a0e:b107:9d0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Feb 2023 04:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:f4:de:18:b0:b0:8e:49:cf:51:44:10:88:1c:90:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 27 15:59:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=893a29d75f33d873993ffb816e52d61864b9a87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:44:cc:f6:4c:06:6e:29:bf:84:9e:6d:d5:1a:
46:3f:17:b0:47:29:15:8d:12:d9:ce:bc:7a:d7:f4:
02:d6:a9:b4:ac:3f:b9:ad:a2:f1:68:3e:b2:af:ed:
35:c7:8a:2b:3e:22:b8:e8:69:8b:2b:62:6c:fb:bc:
c4:63:44:68:3e:0d:75:70:01:5d:a9:c2:26:92:99:
b3:5c:4f:d9:b5:99:d1:c2:a9:2e:82:88:84:63:bb:
2c:cc:0c:2f:39:fa:be:44:26:ca:98:36:08:76:cb:
6c:63:ba:e9:4e:c0:01:57:45:e0:7d:53:43:8f:5f:
a7:79:5e:6c:65:98:25:51:b4:3e:c7:0a:2c:f3:f3:
f9:d9:d7:9b:72:42:00:73:a0:ef:d2:5e:04:de:6e:
2a:4a:75:c0:20:67:96:d3:ad:5c:73:29:22:9c:97:
f9:8c:d6:8c:3f:a0:58:1a:20:8d:55:f3:c2:71:f4:
00:56:48:4b:77:91:b1:48:16:ed:19:e2:ba:07:af:
89:9d:43:89:f5:18:42:a2:0a:57:37:6e:39:c6:63:
98:7c:05:e9:0a:4b:cb:06:93:fa:d2:62:25:0f:d0:
85:9a:37:30:16:27:c1:42:81:b5:00:e9:8a:ed:3d:
b3:88:c0:90:ad:7c:57:e6:a8:81:b4:b5:15:b0:9b:
a7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3A:29:D7:5F:33:D8:73:99:3F:FB:81:6E:52:D6:18:64:B9:A8:7E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTop118z2HOZP_uBblLWGGS5qH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:820::/48
2a0e:b107:9d0::/48
Signature Algorithm: sha256WithRSAEncryption
3e:1a:b4:ab:07:e9:93:ac:74:39:0a:86:7d:af:3e:33:97:d6:
a6:4c:b0:13:63:03:24:47:2a:80:8d:1e:96:ca:fb:6a:cd:f9:
f2:c9:9e:69:62:53:99:76:64:31:b8:de:85:c5:c6:6e:82:c4:
e8:77:15:53:a5:d1:4e:b9:ae:5f:17:e4:6e:1e:4f:6a:fa:69:
95:3d:ab:0c:93:9c:21:e8:f2:97:97:e6:9c:45:22:20:6a:dd:
91:c1:c2:0d:0a:e3:49:3c:36:ca:97:7b:ac:5c:93:6a:d7:5b:
f2:7b:8e:77:02:3f:12:3e:1c:ca:06:67:65:42:35:af:6e:7d:
32:db:6b:20:dd:29:f4:00:4f:a9:ed:87:16:34:12:9c:6c:31:
60:15:8e:fe:84:18:fa:8d:b1:bc:35:0b:78:d4:0e:76:4a:ba:
b8:f6:c9:69:d8:3b:8c:e8:d1:cc:31:a0:78:94:ca:b0:3d:f5:
c3:d4:a8:3a:86:92:e8:43:e7:56:92:8b:44:3c:9c:ed:a9:8a:
5e:6f:b7:14:2f:0e:c0:a2:09:a2:b9:5d:e1:1a:30:83:11:b0:
3d:4c:e6:a4:a1:0a:c7:e6:a6:10:75:b5:4b:3d:87:31:f9:89:
a9:ec:59:84:68:6a:db:d6:54:c6:31:3e:b1:36:23:f0:f7:58:
dd:b1:47:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXz9N4YsLCOSc9RRBCIHJDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI3MTU1OTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNhMjlkNzVmMzNkODczOTkzZmZiODE2ZTUyZDYxODY0YjlhODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkTM9kwGbim/hJ5t1RpGPxewRykV
jRLZzrx61/QC1qm0rD+5raLxaD6yr+01x4orPiK46GmLK2Js+7zEY0RoPg11cAFd
qcImkpmzXE/ZtZnRwqkugoiEY7sszAwvOfq+RCbKmDYIdstsY7rpTsABV0XgfVND
j1+neV5sZZglUbQ+xwos8/P52debckIAc6Dv0l4E3m4qSnXAIGeW061ccykinJf5
jNaMP6BYGiCNVfPCcfQAVkhLd5GxSBbtGeK6B6+JnUOJ9RhCogpXN245xmOYfAXp
CkvLBpP60mIlD9CFmjcwFifBQoG1AOmK7T2ziMCQrXxX5qiBtLUVsJun2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIk6KddfM9hzmT/7gW5S1hhkuah+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVRvcDExOHoySE9aUF91QmJsTFdHR1M1cUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwgg
AwcAKg6xBwnQMA0GCSqGSIb3DQEBCwUAA4IBAQA+GrSrB+mTrHQ5CoZ9rz4zl9am
TLATYwMkRyqAjR6WyvtqzfnyyZ5pYlOZdmQxuN6FxcZugsTodxVTpdFOua5fF+Ru
Hk9q+mmVPasMk5wh6PKXl+acRSIgat2RwcINCuNJPDbKl3usXJNq11vye453Aj8S
PhzKBmdlQjWvbn0y22sg3Sn0AE+p7YcWNBKcbDFgFY7+hBj6jbG8NQt41A52Srq4
9slp2DuM6NHMMaB4lMqwPfXD1Kg6hpLoQ+dWkotEPJztqYpeb7cULw7AogmiuV3h
GjCDEbA9TOakoQrH5qYQdbVLPYcx+Ymp7FmEaGrb1lTGMT6xNiPw91jdsUe6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org