Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/3yvqHDBFWp47oUu6Dg94Tmgaduc.roa
File: 3yvqHDBFWp47oUu6Dg94Tmgaduc.roa (raw, json)
Hash identifier: W8TqTSwC26wa2vJo+bYri055hxNRE0qjLCR6HZHqbCQ=
Subject key identifier: DF:2B:EA:1C:30:45:5A:9E:3B:A1:4B:BA:0E:0F:78:4E:68:1A:76:E7
Certificate issuer: /CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Certificate serial: 018AF4DF8211FC577FCEC8A116494E00B998
Authority key identifier: F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/3yvqHDBFWp47oUu6Dg94Tmgaduc.roa
Signing time: Tue 03 Oct 2023 09:30:03 +0000
ROA not before: Tue 03 Oct 2023 09:30:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 2001:67c:b30::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:df:82:11:fc:57:7f:ce:c8:a1:16:49:4e:00:b9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Validity
Not Before: Oct 3 09:30:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2bea1c30455a9e3ba14bba0e0f784e681a76e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:16:8a:3b:fd:34:bf:23:84:c5:21:e6:e1:4c:
70:6e:6a:18:e4:14:94:fe:9e:b1:b4:d8:13:4b:15:
36:46:30:f4:cc:82:88:32:7b:73:b2:d0:02:d2:64:
70:b5:c7:e7:53:92:bb:75:59:9e:2c:eb:2c:82:f8:
dc:86:6f:c4:38:5f:b6:15:50:b3:43:35:0c:49:62:
a6:84:cd:35:4f:36:0c:d1:83:0d:d6:69:73:9b:68:
28:2d:12:f1:21:ae:36:6b:a6:0f:4d:1b:fa:b5:ec:
ab:c7:48:fc:06:23:97:14:15:2e:33:cd:44:36:df:
2b:e2:c2:8b:6d:46:dd:13:7f:d7:af:27:a4:88:1e:
ad:bc:fc:5b:c1:25:b4:7a:74:0f:d0:c8:5d:97:36:
6a:08:bb:54:ae:40:8e:cb:50:3a:1f:8b:44:92:6b:
7f:5c:8b:19:cb:d8:d6:d8:e1:bf:ce:12:0d:89:3b:
7a:cc:a7:f5:98:d9:3c:ae:54:b7:b7:86:3b:7c:2e:
67:d6:3b:0c:84:65:21:02:bc:27:60:fb:ad:49:db:
19:c7:0d:4f:ad:0f:a3:72:b6:ef:54:24:be:e7:d4:
65:d9:d6:0d:3a:73:bb:d0:9e:49:41:24:0b:53:4e:
09:8d:45:27:9b:6f:8e:ba:be:94:3d:58:1c:d2:1d:
f6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:EA:1C:30:45:5A:9E:3B:A1:4B:BA:0E:0F:78:4E:68:1A:76:E7
X509v3 Authority Key Identifier:
keyid:F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/3yvqHDBFWp47oUu6Dg94Tmgaduc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/8NnLvv3mEuYeDND_C4cZYcv3l-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b30::/48
Signature Algorithm: sha256WithRSAEncryption
89:e8:b7:df:02:29:88:bf:e6:05:4c:cb:46:c0:42:e2:22:29:
af:b7:26:f2:b2:ee:38:33:b4:5c:dd:82:d3:b0:ae:84:dd:0a:
a9:5e:39:78:8e:0c:63:54:1f:33:63:c3:27:61:ef:76:ab:9f:
d8:60:48:77:18:70:e6:24:fe:05:33:f7:db:21:82:d3:69:40:
27:13:24:ca:87:bd:ed:a5:af:32:11:9c:4a:5f:dd:fb:f9:73:
45:c9:a2:da:0e:f3:23:0b:d5:db:a4:08:50:43:f5:44:ad:86:
6a:59:47:f4:be:76:b5:f0:08:82:ab:31:71:4d:e2:25:eb:00:
1e:ea:ae:77:eb:18:ef:a4:7f:d3:c0:04:1e:77:fe:8a:88:b4:
5a:06:f7:f2:bf:d6:d8:0f:27:84:e1:4f:b5:e5:25:50:0f:a1:
e7:b5:c9:63:0d:ee:fc:38:99:f1:ff:0a:be:2e:4f:46:31:d9:
e9:d9:15:c1:e7:d0:2e:b1:94:63:a6:1b:8a:53:4f:6a:3f:39:
39:7c:51:d8:c2:49:90:ce:2f:e4:70:5e:d1:1f:4e:d9:40:b7:
67:8b:9b:62:db:7b:e8:d2:55:09:3e:7d:d0:81:79:c6:af:9e:
11:6c:5e:62:22:4a:5e:ba:73:9e:39:87:da:e6:9e:0e:3e:b8:
92:b0:7a:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYr034IR/Fd/zsihFklOALmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDljYmJlZmRlNjEyZTYxZTBjZDBmZjBiODcxOTYxY2Jm
Nzk3ZTMwHhcNMjMxMDAzMDkzMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJiZWExYzMwNDU1YTllM2JhMTRiYmEwZTBmNzg0ZTY4MWE3NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBaKO/00vyOExSHm4UxwbmoY5BSU
/p6xtNgTSxU2RjD0zIKIMntzstAC0mRwtcfnU5K7dVmeLOssgvjchm/EOF+2FVCz
QzUMSWKmhM01TzYM0YMN1mlzm2goLRLxIa42a6YPTRv6teyrx0j8BiOXFBUuM81E
Nt8r4sKLbUbdE3/XryekiB6tvPxbwSW0enQP0MhdlzZqCLtUrkCOy1A6H4tEkmt/
XIsZy9jW2OG/zhINiTt6zKf1mNk8rlS3t4Y7fC5n1jsMhGUhArwnYPutSdsZxw1P
rQ+jcrbvVCS+59Rl2dYNOnO70J5JQSQLU04JjUUnm2+Our6UPVgc0h32lwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN8r6hwwRVqeO6FLug4PeE5oGnbnMB8GA1UdIwQY
MBaAFPDZy7795hLmHgzQ/wuHGWHL95fjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQt
ZjkyOTE1YTk2OGJjLzEvM3l2cUhEQkZXcDQ3b1V1NkRnOTRUbWdhZHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQtZjkyOTE1YTk2OGJj
LzEvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAsw
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ6LffAimIv+YFTMtGwELiIimvtybysu44M7Rc
3YLTsK6E3QqpXjl4jgxjVB8zY8MnYe92q5/YYEh3GHDmJP4FM/fbIYLTaUAnEyTK
h73tpa8yEZxKX937+XNFyaLaDvMjC9XbpAhQQ/VErYZqWUf0vna18AiCqzFxTeIl
6wAe6q536xjvpH/TwAQed/6KiLRaBvfyv9bYDyeE4U+15SVQD6HntcljDe78OJnx
/wq+Lk9GMdnp2RXB59AusZRjphuKU09qPzk5fFHYwkmQzi/kcF7RH07ZQLdni5ti
23vo0lUJPn3QgXnGr54RbF5iIkpeunOeOYfa5p4OPriSsHr/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:01 2024 by rpki-client on console-fra.rpki-client.org