Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/1-JkF46wdggQONs9hT6vSY0HlKrs.roa
File: 1-JkF46wdggQONs9hT6vSY0HlKrs.roa (raw, json)
Hash identifier: Awy/ywlNS3YZtI1SyRSq5Q4T/dRdMuEPvRmWDyCcqbs=
Subject key identifier: F8:99:05:E3:AC:1D:82:04:0E:36:CF:61:4F:AB:D2:63:41:E5:2A:BB
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 01856D6F7502BD868371AD27FCA17E9B5063
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/1-JkF46wdggQONs9hT6vSY0HlKrs.roa
Signing time: Sun 01 Jan 2023 13:04:58 +0000
ROA not before: Sun 01 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31004
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Jun 2023 11:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:75:02:bd:86:83:71:ad:27:fc:a1:7e:9b:50:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f89905e3ac1d82040e36cf614fabd26341e52abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c3:58:61:7c:c4:82:bc:45:a1:ad:0f:7d:fb:
b7:de:2f:f2:f5:b4:37:8d:6a:61:c9:6c:d4:de:df:
fa:a4:2e:0b:ef:85:4c:c2:e2:74:14:dc:99:02:ca:
11:a2:2f:6f:9d:6a:45:6b:f1:75:43:ef:59:bf:a1:
96:0a:d6:dd:7e:07:86:47:e7:65:d6:28:34:60:a0:
89:bb:fe:3e:70:a2:47:19:03:fb:a1:eb:00:2e:f7:
70:e3:1e:24:3c:f6:8b:7a:f2:15:dd:fb:5d:10:9d:
9f:17:eb:93:3f:84:9d:d3:72:00:91:16:a5:33:f3:
6f:3d:8a:a7:3a:32:d3:5f:d8:56:58:21:39:31:b2:
58:51:9f:60:cb:a5:5f:77:2c:b2:20:3d:37:8f:45:
63:84:d7:3c:c5:cb:92:92:08:14:a9:27:47:ae:09:
92:a4:42:8f:ff:cb:e7:85:0c:0e:9b:9a:b0:d5:45:
95:01:9f:e9:d8:2a:ed:08:ec:d7:15:4a:61:13:fe:
34:f8:35:91:9d:3a:ba:b1:49:d7:1b:bb:dc:3c:b0:
b0:51:21:d0:5b:01:d0:bb:c2:b9:e5:51:ed:8a:04:
e9:9d:46:42:9a:0d:e1:98:12:39:76:07:0b:5d:d1:
5c:3f:be:07:85:f3:f5:a4:5f:ad:88:ae:c3:0a:08:
73:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:99:05:E3:AC:1D:82:04:0E:36:CF:61:4F:AB:D2:63:41:E5:2A:BB
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/1-JkF46wdggQONs9hT6vSY0HlKrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
Signature Algorithm: sha256WithRSAEncryption
82:8c:ba:5b:91:cc:fe:c1:ba:a6:8d:73:74:55:e4:1d:c5:dc:
d5:7d:12:e0:69:ef:a3:c9:61:e6:7a:a1:e5:11:e3:ba:ef:dc:
bf:27:6e:9a:ae:d5:b5:d8:89:6d:bf:9a:2d:d1:68:b2:2d:5d:
32:7f:94:ab:e1:99:89:d5:9d:9a:1a:ed:d5:5b:76:e5:40:2c:
ab:8b:db:97:55:5f:77:95:5e:ce:0e:e6:3b:85:d0:da:fe:78:
b8:f7:ba:e3:7a:6b:18:29:5e:68:e4:b1:e6:67:f4:63:8e:d9:
6a:d0:96:94:c3:ad:d1:08:b4:59:49:76:95:b5:fa:a9:5a:3e:
bf:e4:12:88:5e:54:db:aa:79:6d:ac:e5:8d:7b:90:4d:55:dd:
b6:2f:d4:9b:1f:86:69:f7:e6:ac:63:02:de:a9:89:94:d6:4d:
22:d2:24:2c:d7:e4:56:cc:d7:61:1e:8a:1a:4a:55:98:37:af:
be:6e:87:3f:80:cc:e1:58:56:7b:67:45:8b:42:f1:3c:6f:09:
93:fa:52:99:c0:4b:65:76:8e:14:3d:e0:55:39:f5:d8:70:2d:
fe:91:fe:33:21:3b:08:7d:b1:e3:36:61:a6:9f:9a:eb:fe:31:
49:ef:1e:73:a2:b2:ae:4b:00:fe:8e:1b:d9:a6:a2:1e:65:dd:
b5:a7:8a:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtb3UCvYaDca0n/KF+m1BjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwMTAxMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk5MDVlM2FjMWQ4MjA0MGUzNmNmNjE0ZmFiZDI2MzQxZTUyYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisNYYXzEgrxFoa0Pffu33i/y9bQ3
jWphyWzU3t/6pC4L74VMwuJ0FNyZAsoRoi9vnWpFa/F1Q+9Zv6GWCtbdfgeGR+dl
1ig0YKCJu/4+cKJHGQP7oesALvdw4x4kPPaLevIV3ftdEJ2fF+uTP4Sd03IAkRal
M/NvPYqnOjLTX9hWWCE5MbJYUZ9gy6VfdyyyID03j0VjhNc8xcuSkggUqSdHrgmS
pEKP/8vnhQwOm5qw1UWVAZ/p2CrtCOzXFUphE/40+DWRnTq6sUnXG7vcPLCwUSHQ
WwHQu8K55VHtigTpnUZCmg3hmBI5dgcLXdFcP74HhfP1pF+tiK7DCghzjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPiZBeOsHYIEDjbPYU+r0mNB5Sq7MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvMS1Ka0Y0NndkZ2dRT05zOWhUNnZTWTBIbEtycy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvNjUyZWI0LTMyMWMtNDhjMC05MjcyLTNhZTcxMWFmMDM0
Yi8xL2p5Z2t4aE5YM0RSTHZmTmJnMWQwV2JuVF9FUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAqBggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBCoAS8Ag
AAMGACoAS8AhMA0GCSqGSIb3DQEBCwUAA4IBAQCCjLpbkcz+wbqmjXN0VeQdxdzV
fRLgae+jyWHmeqHlEeO679y/J26artW12Iltv5ot0WiyLV0yf5Sr4ZmJ1Z2aGu3V
W3blQCyri9uXVV93lV7ODuY7hdDa/ni497rjemsYKV5o5LHmZ/Rjjtlq0JaUw63R
CLRZSXaVtfqpWj6/5BKIXlTbqnltrOWNe5BNVd22L9SbH4Zp9+asYwLeqYmU1k0i
0iQs1+RWzNdhHooaSlWYN6++boc/gMzhWFZ7Z0WLQvE8bwmT+lKZwEtldo4UPeBV
OfXYcC3+kf4zITsIfbHjNmGmn5rr/jFJ7x5zorKuSwD+jhvZpqIeZd21p4pD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org