Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4yWqqx6CChL5-bmifG34vlGjmnU.roa
File: 4yWqqx6CChL5-bmifG34vlGjmnU.roa (raw, json)
Hash identifier: hQhMy431LwH1/rl+Pq+jVCtoKNcCi9aYXZ+hW569ne0=
Subject key identifier: E3:25:AA:AB:1E:82:0A:12:F9:F9:B9:A2:7C:6D:F8:BE:51:A3:9A:75
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4C709C116245DB69D2D616518286A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4yWqqx6CChL5-bmifG34vlGjmnU.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43419
IP address blocks: 2a04:3a40:8000::/33 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c7:09:c1:16:24:5d:b6:9d:2d:61:65:18:28:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e325aaab1e820a12f9f9b9a27c6df8be51a39a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:c2:26:e6:52:bc:58:61:97:76:0e:07:d3:
92:ac:06:5d:f7:a6:60:d0:d7:d5:47:c2:b6:25:57:
49:8d:bf:7e:75:6a:e4:aa:7a:d1:8c:1a:38:70:2e:
49:c2:33:81:5d:f6:b6:d6:35:d9:e4:f6:6c:52:d4:
26:87:f9:6c:c9:9c:ec:a6:fe:74:fe:d6:19:52:2d:
e9:cb:de:44:43:18:0d:47:e9:88:21:22:08:53:43:
9e:9b:05:93:4f:fd:f1:b3:9d:b9:e8:55:ae:f4:1e:
ff:8b:71:c3:fa:0b:45:33:00:b9:da:c0:ec:b8:ce:
bc:f3:fa:9b:45:dd:3c:bb:51:b8:9c:0a:8c:ba:59:
4d:6e:de:8a:9d:29:5d:c0:bc:cc:a4:83:6a:7d:b9:
a3:02:f1:24:59:d5:4f:1a:0c:75:78:a1:9b:a3:03:
42:86:a4:7f:84:cb:e3:61:46:30:a2:fd:b0:f9:33:
5e:30:33:57:bb:7b:ef:16:d2:e5:34:cf:d8:a5:f7:
21:d8:fe:ad:8e:5c:d9:df:c7:5f:dd:65:dd:74:c9:
6a:1c:b9:d1:0d:a7:71:42:df:39:1b:75:b4:6d:6e:
86:9b:be:3e:6c:aa:28:81:b9:a8:4a:e9:6f:24:45:
b7:c5:c5:71:38:c4:de:d6:66:07:3b:a9:dd:dd:4c:
5e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:25:AA:AB:1E:82:0A:12:F9:F9:B9:A2:7C:6D:F8:BE:51:A3:9A:75
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4yWqqx6CChL5-bmifG34vlGjmnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:3a40:8000::/33
Signature Algorithm: sha256WithRSAEncryption
2a:a2:ca:2b:6c:79:5a:47:5c:e7:51:fc:77:85:5e:5e:5f:e2:
fe:3c:76:dd:e6:d4:aa:1b:8a:33:45:63:0a:38:03:02:82:2c:
86:c2:b4:c4:8b:f8:e3:a9:30:96:6c:d0:0b:c7:79:c8:fa:f9:
a6:ef:7d:11:16:6a:62:aa:69:31:4f:ad:94:a8:ae:92:fb:68:
69:56:cf:0d:1f:41:ea:8f:46:7a:70:7a:b3:b8:ec:27:09:a1:
ad:9f:ca:21:a8:2c:0b:4d:c8:05:23:45:21:3c:af:e9:67:24:
4e:d7:23:57:e1:bd:ec:8c:9e:9b:c9:bf:49:3c:4f:43:08:87:
54:8c:ba:5a:62:77:0f:1c:bf:2f:ac:3a:18:7c:b4:d5:ed:98:
15:6d:41:3a:2b:54:f0:90:5f:63:be:e2:2a:44:82:e6:3c:35:
37:9a:1c:da:d2:6b:7f:69:29:c0:36:7c:c9:29:68:2f:2e:25:
71:31:a9:59:06:83:c1:90:55:08:2f:7c:59:37:0f:ff:95:48:
77:30:f0:74:6a:cb:cc:23:6b:1d:b9:72:bb:cb:c8:34:5b:32:
12:9f:b8:cc:a0:de:5b:d5:a7:bb:b2:82:25:9d:52:1f:05:48:
2f:d4:df:7c:98:a0:1d:74:b8:71:a8:12:0d:4c:14:d7:4b:94:
0d:c8:b6:ba
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVu1McJwRYkXbadLWFlGChqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI1YWFhYjFlODIwYTEyZjlmOWI5YTI3YzZkZjhiZTUxYTM5YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBrCJuZSvFhhl3YOB9OSrAZd96Zg
0NfVR8K2JVdJjb9+dWrkqnrRjBo4cC5JwjOBXfa21jXZ5PZsUtQmh/lsyZzspv50
/tYZUi3py95EQxgNR+mIISIIU0OemwWTT/3xs5256FWu9B7/i3HD+gtFMwC52sDs
uM688/qbRd08u1G4nAqMullNbt6KnSldwLzMpINqfbmjAvEkWdVPGgx1eKGbowNC
hqR/hMvjYUYwov2w+TNeMDNXu3vvFtLlNM/Ypfch2P6tjlzZ38df3WXddMlqHLnR
DadxQt85G3W0bW6Gm74+bKoogbmoSulvJEW3xcVxOMTe1mYHO6nd3UxekwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOMlqqseggoS+fm5onxt+L5Ro5p1MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNHlXcXF4NkNDaEw1LWJtaWZHMzR2bEdqbW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKgQ6QIAw
DQYJKoZIhvcNAQELBQADggEBACqiyitseVpHXOdR/HeFXl5f4v48dt3m1KobijNF
Ywo4AwKCLIbCtMSL+OOpMJZs0AvHecj6+abvfREWamKqaTFPrZSorpL7aGlWzw0f
QeqPRnpwerO47CcJoa2fyiGoLAtNyAUjRSE8r+lnJE7XI1fhveyMnpvJv0k8T0MI
h1SMulpidw8cvy+sOhh8tNXtmBVtQTorVPCQX2O+4ipEguY8NTeaHNrSa39pKcA2
fMkpaC8uJXExqVkGg8GQVQgvfFk3D/+VSHcw8HRqy8wjax25crvLyDRbMhKfuMyg
3lvVp7uygiWdUh8FSC/U33yYoB10uHGoEg1MFNdLlA3Itro=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:47 2024 by rpki-client on console-fra.rpki-client.org