Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/iTOK5qBOCbkPrH-73k6tZZfYZYI.roa
File: iTOK5qBOCbkPrH-73k6tZZfYZYI.roa (raw, json)
Hash identifier: 4ZngIQi5juASIVMpO4hPpae//+zSRcTuUUfcpgGodv0=
Subject key identifier: 89:33:8A:E6:A0:4E:09:B9:0F:AC:7F:BB:DE:4E:AD:65:97:D8:65:82
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018CC794764EF9F6B58500D44AFBD04972FA
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/iTOK5qBOCbkPrH-73k6tZZfYZYI.roa
Signing time: Tue 02 Jan 2024 00:30:44 +0000
ROA not before: Tue 02 Jan 2024 00:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:8f84::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:76:4e:f9:f6:b5:85:00:d4:4a:fb:d0:49:72:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 2 00:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89338ae6a04e09b90fac7fbbde4ead6597d86582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3d:fe:cf:da:c6:fa:4f:1f:72:ae:8c:b9:dc:
71:f2:29:a7:58:65:5a:cb:30:a6:57:46:4a:b4:10:
16:c5:f9:e4:17:5e:ae:44:bc:f9:f9:d0:91:cc:d2:
a7:b5:af:75:82:47:ed:57:ad:82:d9:9d:ad:71:fb:
4e:f4:48:ce:dc:6e:72:98:01:97:35:f5:cd:9a:bf:
7a:e7:8b:f2:17:14:db:49:31:b5:58:19:14:75:23:
e5:ea:3c:31:1d:f1:b9:a3:4a:03:b3:d0:34:c0:b4:
9d:bd:d1:cf:f9:96:89:87:ae:68:25:b1:90:ff:87:
6f:c9:9a:d9:76:12:e5:5c:6b:a2:0e:98:53:2c:34:
7f:26:3b:ac:65:fb:d4:05:a4:3c:76:c2:cb:20:a6:
06:82:d4:3c:dd:9e:e4:d5:3c:97:9a:52:cf:75:5a:
ed:2f:63:6d:23:a6:af:7f:c6:85:21:a0:47:41:33:
09:ec:5c:1f:01:18:fd:6c:44:5f:e2:ad:7c:63:7c:
91:bc:e1:69:96:71:29:c4:8d:f4:fe:42:7d:3f:0c:
e5:cd:e1:0d:57:14:1e:b3:2d:bf:62:ab:5d:8a:a1:
f5:32:79:ab:12:52:2f:78:be:74:6d:ac:34:d8:46:
39:8f:fd:61:39:70:32:c7:1f:41:c6:e9:6a:ba:5e:
c4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:33:8A:E6:A0:4E:09:B9:0F:AC:7F:BB:DE:4E:AD:65:97:D8:65:82
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/iTOK5qBOCbkPrH-73k6tZZfYZYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8f84::/32
Signature Algorithm: sha256WithRSAEncryption
7c:be:16:ce:80:51:8d:88:ac:7d:ea:17:85:f6:9e:43:04:4f:
31:0f:bc:26:56:21:18:62:62:1e:ab:02:13:d7:ca:ee:0c:cb:
80:d2:08:31:5e:38:c5:c6:23:27:f1:f7:96:d3:5b:da:0a:a7:
26:da:16:ec:3d:21:4c:bc:bb:ef:e9:d9:93:7f:5f:4b:54:ea:
26:24:c7:74:bc:57:3a:00:66:76:6b:12:7d:79:b3:b9:4d:91:
80:01:02:26:d3:14:df:fc:bc:d2:56:e0:43:70:b0:a4:29:b9:
55:a5:67:7d:73:c8:b4:68:90:80:4c:2a:f9:62:c0:fd:42:22:
50:82:fb:5b:64:45:e9:48:73:19:08:30:37:20:4c:c0:31:1f:
fd:c3:25:83:d7:fa:50:37:f1:d9:b9:28:e7:57:6c:06:2f:0a:
d3:97:66:f7:dd:29:8b:07:8a:60:1d:7c:a3:52:84:e5:12:a2:
ec:e5:b8:f6:f9:d4:7e:3d:51:18:a6:62:f2:2e:4c:b5:a2:20:
77:b2:83:76:6e:0b:9d:67:4b:34:93:88:fc:51:e0:85:d1:98:
91:5f:aa:c4:8c:e6:fc:44:3b:49:f3:9e:9d:a5:95:c3:40:19:
7c:be:81:b0:ea:93:e0:f7:d4:5f:d5:ac:46:dc:12:22:45:74:
2e:46:32:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlHZO+fa1hQDUSvvQSXL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTAyMDAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTMzOGFlNmEwNGUwOWI5MGZhYzdmYmJkZTRlYWQ2NTk3ZDg2NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz3+z9rG+k8fcq6Mudxx8imnWGVa
yzCmV0ZKtBAWxfnkF16uRLz5+dCRzNKnta91gkftV62C2Z2tcftO9EjO3G5ymAGX
NfXNmr9654vyFxTbSTG1WBkUdSPl6jwxHfG5o0oDs9A0wLSdvdHP+ZaJh65oJbGQ
/4dvyZrZdhLlXGuiDphTLDR/JjusZfvUBaQ8dsLLIKYGgtQ83Z7k1TyXmlLPdVrt
L2NtI6avf8aFIaBHQTMJ7FwfARj9bERf4q18Y3yRvOFplnEpxI30/kJ9PwzlzeEN
VxQesy2/YqtdiqH1MnmrElIveL50baw02EY5j/1hOXAyxx9Bxulqul7EnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIkziuagTgm5D6x/u95OrWWX2GWCMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvaVRPSzVxQk9DYmtQckgtNzNrNnRaWmZZWllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGPhDAN
BgkqhkiG9w0BAQsFAAOCAQEAfL4WzoBRjYisfeoXhfaeQwRPMQ+8JlYhGGJiHqsC
E9fK7gzLgNIIMV44xcYjJ/H3ltNb2gqnJtoW7D0hTLy77+nZk39fS1TqJiTHdLxX
OgBmdmsSfXmzuU2RgAECJtMU3/y80lbgQ3CwpCm5VaVnfXPItGiQgEwq+WLA/UIi
UIL7W2RF6UhzGQgwNyBMwDEf/cMlg9f6UDfx2bko51dsBi8K05dm990piweKYB18
o1KE5RKi7OW49vnUfj1RGKZi8i5MtaIgd7KDdm4LnWdLNJOI/FHghdGYkV+qxIzm
/EQ7SfOenaWVw0AZfL6BsOqT4PfUX9WsRtwSIkV0LkYy6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org