Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/TmAkRf6RqyDJkaiCqVCN3_yljiM.roa
File: TmAkRf6RqyDJkaiCqVCN3_yljiM.roa (raw, json)
Hash identifier: bP1wUxjT11f+J327PQd2wJIXxrXl4KxSZyhzTuACcdI=
Subject key identifier: 4E:60:24:45:FE:91:AB:20:C9:91:A8:82:A9:50:8D:DF:FC:A5:8E:23
Certificate issuer: /CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Certificate serial: 01856C9CB7995A7D5F3DFBC0E2C13884E18F
Authority key identifier: D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/TmAkRf6RqyDJkaiCqVCN3_yljiM.roa
Signing time: Sun 01 Jan 2023 09:14:48 +0000
ROA not before: Sun 01 Jan 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208614
IP address blocks: 2001:678:aa0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:b7:99:5a:7d:5f:3d:fb:c0:e2:c1:38:84:e1:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Validity
Not Before: Jan 1 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e602445fe91ab20c991a882a9508ddffca58e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:62:7c:5e:0e:d6:e7:9f:0b:59:b9:cf:65:
71:20:80:2b:f1:4c:70:57:e5:08:38:e4:19:44:6b:
9d:10:ff:dc:f4:32:c6:04:84:cb:14:cb:03:2b:92:
9a:fc:b8:b1:4a:90:25:94:3d:00:39:f4:34:76:12:
39:ac:8f:fa:25:b8:c8:4c:80:9d:47:73:86:2f:de:
97:ea:5f:e7:ba:d4:77:7a:f8:5b:1b:45:a5:c1:cc:
d3:b1:63:92:08:18:99:d8:c7:b6:07:dc:5d:bf:42:
1b:c0:b0:e2:48:db:62:06:d0:18:54:e7:02:cd:d5:
ef:5f:8f:09:76:2a:9b:60:17:ae:b9:ce:1d:d2:94:
e8:ea:19:82:78:09:5f:7f:3c:49:fc:1e:49:57:8b:
ad:b3:6a:62:1f:ca:5c:46:99:76:60:81:93:b0:03:
4f:b9:c6:54:1f:e3:5a:80:02:85:b1:8d:9a:16:2a:
91:db:24:d7:8c:db:2f:55:e9:ea:5d:9c:a7:17:bd:
0a:3f:ca:2f:99:ab:7c:4d:c9:04:e6:f9:f9:af:1a:
dd:39:7d:e8:bb:59:5a:0a:3e:fd:b4:92:7f:67:1e:
b4:32:f6:ec:ce:fa:a5:56:af:a4:90:27:46:4c:ad:
18:b6:45:48:29:f3:54:32:50:13:13:f6:bb:b8:e1:
2c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:60:24:45:FE:91:AB:20:C9:91:A8:82:A9:50:8D:DF:FC:A5:8E:23
X509v3 Authority Key Identifier:
keyid:D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/TmAkRf6RqyDJkaiCqVCN3_yljiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:aa0::/48
Signature Algorithm: sha256WithRSAEncryption
41:7d:4f:3b:ae:23:5d:14:37:79:7f:c8:2b:32:37:2a:da:fe:
4c:0c:74:a2:ba:2b:02:62:25:bf:a1:02:59:5c:03:c4:bd:ff:
d8:19:28:0b:53:a3:25:3c:85:2d:e3:ec:2a:1a:d4:da:88:6c:
67:8f:89:98:a2:d2:1d:e8:3a:e0:b8:44:7b:62:6f:ac:04:5f:
c0:38:85:f0:f2:9d:11:77:a0:db:f2:c9:39:5a:2d:80:88:91:
b0:62:b5:ae:c8:06:11:f3:fd:77:bb:0a:0c:b7:91:72:c8:a6:
63:7f:d0:51:1c:e1:0c:26:5a:3a:39:5d:f9:6d:b4:2a:06:96:
b0:8c:c1:04:87:8d:59:15:49:aa:c2:cd:fe:58:5b:4c:ff:11:
9c:4c:c0:92:32:18:af:a4:94:63:11:c4:ad:6f:bd:ce:3d:4f:
85:ff:23:86:92:16:a8:e4:1f:b5:08:12:1b:45:7c:fb:a9:44:
ec:76:7c:b4:ba:28:32:02:18:88:be:37:e9:8e:04:80:5d:4f:
f8:86:1f:c5:ef:cf:ca:66:dc:28:81:d6:90:0f:09:79:69:b4:
d1:65:e4:51:2d:92:72:3c:8a:33:1c:c5:6f:f0:d6:2e:9e:1b:
e3:2f:93:a4:1a:71:7c:c3:53:86:88:93:d8:a2:04:f7:31:7c:
81:38:3d:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsnLeZWn1fPfvA4sE4hOGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODk3MWVhMWQyMmI1ZWNkYTFhOTc1OWYwNWMyNmM4YzU2
YTQ2OGMwHhcNMjMwMTAxMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYwMjQ0NWZlOTFhYjIwYzk5MWE4ODJhOTUwOGRkZmZjYTU4ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApylifF4O1uefC1m5z2VxIIAr8Uxw
V+UIOOQZRGudEP/c9DLGBITLFMsDK5Ka/LixSpAllD0AOfQ0dhI5rI/6JbjITICd
R3OGL96X6l/nutR3evhbG0WlwczTsWOSCBiZ2Me2B9xdv0IbwLDiSNtiBtAYVOcC
zdXvX48JdiqbYBeuuc4d0pTo6hmCeAlffzxJ/B5JV4uts2piH8pcRpl2YIGTsANP
ucZUH+NagAKFsY2aFiqR2yTXjNsvVenqXZynF70KP8ovmat8TckE5vn5rxrdOX3o
u1laCj79tJJ/Zx60MvbszvqlVq+kkCdGTK0YtkVIKfNUMlATE/a7uOEsYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE5gJEX+kasgyZGogqlQjd/8pY4jMB8GA1UdIwQY
MBaAFNaJceodIrXs2hqXWfBcJsjFakaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEt
YTQ3NTQwZmVkNGI5LzEvVG1Ba1JmNlJxeURKa2FpQ3FWQ04zX3lsamlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEtYTQ3NTQwZmVkNGI5
LzEvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBBfU87riNdFDd5f8grMjcq2v5MDHSiuisCYiW/
oQJZXAPEvf/YGSgLU6MlPIUt4+wqGtTaiGxnj4mYotId6DrguER7Ym+sBF/AOIXw
8p0Rd6Db8sk5Wi2AiJGwYrWuyAYR8/13uwoMt5FyyKZjf9BRHOEMJlo6OV35bbQq
BpawjMEEh41ZFUmqws3+WFtM/xGcTMCSMhivpJRjEcStb73OPU+F/yOGkhao5B+1
CBIbRXz7qUTsdny0uigyAhiIvjfpjgSAXU/4hh/F78/KZtwogdaQDwl5abTRZeRR
LZJyPIozHMVv8NYunhvjL5OkGnF8w1OGiJPYogT3MXyBOD25
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:56 2024 by rpki-client on console-fra.rpki-client.org