Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/N1TY5gvJI2ihnXB7t8IREsq8tw0.roa
File: N1TY5gvJI2ihnXB7t8IREsq8tw0.roa (raw, json)
Hash identifier: 03sNkUrn2sCLFJvE2b4iwkQVJRvVJ1BpXo2JbWXo4Ic=
Subject key identifier: 37:54:D8:E6:0B:C9:23:68:A1:9D:70:7B:B7:C2:11:12:CA:BC:B7:0D
Certificate issuer: /CN=8f4ebe6064aab03f269e22815acd4949a6fb7265
Certificate serial: 01856F3919B005532D029D49EA4C2E494B66
Authority key identifier: 8F:4E:BE:60:64:AA:B0:3F:26:9E:22:81:5A:CD:49:49:A6:FB:72:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j06-YGSqsD8mniKBWs1JSab7cmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/N1TY5gvJI2ihnXB7t8IREsq8tw0.roa
Signing time: Sun 01 Jan 2023 21:24:51 +0000
ROA not before: Sun 01 Jan 2023 21:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12676
IP address blocks: 2a0b:f440:11::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:19:b0:05:53:2d:02:9d:49:ea:4c:2e:49:4b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ebe6064aab03f269e22815acd4949a6fb7265
Validity
Not Before: Jan 1 21:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3754d8e60bc92368a19d707bb7c21112cabcb70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8e:34:c2:40:ee:91:73:ea:d9:fb:99:90:d6:
c0:d9:a4:db:27:51:05:29:d9:ca:24:61:09:30:61:
6d:80:97:25:17:0b:4b:ac:b5:76:46:95:f6:ec:21:
12:dd:91:0e:44:69:83:3b:ae:3d:13:a3:08:41:ab:
32:39:71:82:ba:b3:b4:98:53:11:ed:63:bd:a0:84:
07:1a:ab:2a:02:ed:21:1e:93:65:35:ff:03:5d:30:
43:37:3d:90:e6:cb:ba:6b:2c:f8:2c:cb:96:d9:34:
66:f1:a5:ac:60:df:c8:e9:7d:51:dc:26:cb:84:91:
44:49:9c:56:25:aa:e5:db:b5:9a:f9:65:cf:5f:1a:
4e:4b:10:72:6d:14:e3:3b:e9:cc:c4:ab:7a:02:57:
16:bb:c2:b8:51:cf:db:58:24:4a:2b:26:2c:79:26:
b7:ac:4b:14:c4:28:9f:80:f7:f5:0b:c5:2b:57:41:
7d:40:81:56:7e:46:30:1b:9e:98:aa:ef:e9:c6:03:
9f:32:07:dc:ad:2b:7f:ea:72:ab:eb:a0:bf:14:6a:
55:33:6c:43:48:8c:fc:ab:31:61:3b:f9:c2:95:7c:
a3:e2:c9:de:2b:ce:51:f0:d8:50:3c:f1:e9:70:18:
1f:af:80:5f:04:c6:06:78:2b:fd:cb:04:44:09:75:
83:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:54:D8:E6:0B:C9:23:68:A1:9D:70:7B:B7:C2:11:12:CA:BC:B7:0D
X509v3 Authority Key Identifier:
keyid:8F:4E:BE:60:64:AA:B0:3F:26:9E:22:81:5A:CD:49:49:A6:FB:72:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j06-YGSqsD8mniKBWs1JSab7cmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/N1TY5gvJI2ihnXB7t8IREsq8tw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/d2987d-3db9-40ce-9554-16c350b7d79d/1/j06-YGSqsD8mniKBWs1JSab7cmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:f440:11::/48
Signature Algorithm: sha256WithRSAEncryption
8d:8c:11:24:9c:fb:6f:f6:e7:23:60:5b:7a:62:04:64:a5:95:
00:5f:1a:60:45:76:97:af:cd:d8:24:7b:ae:9f:e2:b2:85:63:
52:58:3a:82:8d:66:7f:01:f8:f0:e0:29:88:bb:44:09:d8:43:
2a:76:9b:71:1e:32:73:a9:63:b3:2d:26:f6:89:02:ad:9c:28:
b0:da:17:62:4a:6b:0c:b0:b0:65:9c:e2:3e:af:8d:05:d7:cd:
3c:cb:05:08:aa:47:ad:1f:79:95:1c:94:23:34:c2:97:16:a1:
cc:c1:e1:ae:6d:b6:9a:58:80:f9:a2:6a:13:51:5b:a0:22:af:
c2:81:7b:39:c2:73:e7:34:10:f6:b4:c6:ce:9a:04:aa:b2:e5:
9f:0c:c6:2f:81:b9:3f:3c:44:24:f5:53:31:b8:b3:74:bb:ab:
b6:10:7e:39:3c:67:11:fe:ca:6c:0b:54:c6:9c:a4:1c:ce:cd:
c2:33:e1:c4:3a:f5:2d:2e:80:f1:cc:dd:8c:3b:5e:73:90:a3:
74:1d:6b:1c:ef:7f:32:c3:75:e8:1e:f8:4a:8f:85:bd:fb:f2:
8f:1a:c3:55:47:75:62:f9:e3:76:d6:74:85:b7:04:23:6a:52:
ba:b8:89:e4:22:5f:5e:e1:e5:18:b1:01:f6:32:27:1d:90:7a:
cf:2e:69:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvORmwBVMtAp1J6kwuSUtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNGViZTYwNjRhYWIwM2YyNjllMjI4MTVhY2Q0OTQ5YTZm
YjcyNjUwHhcNMjMwMTAxMjEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzU0ZDhlNjBiYzkyMzY4YTE5ZDcwN2JiN2MyMTExMmNhYmNiNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI40wkDukXPq2fuZkNbA2aTbJ1EF
KdnKJGEJMGFtgJclFwtLrLV2RpX27CES3ZEORGmDO649E6MIQasyOXGCurO0mFMR
7WO9oIQHGqsqAu0hHpNlNf8DXTBDNz2Q5su6ayz4LMuW2TRm8aWsYN/I6X1R3CbL
hJFESZxWJarl27Wa+WXPXxpOSxBybRTjO+nMxKt6AlcWu8K4Uc/bWCRKKyYseSa3
rEsUxCifgPf1C8UrV0F9QIFWfkYwG56Yqu/pxgOfMgfcrSt/6nKr66C/FGpVM2xD
SIz8qzFhO/nClXyj4sneK85R8NhQPPHpcBgfr4BfBMYGeCv9ywRECXWDEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDdU2OYLySNooZ1we7fCERLKvLcNMB8GA1UdIwQY
MBaAFI9OvmBkqrA/Jp4igVrNSUmm+3JlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajA2LVlHU3FzRDhtbmlLQldzMUpTYWI3Y21VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9kMjk4N2QtM2RiOS00MGNlLTk1NTQt
MTZjMzUwYjdkNzlkLzEvTjFUWTVndkpJMmloblhCN3Q4SVJFc3E4dHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9kMjk4N2QtM2RiOS00MGNlLTk1NTQtMTZjMzUwYjdkNzlk
LzEvajA2LVlHU3FzRDhtbmlLQldzMUpTYWI3Y21VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgv0QAAR
MA0GCSqGSIb3DQEBCwUAA4IBAQCNjBEknPtv9ucjYFt6YgRkpZUAXxpgRXaXr83Y
JHuun+KyhWNSWDqCjWZ/Afjw4CmIu0QJ2EMqdptxHjJzqWOzLSb2iQKtnCiw2hdi
SmsMsLBlnOI+r40F1808ywUIqketH3mVHJQjNMKXFqHMweGubbaaWID5omoTUVug
Iq/CgXs5wnPnNBD2tMbOmgSqsuWfDMYvgbk/PEQk9VMxuLN0u6u2EH45PGcR/sps
C1TGnKQczs3CM+HEOvUtLoDxzN2MO15zkKN0HWsc738yw3XoHvhKj4W9+/KPGsNV
R3Vi+eN21nSFtwQjalK6uInkIl9e4eUYsQH2MicdkHrPLmnl
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:59 2024 by rpki-client on console-ams.rpki-client.org