Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Y37DmyOvHIMHmCavQ2edkC7j8t4.roa
File: Y37DmyOvHIMHmCavQ2edkC7j8t4.roa (raw, json)
Hash identifier: rE36BiX254vgJIfV4bUyPEB8lpLLrefVowAQc/1j0cQ=
Subject key identifier: 63:7E:C3:9B:23:AF:1C:83:07:98:26:AF:43:67:9D:90:2E:E3:F2:DE
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F3002AE7AC16DAF72BA43C41433AF3D
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Y37DmyOvHIMHmCavQ2edkC7j8t4.roa
Signing time: Sun 01 Jan 2023 21:14:55 +0000
ROA not before: Sun 01 Jan 2023 21:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210903
IP address blocks: 2a0e:aa07:e200::/44 maxlen: 48
2a0e:aa07:e025::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:02:ae:7a:c1:6d:af:72:ba:43:c4:14:33:af:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=637ec39b23af1c83079826af43679d902ee3f2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:29:e2:1e:43:14:d8:6c:f5:32:cc:17:e8:
aa:ac:11:3f:e9:d1:2a:ca:44:22:92:a0:40:25:c1:
2d:f5:5a:d6:b7:8f:49:11:e5:52:3b:0f:c3:9b:0b:
1c:89:d9:65:a6:9f:18:86:e2:cb:ba:43:2b:76:5c:
82:47:d4:ed:e5:4c:b8:aa:1e:02:20:1f:1d:41:53:
56:cf:e1:3a:b7:0f:d1:7a:25:3a:4b:ae:89:c3:da:
e2:75:ef:e7:f0:fb:06:d3:1b:bd:43:1c:ec:b6:1a:
c4:5a:0f:ad:b1:05:f5:46:46:53:b4:af:0d:d2:db:
4c:39:81:d1:2d:8d:f7:da:e4:06:9c:f7:37:ca:c2:
f8:87:68:03:5b:4d:85:94:45:b8:e0:81:1f:52:87:
0d:f1:d3:df:71:59:37:9e:cb:07:7f:96:35:87:0e:
a3:4a:db:66:3e:15:51:2d:9c:09:8d:3d:51:1d:2e:
3d:fa:46:4f:10:a7:98:84:2b:1d:05:73:e5:59:0b:
14:fa:b5:35:59:d7:d8:16:66:f9:a8:bd:c7:5b:30:
60:96:e6:62:5b:d1:d1:20:18:09:1e:6c:4e:01:59:
96:c0:85:9a:e3:f6:c9:00:cf:a2:f7:91:26:f0:f7:
c8:64:05:bf:a1:75:8c:74:34:40:cb:e5:4a:ff:4e:
59:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7E:C3:9B:23:AF:1C:83:07:98:26:AF:43:67:9D:90:2E:E3:F2:DE
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Y37DmyOvHIMHmCavQ2edkC7j8t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e025::/48
2a0e:aa07:e200::/44
Signature Algorithm: sha256WithRSAEncryption
1b:d9:47:15:05:00:08:e2:1e:cb:0f:b8:78:f1:37:dc:40:1c:
65:e0:c4:87:e4:46:6a:e6:d0:38:fe:57:27:6d:e2:8e:75:ad:
40:28:0e:d7:1f:4c:6e:86:0d:4c:0d:88:3e:0a:72:c4:05:de:
a2:c7:60:0b:39:29:b6:c7:c4:d2:d4:fd:df:f9:5d:a8:3d:3a:
7c:3d:b0:06:32:24:c6:fc:05:e7:6e:0f:f6:c3:87:fa:bc:f3:
ee:f4:f9:e9:2a:98:90:32:f3:7e:2e:5b:cd:0d:57:05:6c:38:
f7:42:08:be:b4:56:b4:0c:cd:73:49:36:07:e9:a5:6b:3c:ef:
13:8d:74:95:95:32:25:ff:8e:b5:1b:ff:4f:19:6b:2e:58:40:
2f:f0:2b:a1:d9:ea:9d:88:d7:30:7a:f2:4d:7b:11:87:a7:be:
59:57:80:5b:e4:63:12:39:6c:74:78:ab:2a:2b:25:86:e4:50:
cf:25:76:06:40:e8:34:de:0c:88:65:dc:12:e6:44:09:a1:b2:
d8:53:a4:ca:b4:11:3e:a6:9f:1b:84:59:e9:74:d9:69:71:fe:
09:39:b3:13:13:95:30:91:41:29:b7:96:64:1f:f2:6e:df:ff:
dd:b1:d4:37:5b:07:07:b7:1b:7d:e6:a8:5c:00:b6:c0:1a:e1:
18:38:a0:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvMAKuesFtr3K6Q8QUM689MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdlYzM5YjIzYWYxYzgzMDc5ODI2YWY0MzY3OWQ5MDJlZTNmMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEIp4h5DFNhs9TLMF+iqrBE/6dEq
ykQikqBAJcEt9VrWt49JEeVSOw/Dmwscidllpp8YhuLLukMrdlyCR9Tt5Uy4qh4C
IB8dQVNWz+E6tw/ReiU6S66Jw9ride/n8PsG0xu9QxzsthrEWg+tsQX1RkZTtK8N
0ttMOYHRLY332uQGnPc3ysL4h2gDW02FlEW44IEfUocN8dPfcVk3nssHf5Y1hw6j
SttmPhVRLZwJjT1RHS49+kZPEKeYhCsdBXPlWQsU+rU1WdfYFmb5qL3HWzBgluZi
W9HRIBgJHmxOAVmWwIWa4/bJAM+i95Em8PfIZAW/oXWMdDRAy+VK/05ZWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGN+w5sjrxyDB5gmr0NnnZAu4/LeMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvWTM3RG15T3ZISU1IbUNhdlEyZWRrQzdqOHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6qB+Al
AwcEKg6qB+IAMA0GCSqGSIb3DQEBCwUAA4IBAQAb2UcVBQAI4h7LD7h48TfcQBxl
4MSH5EZq5tA4/lcnbeKOda1AKA7XH0xuhg1MDYg+CnLEBd6ix2ALOSm2x8TS1P3f
+V2oPTp8PbAGMiTG/AXnbg/2w4f6vPPu9PnpKpiQMvN+LlvNDVcFbDj3Qgi+tFa0
DM1zSTYH6aVrPO8TjXSVlTIl/461G/9PGWsuWEAv8Cuh2eqdiNcwevJNexGHp75Z
V4Bb5GMSOWx0eKsqKyWG5FDPJXYGQOg03gyIZdwS5kQJobLYU6TKtBE+pp8bhFnp
dNlpcf4JObMTE5UwkUEpt5ZkH/Ju3//dsdQ3WwcHtxt95qhcALbAGuEYOKCP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org