Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ijMDh1o3-hS9NSRcGP5lqvA2P7E.roa
File: ijMDh1o3-hS9NSRcGP5lqvA2P7E.roa (raw, json)
Hash identifier: IynBvetHu5jsxo7iDm14/UgSqIuMvTRBZJ/s0QkCpQo=
Subject key identifier: 8A:33:03:87:5A:37:FA:14:BD:35:24:5C:18:FE:65:AA:F0:36:3F:B1
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FF5092E312E7E1041C78AE382A0C7
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ijMDh1o3-hS9NSRcGP5lqvA2P7E.roa
Signing time: Sun 01 Jan 2023 21:14:51 +0000
ROA not before: Sun 01 Jan 2023 21:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208679
IP address blocks: 2a0e:aa07:e035::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:f5:09:2e:31:2e:7e:10:41:c7:8a:e3:82:a0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a3303875a37fa14bd35245c18fe65aaf0363fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a2:a4:c4:53:f8:2b:b1:27:d9:ea:ad:c6:37:
12:0f:a2:4d:13:3a:36:08:65:16:15:4e:88:30:cb:
e7:25:d3:98:44:9e:ec:41:c1:9c:a4:76:5b:74:93:
79:71:66:2d:20:a0:30:bc:d4:2f:39:ca:2b:00:2b:
28:f5:60:40:f9:c2:e9:87:aa:fb:a4:42:cd:c9:99:
c3:ef:ee:d0:e9:c1:1c:0e:46:1b:e0:88:ef:49:99:
f4:a4:96:43:cb:3d:68:ac:b5:09:21:80:74:12:b3:
d1:f5:79:ff:4a:cc:25:2f:73:f1:fc:d0:f3:c8:e0:
9c:24:cb:7f:fd:5a:98:30:dd:89:26:f0:24:f5:e6:
49:54:58:79:98:88:ee:3f:92:05:29:36:b7:88:cc:
66:47:39:a8:3f:bf:84:31:12:f2:05:bd:49:bd:11:
48:3d:a6:36:52:13:d2:16:77:fa:b2:34:9b:0e:c5:
59:5a:31:93:75:f1:cd:26:2f:26:95:87:2a:35:02:
bf:3b:30:f8:63:d2:98:91:75:1a:d8:4f:79:4a:8e:
fa:88:da:c3:4c:a5:8b:a7:86:41:85:76:9e:7d:c8:
72:a4:2d:f6:87:da:a5:e3:3a:38:02:1e:da:ea:b9:
0d:f0:e9:09:26:16:3c:d2:32:a7:8e:3b:17:18:a2:
c2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:33:03:87:5A:37:FA:14:BD:35:24:5C:18:FE:65:AA:F0:36:3F:B1
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ijMDh1o3-hS9NSRcGP5lqvA2P7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e035::/48
Signature Algorithm: sha256WithRSAEncryption
b8:03:a0:5d:f5:0b:31:06:9c:8a:29:31:3e:31:c5:91:54:00:
b9:c6:d9:73:62:cf:2a:df:36:a0:0e:27:ef:3c:1d:4a:c3:e5:
b4:5c:b1:f9:a2:ca:59:e5:9e:23:86:1d:ab:fc:9d:c9:fe:ad:
fa:15:f7:41:58:37:9e:d1:14:c8:29:41:2f:6d:97:c1:3b:bf:
4b:a5:4f:b8:7c:d6:d9:f4:a3:23:73:26:17:b4:ea:0d:80:4d:
b0:15:80:28:f3:b8:e4:62:72:73:80:17:72:83:32:a2:8e:d6:
9f:ce:34:8f:97:85:44:b2:d9:8b:6e:9e:58:b5:8d:7b:63:f4:
a9:9e:5d:5b:ab:e3:27:24:9e:36:24:32:b0:7c:23:99:cf:fd:
74:57:87:e4:9d:19:df:87:6c:42:ed:2c:35:c5:8f:0c:9d:7d:
eb:66:06:61:6a:da:8b:ce:dc:bc:8e:9b:71:5e:19:cb:a8:21:
1c:3a:09:80:ce:f5:eb:e0:94:71:b8:25:4f:15:76:c5:d1:04:
93:07:d4:16:c6:9a:26:d1:db:81:3d:38:8f:5d:af:f8:80:74:
59:30:02:f3:8e:9b:4c:74:77:0d:38:07:39:6d:8c:33:f7:9f:
e4:35:67:56:22:98:18:a9:d5:b2:1d:73:86:ae:b7:26:c3:d8:
0e:6c:64:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL/UJLjEufhBBx4rjgqDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTMzMDM4NzVhMzdmYTE0YmQzNTI0NWMxOGZlNjVhYWYwMzYzZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6KkxFP4K7En2eqtxjcSD6JNEzo2
CGUWFU6IMMvnJdOYRJ7sQcGcpHZbdJN5cWYtIKAwvNQvOcorACso9WBA+cLph6r7
pELNyZnD7+7Q6cEcDkYb4IjvSZn0pJZDyz1orLUJIYB0ErPR9Xn/SswlL3Px/NDz
yOCcJMt//VqYMN2JJvAk9eZJVFh5mIjuP5IFKTa3iMxmRzmoP7+EMRLyBb1JvRFI
PaY2UhPSFnf6sjSbDsVZWjGTdfHNJi8mlYcqNQK/OzD4Y9KYkXUa2E95So76iNrD
TKWLp4ZBhXaefchypC32h9ql4zo4Ah7a6rkN8OkJJhY80jKnjjsXGKLCVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIozA4daN/oUvTUkXBj+ZarwNj+xMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvaWpNRGgxbzMtaFM5TlNSY0dQNWxxdkEyUDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+A1
MA0GCSqGSIb3DQEBCwUAA4IBAQC4A6Bd9QsxBpyKKTE+McWRVAC5xtlzYs8q3zag
DifvPB1Kw+W0XLH5ospZ5Z4jhh2r/J3J/q36FfdBWDee0RTIKUEvbZfBO79LpU+4
fNbZ9KMjcyYXtOoNgE2wFYAo87jkYnJzgBdygzKijtafzjSPl4VEstmLbp5YtY17
Y/Spnl1bq+MnJJ42JDKwfCOZz/10V4fknRnfh2xC7Sw1xY8MnX3rZgZhatqLzty8
jptxXhnLqCEcOgmAzvXr4JRxuCVPFXbF0QSTB9QWxpom0duBPTiPXa/4gHRZMALz
jptMdHcNOAc5bYwz95/kNWdWIpgYqdWyHXOGrrcmw9gObGTC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org