Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/8nrlSopMrcpJxsiKdgub8wf8SSg.roa
File: 8nrlSopMrcpJxsiKdgub8wf8SSg.roa (raw, json)
Hash identifier: UCLBVBqYo3epaMmxlVEH3ypHefXxAV1jSE6h4yOTQDg=
Subject key identifier: F2:7A:E5:4A:8A:4C:AD:CA:49:C6:C8:8A:76:0B:9B:F3:07:FC:49:28
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018571C310FD4DF358F1D3B4F127F9E09ECC
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/8nrlSopMrcpJxsiKdgub8wf8SSg.roa
Signing time: Mon 02 Jan 2023 09:14:47 +0000
ROA not before: Mon 02 Jan 2023 09:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211387
IP address blocks: 2a0b:6b86:f00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:10:fd:4d:f3:58:f1:d3:b4:f1:27:f9:e0:9e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 2 09:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f27ae54a8a4cadca49c6c88a760b9bf307fc4928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b5:26:e2:58:dc:bb:13:a8:e5:a1:ba:98:0f:
96:9b:91:8a:02:bc:04:6b:27:69:db:d3:94:b1:4d:
02:31:f1:4d:39:96:6c:8b:4a:7e:46:89:83:91:05:
60:c7:d8:15:fa:10:85:13:8b:e1:56:73:f7:cb:db:
03:08:03:16:2f:b5:9b:b0:fe:81:32:e5:13:15:04:
14:99:62:42:a6:56:d5:99:78:36:d5:37:0a:e2:32:
df:1a:c5:9a:03:c3:91:ff:92:ca:95:45:97:94:12:
2c:b8:87:1b:61:1f:cb:29:a5:89:82:6b:4f:d8:e0:
f9:29:1a:81:94:aa:0f:9a:46:58:de:bc:b6:65:b5:
c7:39:72:8b:6c:26:69:eb:c3:43:fb:b0:2f:ca:d6:
21:ae:b9:6a:73:68:c5:44:9f:c2:2b:af:35:f1:d3:
b6:0b:13:a7:bd:8d:ff:b6:03:f5:73:8c:d3:25:9b:
47:1c:bb:2f:88:27:24:b3:69:73:d4:b8:23:e3:53:
7b:ac:95:05:a5:3f:7d:10:f8:70:f3:6c:4d:d2:a7:
5f:33:dc:3a:66:b4:67:9e:43:80:ef:a4:2f:34:76:
96:a7:03:3e:92:24:6f:b7:26:cf:bc:da:b7:ad:c1:
ff:a2:3a:d1:62:76:83:da:78:7f:66:11:c0:bd:d6:
8c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7A:E5:4A:8A:4C:AD:CA:49:C6:C8:8A:76:0B:9B:F3:07:FC:49:28
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/8nrlSopMrcpJxsiKdgub8wf8SSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:f00::/40
Signature Algorithm: sha256WithRSAEncryption
4b:9c:a5:24:6c:a7:39:c9:5e:31:1f:8d:b6:01:19:36:c9:39:
03:19:ec:e1:d4:12:89:1e:6b:07:e2:56:79:14:eb:69:38:b7:
0e:33:35:ce:a6:63:30:73:fd:b9:b9:c0:63:cc:d4:61:2c:df:
ee:19:e6:36:5f:dd:cb:b5:05:aa:fd:31:d7:6b:47:08:0d:7f:
4f:87:08:69:64:4e:b5:51:26:91:11:c9:d3:14:78:8f:38:9a:
93:16:96:34:43:6a:54:9d:70:64:b2:ee:ea:61:17:75:7d:99:
bf:b3:2d:0d:04:ad:78:52:a4:0a:26:d8:48:ef:69:d0:90:70:
59:80:49:4e:e2:50:e4:6b:ef:44:02:79:2c:37:15:be:17:cf:
6b:83:d2:76:5d:95:78:c3:95:6f:8f:4e:24:5a:7b:83:7d:a6:
6f:1a:82:db:44:89:5e:31:db:9f:e5:25:05:5e:05:99:15:38:
0a:e1:a1:f5:b7:11:58:89:e2:78:3a:01:d7:47:c1:58:59:49:
74:1d:66:ca:0a:a3:4d:47:1b:2f:71:cd:19:a0:1c:71:06:ed:
a9:2d:e1:c4:18:13:23:b7:b3:8c:5b:5a:0f:03:fe:5e:88:e9:
21:45:f8:b0:bf:12:d2:e3:e3:83:1e:66:be:d4:1d:e3:57:b2:
5e:ee:a7:82
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwxD9TfNY8dO08Sf54J7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdhZTU0YThhNGNhZGNhNDljNmM4OGE3NjBiOWJmMzA3ZmM0OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Um4ljcuxOo5aG6mA+Wm5GKArwE
aydp29OUsU0CMfFNOZZsi0p+RomDkQVgx9gV+hCFE4vhVnP3y9sDCAMWL7WbsP6B
MuUTFQQUmWJCplbVmXg21TcK4jLfGsWaA8OR/5LKlUWXlBIsuIcbYR/LKaWJgmtP
2OD5KRqBlKoPmkZY3ry2ZbXHOXKLbCZp68ND+7AvytYhrrlqc2jFRJ/CK6818dO2
CxOnvY3/tgP1c4zTJZtHHLsviCcks2lz1Lgj41N7rJUFpT99EPhw82xN0qdfM9w6
ZrRnnkOA76QvNHaWpwM+kiRvtybPvNq3rcH/ojrRYnaD2nh/ZhHAvdaMKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPJ65UqKTK3KScbIinYLm/MH/EkoMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvOG5ybFNvcE1yY3BKeHNpS2RndWI4d2Y4U1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhg8w
DQYJKoZIhvcNAQELBQADggEBAEucpSRspznJXjEfjbYBGTbJOQMZ7OHUEokeawfi
VnkU62k4tw4zNc6mYzBz/bm5wGPM1GEs3+4Z5jZf3cu1Bar9MddrRwgNf0+HCGlk
TrVRJpERydMUeI84mpMWljRDalSdcGSy7uphF3V9mb+zLQ0ErXhSpAom2EjvadCQ
cFmASU7iUORr70QCeSw3Fb4Xz2uD0nZdlXjDlW+PTiRae4N9pm8agttEiV4x25/l
JQVeBZkVOArhofW3EViJ4ng6AddHwVhZSXQdZsoKo01HGy9xzRmgHHEG7akt4cQY
EyO3s4xbWg8D/l6I6SFF+LC/EtLj44MeZr7UHeNXsl7up4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:14 2024 by rpki-client on console-ams.rpki-client.org