Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa
File: I4-6ykdMVyDdOr67d-lX27yjYqg.roa (raw, json)
Hash identifier: kmJeYHX/axnRiphM59fhHrbd31zJZvuLveIEBIbkN38=
Subject key identifier: 23:8F:BA:CA:47:4C:57:20:DD:3A:BE:BB:77:E9:57:DB:BC:A3:62:A8
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018571C310212D93C9B7052C3A0EF23CF483
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa
Signing time: Mon 02 Jan 2023 09:14:47 +0000
ROA not before: Mon 02 Jan 2023 09:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207080
IP address blocks: 2a0b:6b86:400::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:10:21:2d:93:c9:b7:05:2c:3a:0e:f2:3c:f4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 2 09:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=238fbaca474c5720dd3abebb77e957dbbca362a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:0f:f0:54:a6:4a:5f:0b:78:24:cd:de:98:
af:a3:71:db:f7:d9:e2:15:02:a4:ab:6b:07:7b:66:
4e:b6:22:05:36:fe:b6:ae:63:28:e7:46:ea:c0:a2:
89:06:5f:14:e4:e4:0e:24:02:b4:33:b7:f9:06:7e:
74:9c:df:fb:36:b0:7d:c2:a7:35:e4:12:0a:dd:2f:
05:6b:6c:8a:78:0a:2c:f6:b6:81:2d:75:17:25:54:
79:48:5b:1f:ff:69:17:7a:85:1f:ea:0a:16:ef:5e:
93:23:b5:66:77:96:1b:cd:21:fb:ef:aa:14:6d:b4:
5f:f7:cd:de:5d:e7:d5:56:09:94:50:d9:17:14:7e:
e5:23:94:c1:3b:39:ff:51:3e:41:ce:ec:22:24:98:
cb:91:d8:4c:ce:f7:43:d8:2f:37:90:46:d2:8b:3d:
b7:44:c3:fe:d5:d0:a9:97:35:83:26:e5:b0:25:29:
15:ba:55:ee:58:4b:af:fa:0d:99:89:f8:cc:bb:c7:
51:75:36:44:9e:e6:84:d5:25:e8:03:cb:f3:cd:f4:
6d:b5:ca:be:c4:a4:6b:0c:4a:11:10:da:8e:1b:e1:
c7:b5:e7:ca:09:37:a8:60:65:9f:5c:27:5b:2e:ad:
6a:5a:0b:ca:58:f4:0b:f5:0e:9f:7d:81:a8:ec:74:
38:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8F:BA:CA:47:4C:57:20:DD:3A:BE:BB:77:E9:57:DB:BC:A3:62:A8
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/I4-6ykdMVyDdOr67d-lX27yjYqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:400::/40
Signature Algorithm: sha256WithRSAEncryption
15:e1:9f:f9:73:d5:7b:f2:c0:b9:e5:2f:7a:c7:d0:83:e1:28:
81:d2:50:58:df:2e:c6:ee:25:80:fd:0e:94:d3:00:75:30:29:
9d:fe:d2:6e:c1:50:7a:e5:46:9a:bf:48:b2:50:76:1e:48:4f:
17:cf:58:ba:eb:fc:5f:26:b7:e6:60:b8:4d:99:6e:ab:4b:32:
f0:7e:c5:80:e4:2e:fc:49:7d:48:aa:2c:38:15:d9:e1:6f:83:
bc:dd:e7:72:d9:d9:54:2f:01:0f:97:6a:fd:57:f7:e1:27:12:
4a:5b:5e:7b:87:76:58:63:9d:07:2d:3b:6c:dc:77:ed:b2:cf:
38:b0:49:56:b7:fe:28:3d:3e:7c:bf:0f:3e:80:d2:ab:04:67:
da:32:ff:1a:04:f9:36:23:14:b3:8c:fc:d2:5b:6c:e3:d8:92:
03:64:3c:8c:1c:44:22:95:9f:3c:4c:63:40:96:d5:ed:04:01:
0c:5c:ee:c3:31:32:b2:0c:0a:f0:a0:92:65:a1:fe:f0:20:dc:
21:0d:c7:e1:40:18:85:d7:be:3e:19:ec:a7:6b:74:9b:a2:03:
13:3f:81:9e:a7:56:7a:9b:3f:49:cc:e1:02:8b:9e:bd:1d:fe:
ce:21:91:f8:ee:63:a1:43:fe:83:05:b9:f8:78:58:db:a8:1b:
ba:7a:80:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwxAhLZPJtwUsOg7yPPSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhmYmFjYTQ3NGM1NzIwZGQzYWJlYmI3N2U5NTdkYmJjYTM2MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLAP8FSmSl8LeCTN3pivo3Hb99ni
FQKkq2sHe2ZOtiIFNv62rmMo50bqwKKJBl8U5OQOJAK0M7f5Bn50nN/7NrB9wqc1
5BIK3S8Fa2yKeAos9raBLXUXJVR5SFsf/2kXeoUf6goW716TI7Vmd5YbzSH776oU
bbRf983eXefVVgmUUNkXFH7lI5TBOzn/UT5BzuwiJJjLkdhMzvdD2C83kEbSiz23
RMP+1dCplzWDJuWwJSkVulXuWEuv+g2ZifjMu8dRdTZEnuaE1SXoA8vzzfRttcq+
xKRrDEoRENqOG+HHtefKCTeoYGWfXCdbLq1qWgvKWPQL9Q6ffYGo7HQ49wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCOPuspHTFcg3Tq+u3fpV9u8o2KoMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvSTQtNnlrZE1WeURkT3I2N2QtbFgyN3lqWXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhgQw
DQYJKoZIhvcNAQELBQADggEBABXhn/lz1XvywLnlL3rH0IPhKIHSUFjfLsbuJYD9
DpTTAHUwKZ3+0m7BUHrlRpq/SLJQdh5ITxfPWLrr/F8mt+ZguE2ZbqtLMvB+xYDk
LvxJfUiqLDgV2eFvg7zd53LZ2VQvAQ+Xav1X9+EnEkpbXnuHdlhjnQctO2zcd+2y
zziwSVa3/ig9Pny/Dz6A0qsEZ9oy/xoE+TYjFLOM/NJbbOPYkgNkPIwcRCKVnzxM
Y0CW1e0EAQxc7sMxMrIMCvCgkmWh/vAg3CENx+FAGIXXvj4Z7KdrdJuiAxM/gZ6n
VnqbP0nM4QKLnr0d/s4hkfjuY6FD/oMFufh4WNuoG7p6gEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:24 2024 by rpki-client on console-fra.rpki-client.org