Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/iW3GZB5GZ0y-XLS3DIkTQFOFyXE.roa
File: iW3GZB5GZ0y-XLS3DIkTQFOFyXE.roa (raw, json)
Hash identifier: loUc3Eiuc9Ye2RpMtxeXJLz5oxiMOM3xWeF51S2+1us=
Subject key identifier: 89:6D:C6:64:1E:46:67:4C:BE:5C:B4:B7:0C:89:13:40:53:85:C9:71
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018571C30EFBD0944DBD8E32EF3C3A3F3E3D
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/iW3GZB5GZ0y-XLS3DIkTQFOFyXE.roa
Signing time: Mon 02 Jan 2023 09:14:46 +0000
ROA not before: Mon 02 Jan 2023 09:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205909
IP address blocks: 2a0b:6b86:600::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:0e:fb:d0:94:4d:bd:8e:32:ef:3c:3a:3f:3e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 2 09:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=896dc6641e46674cbe5cb4b70c8913405385c971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:72:81:c7:c5:a4:83:62:19:61:94:5d:7a:eb:
f8:b5:83:62:65:a5:fd:92:80:bc:f8:2f:37:98:dd:
ce:db:a3:d9:c0:69:b4:7f:8b:ba:4b:64:38:2c:4c:
6a:39:7c:c5:fc:f7:b1:5f:81:fa:c6:2b:84:99:ad:
50:1e:2d:66:cc:71:ff:cd:7f:cc:d7:76:35:f0:b2:
5a:82:77:6b:60:3d:24:8b:b6:60:85:1a:23:98:6f:
b3:6b:18:fe:76:4c:06:e7:ee:65:70:2e:5e:8e:73:
94:a4:2d:f2:43:54:fb:57:40:d0:d9:85:e2:7a:c0:
69:ec:96:3a:a4:e0:63:c3:31:7e:69:9e:50:9d:25:
5d:93:44:c2:22:82:a4:2f:0f:63:8b:01:60:eb:20:
8e:0f:84:9c:71:31:a8:00:56:4b:77:37:1d:d1:0f:
f7:65:a6:d7:7b:aa:0d:e9:ba:98:04:7c:69:25:5b:
59:45:8b:49:1f:45:44:f8:3c:78:87:57:44:e7:50:
8b:d1:32:4b:71:e3:4f:ba:b1:37:c0:c6:de:8b:40:
eb:ea:22:95:76:bd:5d:e5:57:f5:89:2a:31:e7:54:
7f:ac:0b:78:0b:6a:ee:be:27:73:30:6e:de:60:f0:
3f:6a:55:54:65:97:53:04:0f:a0:0b:14:a0:46:c4:
15:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6D:C6:64:1E:46:67:4C:BE:5C:B4:B7:0C:89:13:40:53:85:C9:71
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/iW3GZB5GZ0y-XLS3DIkTQFOFyXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:600::/40
Signature Algorithm: sha256WithRSAEncryption
ce:ee:5b:d1:4f:6d:28:ed:94:b8:09:49:5c:95:f2:5c:7b:1e:
5f:5e:2e:cf:79:db:db:ff:fa:bd:c0:57:bd:a0:f4:1d:c7:a7:
0d:2a:b9:db:ad:aa:bd:85:49:3c:87:ef:53:3a:74:88:f7:24:
91:98:32:a4:e2:1a:9c:10:d6:88:8a:4d:b0:8e:54:84:ad:d4:
99:67:82:7d:3b:03:7e:69:e1:3b:76:63:21:fa:d6:3d:61:5e:
e8:8e:3a:da:9a:11:6a:01:a0:1e:06:b3:85:bb:4c:02:cd:ae:
a0:ad:96:b9:14:31:91:d5:21:8d:59:57:1f:d3:12:b6:2a:13:
a4:e0:de:fc:10:a7:ca:4d:74:ca:83:7a:fd:e0:67:a8:65:8e:
a6:c5:ac:f5:5e:ed:0d:ac:7a:a0:16:d4:ee:d9:28:d3:f0:01:
7e:69:84:cf:cb:58:99:87:79:cd:b7:7e:4a:8a:6b:ab:47:c0:
f3:87:63:e2:34:e2:0a:4f:43:c1:b2:fb:df:3c:ca:19:d3:f7:
d3:5e:d1:44:79:ce:36:91:8f:12:83:59:c6:27:0d:35:fc:53:
96:86:2d:9c:a3:3a:a2:c1:bf:f2:a3:4b:a7:aa:49:cc:bd:40:
e5:51:32:7e:38:18:39:b0:9b:56:b2:c5:cd:9d:91:1b:66:6f:
f5:23:77:2d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxww770JRNvY4y7zw6Pz49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZkYzY2NDFlNDY2NzRjYmU1Y2I0YjcwYzg5MTM0MDUzODVjOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnKBx8Wkg2IZYZRdeuv4tYNiZaX9
koC8+C83mN3O26PZwGm0f4u6S2Q4LExqOXzF/PexX4H6xiuEma1QHi1mzHH/zX/M
13Y18LJagndrYD0ki7ZghRojmG+zaxj+dkwG5+5lcC5ejnOUpC3yQ1T7V0DQ2YXi
esBp7JY6pOBjwzF+aZ5QnSVdk0TCIoKkLw9jiwFg6yCOD4SccTGoAFZLdzcd0Q/3
ZabXe6oN6bqYBHxpJVtZRYtJH0VE+Dx4h1dE51CL0TJLceNPurE3wMbei0Dr6iKV
dr1d5Vf1iSox51R/rAt4C2ruvidzMG7eYPA/alVUZZdTBA+gCxSgRsQVrQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIltxmQeRmdMvly0twyJE0BThclxMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvaVczR1pCNUdaMHktWExTM0RJa1RRRk9GeVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhgYw
DQYJKoZIhvcNAQELBQADggEBAM7uW9FPbSjtlLgJSVyV8lx7Hl9eLs9529v/+r3A
V72g9B3Hpw0qudutqr2FSTyH71M6dIj3JJGYMqTiGpwQ1oiKTbCOVISt1Jlngn07
A35p4Tt2YyH61j1hXuiOOtqaEWoBoB4Gs4W7TALNrqCtlrkUMZHVIY1ZVx/TErYq
E6Tg3vwQp8pNdMqDev3gZ6hljqbFrPVe7Q2seqAW1O7ZKNPwAX5phM/LWJmHec23
fkqKa6tHwPOHY+I04gpPQ8Gy+988yhnT99Ne0UR5zjaRjxKDWcYnDTX8U5aGLZyj
OqLBv/KjS6eqScy9QOVRMn44GDmwm1ayxc2dkRtmb/Ujdy0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:14 2024 by rpki-client on console-ams.rpki-client.org