Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J13J1GJaX4buHP0ixrXaxnPwiOs.roa
File: J13J1GJaX4buHP0ixrXaxnPwiOs.roa (raw, json)
Hash identifier: JllwIjZ4c/GgBNpPVMStEaVQON3MIUlPsNVCPwpP4js=
Subject key identifier: 27:5D:C9:D4:62:5A:5F:86:EE:1C:FD:22:C6:B5:DA:C6:73:F0:88:EB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DC66190C97938FCFD95AA513DBB51
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J13J1GJaX4buHP0ixrXaxnPwiOs.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3258
IP address blocks: 2a09:4::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:1::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c6:61:90:c9:79:38:fc:fd:95:aa:51:3d:bb:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275dc9d4625a5f86ee1cfd22c6b5dac673f088eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:87:76:92:62:ef:fc:e6:0c:cd:d4:9a:23:2a:
be:bc:09:b4:91:27:f0:e2:9b:41:a4:35:95:0c:66:
40:18:90:04:e8:1c:64:78:cb:8a:92:6c:b3:7c:2d:
bf:e3:8c:1c:e5:8f:0a:a9:95:41:7b:d2:e4:39:26:
17:54:1f:c1:bb:9a:09:2a:a8:3b:56:b5:35:18:6e:
aa:b5:32:a8:07:74:4e:86:c0:f7:41:44:db:a1:bc:
5c:31:ac:b4:d0:2f:49:f6:5f:56:ee:8d:db:f3:0d:
1d:19:d6:f4:26:ba:2c:36:cd:8f:e7:2a:db:cd:e1:
82:64:16:7e:a2:1b:29:64:31:02:10:0f:60:20:92:
60:63:36:9b:eb:40:7a:99:b3:b5:10:19:da:f3:db:
00:00:45:ad:8d:62:87:d7:3f:9f:9d:b3:af:fe:aa:
f7:fd:d9:33:3f:5d:c0:f4:0f:a4:0b:9e:b2:ec:4e:
3d:06:f5:05:2c:a2:e7:12:c2:36:48:b8:1d:84:29:
f6:4d:d7:83:0a:00:bd:64:bc:02:e7:0c:be:0b:74:
10:38:5c:3d:c0:1a:99:36:75:2c:24:68:4a:6d:d5:
11:0e:d6:aa:c6:80:57:d9:03:e0:b5:80:4d:0c:24:
f1:53:5a:b3:0c:36:c4:47:51:11:82:36:b3:ca:3f:
ec:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5D:C9:D4:62:5A:5F:86:EE:1C:FD:22:C6:B5:DA:C6:73:F0:88:EB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J13J1GJaX4buHP0ixrXaxnPwiOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7:2008::/48
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
10:c5:df:3f:c8:b2:da:c3:49:27:37:a4:9f:8d:99:17:57:b3:
44:95:ae:42:68:94:ba:81:fb:44:d6:51:e1:90:04:54:20:f6:
a2:15:6d:0e:20:d4:d6:52:c0:3b:ea:48:ce:e8:eb:14:b7:37:
e4:83:f3:42:96:1c:7d:71:63:e9:12:37:c6:ba:3d:d2:2b:0a:
10:90:4c:4e:3b:f4:aa:27:72:9a:76:55:04:96:bd:b1:3f:1f:
3d:43:bd:bd:bd:f9:19:4e:d9:6a:a8:aa:26:c3:11:70:59:e5:
61:d5:f6:2e:24:9e:2c:4c:69:78:5a:b6:a2:10:d0:24:79:b1:
11:f8:2f:2f:cc:bc:ec:0b:fd:25:5c:82:86:61:e9:33:b8:29:
c7:4f:22:53:43:be:12:49:8f:f7:f6:70:22:ee:c6:05:58:c2:
cb:3d:18:a4:cf:49:30:91:55:31:cf:21:3b:b5:05:df:17:a8:
1e:cb:1d:db:d5:e8:ef:0f:9d:74:fd:75:ff:e0:6a:b7:3f:ce:
55:91:eb:1d:03:8c:17:48:f8:b9:95:7e:56:49:33:43:4d:ad:
ad:e7:d7:76:2c:98:0e:56:7a:11:d3:c3:41:ec:33:14:27:ae:
44:16:8c:99:38:23:d0:e9:bf:33:74:d4:c4:48:36:ef:b6:66:
fa:8b:4b:61
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYVvHcZhkMl5OPz9lapRPbtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVkYzlkNDYyNWE1Zjg2ZWUxY2ZkMjJjNmI1ZGFjNjczZjA4OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4d2kmLv/OYMzdSaIyq+vAm0kSfw
4ptBpDWVDGZAGJAE6BxkeMuKkmyzfC2/44wc5Y8KqZVBe9LkOSYXVB/Bu5oJKqg7
VrU1GG6qtTKoB3ROhsD3QUTbobxcMay00C9J9l9W7o3b8w0dGdb0JrosNs2P5yrb
zeGCZBZ+ohspZDECEA9gIJJgYzab60B6mbO1EBna89sAAEWtjWKH1z+fnbOv/qr3
/dkzP13A9A+kC56y7E49BvUFLKLnEsI2SLgdhCn2TdeDCgC9ZLwC5wy+C3QQOFw9
wBqZNnUsJGhKbdURDtaqxoBX2QPgtYBNDCTxU1qzDDbER1ERgjazyj/sRQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFCddydRiWl+G7hz9Isa12sZz8IjrMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvSjEzSjFHSmFYNGJ1SFAwaXhyWGF4blB3aU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAAjA9AwcAKgkAAQAA
AwcAKgkAAgAAAwcAKgkAAwAAAwcAKgkABAAAAwcAKgkABQAAAwcAKgkAByAIAwUD
KhAEgDANBgkqhkiG9w0BAQsFAAOCAQEAEMXfP8iy2sNJJzekn42ZF1ezRJWuQmiU
uoH7RNZR4ZAEVCD2ohVtDiDU1lLAO+pIzujrFLc35IPzQpYcfXFj6RI3xro90isK
EJBMTjv0qidymnZVBJa9sT8fPUO9vb35GU7ZaqiqJsMRcFnlYdX2LiSeLExpeFq2
ohDQJHmxEfgvL8y87Av9JVyChmHpM7gpx08iU0O+EkmP9/ZwIu7GBVjCyz0YpM9J
MJFVMc8hO7UF3xeoHssd29Xo7w+ddP11/+Bqtz/OVZHrHQOMF0j4uZV+VkkzQ02t
refXdiyYDlZ6EdPDQewzFCeuRBaMmTgj0Om/M3TUxEg277Zm+otLYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org