Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1GhMonRQJ2ILI9ZUQWoMIc55qG0.roa
File: 1GhMonRQJ2ILI9ZUQWoMIc55qG0.roa (raw, json)
Hash identifier: iomBB+g6oaMioGZwyT4JHhy1vrEQByrtHWaynE4NTY4=
Subject key identifier: D4:68:4C:A2:74:50:27:62:0B:23:D6:54:41:6A:0C:21:CE:79:A8:6D
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018A6016D87DE3CD547A08A4D4536D2F1938
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1GhMonRQJ2ILI9ZUQWoMIc55qG0.roa
Signing time: Mon 04 Sep 2023 12:07:04 +0000
ROA not before: Mon 04 Sep 2023 12:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199654
IP address blocks: 2a12:bec0:19a::/48 maxlen: 48
2a12:bec0:200::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:16:d8:7d:e3:cd:54:7a:08:a4:d4:53:6d:2f:19:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Sep 4 12:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4684ca2745027620b23d654416a0c21ce79a86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:de:2f:85:1a:61:be:98:9e:c2:64:32:7c:
63:85:03:e7:d7:39:78:50:c3:36:0f:79:0f:54:45:
2c:49:a5:b1:08:08:0b:ff:22:04:37:eb:52:b1:83:
5b:69:63:d1:49:c7:f3:eb:1a:a8:9e:3f:b9:b5:86:
a7:ff:53:1a:06:0d:52:54:54:e5:90:91:52:8e:e1:
fe:f7:d8:cf:89:00:0b:82:c6:7e:cb:30:a0:f6:79:
eb:71:92:df:a6:f1:5c:09:26:ff:b8:35:e0:1e:c5:
ad:af:5f:85:44:13:c8:4c:07:49:0d:4e:66:af:69:
d5:6c:4d:40:2b:a9:af:11:52:34:42:eb:be:ee:04:
ff:39:bb:f9:7c:3c:eb:23:af:c3:aa:ff:33:b2:aa:
ac:b5:16:19:46:61:f7:01:f8:34:9c:72:70:1f:dd:
6c:e3:b1:b7:72:b2:71:16:de:9a:2e:55:3b:90:6f:
f4:a3:45:6e:ad:64:6a:0b:e3:1f:d7:21:47:93:47:
de:a1:19:bf:30:5c:b8:a0:35:4d:df:7c:6e:30:ea:
6e:55:89:01:f6:5e:0f:2e:b9:64:bb:2f:7a:fe:67:
8d:87:b5:0d:6b:df:d7:8e:e1:a1:45:30:74:47:5f:
73:76:b5:e2:46:22:d9:c0:ae:8a:57:16:f0:67:7f:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:68:4C:A2:74:50:27:62:0B:23:D6:54:41:6A:0C:21:CE:79:A8:6D
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1GhMonRQJ2ILI9ZUQWoMIc55qG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:19a::/48
2a12:bec0:200::/44
Signature Algorithm: sha256WithRSAEncryption
94:30:9a:aa:e6:1a:06:52:97:6c:b2:cb:14:7b:d3:4f:48:ee:
6a:cd:a1:b0:c6:4d:e2:01:d5:ee:83:1c:92:72:a8:cd:f6:d3:
4b:83:c5:dc:7e:d6:15:42:24:73:f2:2e:2c:9a:60:44:d1:b1:
5c:68:ca:e8:81:ff:56:73:2a:80:45:0c:8c:5e:40:d2:06:5b:
cd:f1:d7:1e:de:5e:85:11:61:fd:b6:06:b3:b9:3e:52:9f:b7:
94:8f:28:df:7c:05:42:fe:a8:ba:e2:7c:ed:70:9a:cc:cc:99:
d4:74:9e:48:f4:d0:be:0a:e8:1e:f7:62:e6:2f:b6:b7:a1:14:
ed:40:5d:a4:55:8f:26:54:91:2b:a5:3b:b8:fd:6a:22:80:68:
8d:96:7d:74:c2:6c:3e:cd:d0:8f:97:01:32:74:3f:9e:5f:be:
b1:d9:a2:0b:2e:85:de:2a:cf:17:b9:8f:8b:bc:6a:7f:97:e9:
f3:5d:59:9e:1d:37:93:ca:0f:7d:46:9d:1c:f8:5c:20:a4:bd:
80:46:02:aa:8c:25:45:f1:a5:e4:37:dc:03:fa:cc:f0:88:01:
4d:0b:07:e7:a8:2d:b2:36:0f:e1:0b:1c:40:84:f2:06:e0:3d:
52:68:2d:36:e5:e7:61:c4:f2:05:66:65:05:73:4c:f6:63:bd:
be:79:95:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpgFth9481Uegik1FNtLxk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwOTA0MTIwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY4NGNhMjc0NTAyNzYyMGIyM2Q2NTQ0MTZhMGMyMWNlNzlhODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr7eL4UaYb6YnsJkMnxjhQPn1zl4
UMM2D3kPVEUsSaWxCAgL/yIEN+tSsYNbaWPRScfz6xqonj+5tYan/1MaBg1SVFTl
kJFSjuH+99jPiQALgsZ+yzCg9nnrcZLfpvFcCSb/uDXgHsWtr1+FRBPITAdJDU5m
r2nVbE1AK6mvEVI0Quu+7gT/Obv5fDzrI6/Dqv8zsqqstRYZRmH3Afg0nHJwH91s
47G3crJxFt6aLlU7kG/0o0VurWRqC+Mf1yFHk0feoRm/MFy4oDVN33xuMOpuVYkB
9l4PLrlkuy96/meNh7UNa9/XjuGhRTB0R19zdrXiRiLZwK6KVxbwZ39newIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRoTKJ0UCdiCyPWVEFqDCHOeahtMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvMUdoTW9uUlFKMklMSTlaVVFXb01JYzU1cUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhK+wAGa
AwcEKhK+wAIAMA0GCSqGSIb3DQEBCwUAA4IBAQCUMJqq5hoGUpdssssUe9NPSO5q
zaGwxk3iAdXugxyScqjN9tNLg8XcftYVQiRz8i4smmBE0bFcaMrogf9WcyqARQyM
XkDSBlvN8dce3l6FEWH9tgazuT5Sn7eUjyjffAVC/qi64nztcJrMzJnUdJ5I9NC+
Cuge92LmL7a3oRTtQF2kVY8mVJErpTu4/WoigGiNln10wmw+zdCPlwEydD+eX76x
2aILLoXeKs8XuY+LvGp/l+nzXVmeHTeTyg99Rp0c+FwgpL2ARgKqjCVF8aXkN9wD
+szwiAFNCwfnqC2yNg/hCxxAhPIG4D1SaC025edhxPIFZmUFc0z2Y72+eZUc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org