Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CbJP9d-T03BbJmsgLfOBfZN_va0.roa
File: CbJP9d-T03BbJmsgLfOBfZN_va0.roa (raw, json)
Hash identifier: 28kA3blsuKqJd3a/PkiOs6Ayk+eXF28RVD9gvENNAiQ=
Subject key identifier: 09:B2:4F:F5:DF:93:D3:70:5B:26:6B:20:2D:F3:81:7D:93:7F:BD:AD
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018A21F192877EB72BEEBEAA6CD26BDF5A76
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CbJP9d-T03BbJmsgLfOBfZN_va0.roa
Signing time: Wed 23 Aug 2023 10:29:54 +0000
ROA not before: Wed 23 Aug 2023 10:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216418
IP address blocks: 2a12:bec0:430::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:f1:92:87:7e:b7:2b:ee:be:aa:6c:d2:6b:df:5a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Aug 23 10:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b24ff5df93d3705b266b202df3817d937fbdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:47:8e:b7:47:dd:c3:f3:88:b1:9f:55:d4:39:
d0:5b:09:c0:fd:59:c6:5d:dd:42:b6:5e:57:7a:e3:
88:6e:94:ef:39:72:f0:16:70:93:c0:df:cb:45:23:
11:e5:d9:3c:78:1f:12:2e:6c:84:79:91:41:f6:e6:
61:34:5e:ff:67:66:14:75:0d:9e:cc:b5:e8:14:4d:
cc:26:84:0c:c7:22:de:fe:71:93:d0:72:0f:99:65:
00:f3:7a:26:b4:5e:03:6e:d0:7e:24:b4:b6:09:10:
77:48:27:d9:aa:50:ef:9c:c8:4f:33:ee:a8:b4:e2:
40:9e:cb:1a:a9:e8:39:eb:25:8f:2a:08:a8:fd:af:
2d:7e:53:34:80:99:5f:78:f0:eb:91:43:86:64:78:
79:2a:6b:64:a4:04:65:ce:57:ba:c2:dd:c6:52:76:
fb:7e:c2:ca:cc:6a:3f:9b:ab:72:65:7b:3f:ec:f8:
83:8e:10:88:f0:ed:85:5d:55:36:6c:d2:60:e8:9d:
7d:10:c2:92:59:50:b6:a8:f2:c4:19:8c:1e:8f:33:
f1:08:ba:0f:da:32:ad:5f:80:03:81:fc:68:de:2b:
1c:08:83:87:a7:1f:fd:24:79:b9:55:6b:72:19:79:
fa:c9:d8:77:d5:9a:bc:a4:a7:28:d8:4f:cb:6a:ce:
d7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B2:4F:F5:DF:93:D3:70:5B:26:6B:20:2D:F3:81:7D:93:7F:BD:AD
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/CbJP9d-T03BbJmsgLfOBfZN_va0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:430::/44
Signature Algorithm: sha256WithRSAEncryption
3f:99:4d:10:12:28:cb:0c:c5:97:31:a0:11:d2:c8:aa:29:69:
66:57:81:b4:23:f2:76:2e:de:b4:e7:e9:37:8e:b9:32:2d:cb:
19:59:08:5b:1f:fa:26:17:6c:ef:5b:ff:b5:f8:82:b5:6d:c4:
0e:83:e5:40:26:1b:87:f3:06:11:29:69:48:0c:63:10:91:55:
0d:f7:c8:00:ab:eb:98:ab:b4:0e:00:a8:ee:5e:1b:d4:9d:62:
cc:0c:ca:c8:5c:3e:8d:63:98:51:6f:83:94:7d:dd:2f:af:6c:
13:03:a3:a7:3f:3b:13:ae:56:b9:d4:a7:92:a4:77:bf:96:24:
38:9d:a8:c0:ec:f3:c1:28:72:92:25:0e:18:7e:ec:4b:db:18:
4e:15:87:6d:c2:e9:9e:2f:9e:07:ea:50:88:f9:6e:dc:62:56:
68:f0:82:27:7e:33:8a:c4:c4:fd:f0:83:9b:0d:46:f4:31:eb:
8d:bf:62:99:7d:f2:5c:81:a0:81:24:53:3e:93:6c:d3:85:b6:
00:f6:41:bc:48:d0:d9:33:e7:f6:dc:26:9e:19:2a:ea:5e:3e:
18:e1:5c:d9:8c:0d:8e:5c:13:c6:62:9d:20:79:11:7f:cb:e6:
f3:a4:c6:5c:28:33:81:1a:f0:0d:41:7b:d6:ff:1d:68:c4:a2:
05:c0:c7:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYoh8ZKHfrcr7r6qbNJr31p2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwODIzMTAyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIyNGZmNWRmOTNkMzcwNWIyNjZiMjAyZGYzODE3ZDkzN2ZiZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEeOt0fdw/OIsZ9V1DnQWwnA/VnG
Xd1Ctl5XeuOIbpTvOXLwFnCTwN/LRSMR5dk8eB8SLmyEeZFB9uZhNF7/Z2YUdQ2e
zLXoFE3MJoQMxyLe/nGT0HIPmWUA83omtF4DbtB+JLS2CRB3SCfZqlDvnMhPM+6o
tOJAnssaqeg56yWPKgio/a8tflM0gJlfePDrkUOGZHh5KmtkpARlzle6wt3GUnb7
fsLKzGo/m6tyZXs/7PiDjhCI8O2FXVU2bNJg6J19EMKSWVC2qPLEGYwejzPxCLoP
2jKtX4ADgfxo3iscCIOHpx/9JHm5VWtyGXn6ydh31Zq8pKco2E/Las7XmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAmyT/Xfk9NwWyZrIC3zgX2Tf72tMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvQ2JKUDlkLVQwM0JiSm1zZ0xmT0JmWk5fdmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAQw
MA0GCSqGSIb3DQEBCwUAA4IBAQA/mU0QEijLDMWXMaAR0siqKWlmV4G0I/J2Lt60
5+k3jrkyLcsZWQhbH/omF2zvW/+1+IK1bcQOg+VAJhuH8wYRKWlIDGMQkVUN98gA
q+uYq7QOAKjuXhvUnWLMDMrIXD6NY5hRb4OUfd0vr2wTA6OnPzsTrla51KeSpHe/
liQ4najA7PPBKHKSJQ4YfuxL2xhOFYdtwumeL54H6lCI+W7cYlZo8IInfjOKxMT9
8IObDUb0MeuNv2KZffJcgaCBJFM+k2zThbYA9kG8SNDZM+f23CaeGSrqXj4Y4VzZ
jA2OXBPGYp0geRF/y+bzpMZcKDOBGvANQXvW/x1oxKIFwMcv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org