Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/J9lmQ0-FydXN7LS8cgrcwgG9OhQ.roa
File: J9lmQ0-FydXN7LS8cgrcwgG9OhQ.roa (raw, json)
Hash identifier: KQnMcdvoODaW0IhY/og28r4AvB66Ba5YRfIZoNqWr3s=
Subject key identifier: 27:D9:66:43:4F:85:C9:D5:CD:EC:B4:BC:72:0A:DC:C2:01:BD:3A:14
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018C91D535ED603B0B8D7F13393764608AD9
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/J9lmQ0-FydXN7LS8cgrcwgG9OhQ.roa
Signing time: Fri 22 Dec 2023 14:01:58 +0000
ROA not before: Fri 22 Dec 2023 14:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215809
IP address blocks: 2a12:bec0:5f0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:d5:35:ed:60:3b:0b:8d:7f:13:39:37:64:60:8a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Dec 22 14:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27d966434f85c9d5cdecb4bc720adcc201bd3a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:03:b1:be:45:bd:7d:15:31:04:0a:8d:2a:72:
d5:7d:45:94:2a:55:f8:27:0a:bc:35:50:7f:0a:19:
89:d6:ca:f4:8a:13:f4:9e:1c:7d:04:4d:84:6d:48:
e6:3a:ea:e5:fd:32:4a:d1:7b:90:f5:f0:36:2b:e6:
1b:35:ed:d7:4e:bd:a1:73:e5:24:1c:f5:27:31:cd:
8b:ff:91:da:29:1d:c6:91:2c:b1:67:78:cf:14:d5:
7f:78:d7:9b:02:00:8c:ef:b2:e9:3e:d8:39:99:f5:
43:d0:f3:24:bf:8f:58:aa:5b:ac:d0:18:d9:0d:90:
96:7b:05:18:a5:24:93:93:b9:d3:ae:9c:48:74:c5:
90:b8:b7:20:a9:77:ce:30:64:a7:69:c8:ef:89:aa:
31:ad:b3:dc:90:58:5c:80:21:a7:16:32:ac:04:c8:
bb:1a:32:c4:f8:31:a6:35:28:82:3e:b7:b6:7b:09:
25:f5:67:3f:11:a3:57:fd:83:89:49:5c:d5:12:0a:
02:89:31:a3:1c:6f:e1:6f:fd:05:ed:c5:9f:16:c0:
4e:1c:27:8b:ea:46:4b:ee:cc:ee:a8:40:38:bc:ca:
89:0a:e5:18:82:86:87:12:10:a0:e3:bb:ef:a6:bf:
6c:9e:15:27:6b:31:d8:f2:a9:11:08:34:8a:e6:ad:
25:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D9:66:43:4F:85:C9:D5:CD:EC:B4:BC:72:0A:DC:C2:01:BD:3A:14
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/J9lmQ0-FydXN7LS8cgrcwgG9OhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:5f0::/44
Signature Algorithm: sha256WithRSAEncryption
0a:f8:89:29:26:af:da:2b:d1:ae:13:59:b8:50:dd:da:27:e4:
25:1a:f1:27:b0:ce:e6:8f:76:00:dc:95:19:6b:9c:d7:09:11:
58:84:7a:48:be:e3:34:b9:37:c1:c1:43:03:5e:18:d7:8e:ca:
f7:84:46:da:39:67:9b:e3:7a:b3:90:54:fd:c5:07:62:a5:e7:
61:fd:b9:e6:3d:7e:90:73:95:f0:e7:b8:0c:d8:03:ab:98:88:
83:75:5a:1e:67:3f:43:bf:97:93:f4:c9:5b:1a:ad:64:4c:67:
76:a4:63:52:25:c5:21:49:a0:2e:ec:f4:94:a7:c0:c0:45:4a:
34:87:d5:4c:b8:78:b7:9b:79:ea:49:5e:b8:b9:90:00:d1:14:
19:ff:47:52:dc:c9:f7:bc:a1:b8:df:e0:f9:16:72:68:19:2f:
ca:06:0a:b0:a2:a1:b7:bf:2e:2e:1e:61:5a:e5:83:e8:a9:1e:
15:23:d9:0b:28:19:83:32:ce:6f:2f:a9:c3:a4:d7:80:14:c1:
c9:fa:ba:8c:c0:1d:72:0c:b0:72:cc:f4:6b:84:c6:d8:2d:3b:
fe:6d:0b:9a:54:97:5e:06:c9:43:a3:15:46:17:7c:cf:93:fd:
ec:c0:65:29:4d:a8:8f:87:44:8a:97:18:27:a3:92:10:18:34:
4a:bd:a4:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYyR1TXtYDsLjX8TOTdkYIrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMxMjIyMTQwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Q5NjY0MzRmODVjOWQ1Y2RlY2I0YmM3MjBhZGNjMjAxYmQzYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQOxvkW9fRUxBAqNKnLVfUWUKlX4
Jwq8NVB/ChmJ1sr0ihP0nhx9BE2EbUjmOurl/TJK0XuQ9fA2K+YbNe3XTr2hc+Uk
HPUnMc2L/5HaKR3GkSyxZ3jPFNV/eNebAgCM77LpPtg5mfVD0PMkv49Yqlus0BjZ
DZCWewUYpSSTk7nTrpxIdMWQuLcgqXfOMGSnacjviaoxrbPckFhcgCGnFjKsBMi7
GjLE+DGmNSiCPre2ewkl9Wc/EaNX/YOJSVzVEgoCiTGjHG/hb/0F7cWfFsBOHCeL
6kZL7szuqEA4vMqJCuUYgoaHEhCg47vvpr9snhUnazHY8qkRCDSK5q0ltQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCfZZkNPhcnVzey0vHIK3MIBvToUMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSjlsbVEwLUZ5ZFhON0xTOGNncmN3Z0c5T2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAXw
MA0GCSqGSIb3DQEBCwUAA4IBAQAK+IkpJq/aK9GuE1m4UN3aJ+QlGvEnsM7mj3YA
3JUZa5zXCRFYhHpIvuM0uTfBwUMDXhjXjsr3hEbaOWeb43qzkFT9xQdipedh/bnm
PX6Qc5Xw57gM2AOrmIiDdVoeZz9Dv5eT9MlbGq1kTGd2pGNSJcUhSaAu7PSUp8DA
RUo0h9VMuHi3m3nqSV64uZAA0RQZ/0dS3Mn3vKG43+D5FnJoGS/KBgqwoqG3vy4u
HmFa5YPoqR4VI9kLKBmDMs5vL6nDpNeAFMHJ+rqMwB1yDLByzPRrhMbYLTv+bQua
VJdeBslDoxVGF3zPk/3swGUpTaiPh0SKlxgno5IQGDRKvaQ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org