Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/VmB3PZotwhgFcFEpNvWH3Nyhz-M.roa
File: VmB3PZotwhgFcFEpNvWH3Nyhz-M.roa (raw, json)
Hash identifier: tslcI7vIQUA7j0tJ0og0DYQRdmegIdRhdJLfhI3f0BE=
Subject key identifier: 56:60:77:3D:9A:2D:C2:18:05:70:51:29:36:F5:87:DC:DC:A1:CF:E3
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018871E8A785D92CF01ACD65BB4CE78CF717
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/VmB3PZotwhgFcFEpNvWH3Nyhz-M.roa
Signing time: Wed 31 May 2023 13:04:12 +0000
ROA not before: Wed 31 May 2023 13:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198366
IP address blocks: 2a12:bec0:350::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:e8:a7:85:d9:2c:f0:1a:cd:65:bb:4c:e7:8c:f7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: May 31 13:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5660773d9a2dc2180570512936f587dcdca1cfe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:98:d1:3e:54:b6:f3:00:dd:3a:b7:19:49:1e:
4f:62:dd:e7:ea:7a:f9:fd:f9:97:73:56:19:ee:f2:
d9:87:b6:29:fd:45:c5:51:f0:bb:31:0f:e3:86:66:
a4:a9:1f:ce:70:15:c0:48:46:4e:5b:cf:73:57:34:
8a:52:e1:32:41:79:3a:99:9d:a2:ab:d6:db:aa:e0:
c1:aa:9e:22:74:11:a7:65:02:e3:1e:c4:24:d3:7c:
7b:b9:7a:fd:c7:20:fa:b4:9a:22:8b:be:2d:b9:7f:
5f:3b:19:bd:9f:51:bd:86:a4:03:c4:3c:d8:25:54:
a2:9a:3d:cb:c4:60:a3:db:c6:ad:66:5e:a9:4c:42:
4e:95:8c:e0:64:fe:1f:16:b9:93:26:1d:30:ff:8b:
8a:a1:de:40:ad:c3:f4:c5:76:dc:72:d9:18:51:11:
83:b3:1c:99:e4:21:bd:2c:13:b0:0e:d2:4a:3d:38:
90:c2:8a:5f:59:f2:c4:33:7f:2d:75:e0:71:e1:17:
a3:4f:13:9a:e8:53:c7:44:d0:24:00:3c:91:8d:78:
bd:98:b2:a4:5c:5d:5f:dc:5d:cc:fe:b6:9a:b2:fb:
c8:b3:df:4a:b0:0b:c6:19:e4:29:ac:68:d7:73:95:
3f:3d:6e:a6:d5:fe:ce:5a:8f:77:3c:16:1b:4e:b2:
0f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:60:77:3D:9A:2D:C2:18:05:70:51:29:36:F5:87:DC:DC:A1:CF:E3
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/VmB3PZotwhgFcFEpNvWH3Nyhz-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:350::/44
Signature Algorithm: sha256WithRSAEncryption
77:d4:28:c8:fe:45:ea:96:dc:83:d0:a3:63:56:71:99:59:9d:
07:f4:df:0c:85:5d:64:9b:95:22:fb:4c:c4:c8:5f:c7:4c:f7:
5a:0e:36:7d:3b:8c:2c:46:51:30:cc:1d:89:3a:69:5c:34:ea:
4b:b1:f1:76:61:7d:73:ac:31:80:e4:be:2a:11:2f:3d:16:7d:
5a:9e:f2:f6:a7:06:2e:c9:dc:8c:8a:3b:90:2b:fe:ee:89:f1:
a0:ce:fc:4b:97:76:1b:c9:de:cd:44:bc:bf:98:d6:61:87:61:
7c:b4:81:aa:77:32:1e:16:56:0d:67:a7:fc:da:62:28:37:32:
46:cb:fd:7d:fd:71:a4:ec:9c:a8:c5:2f:6c:34:e8:54:df:42:
f2:20:bd:12:e3:59:0d:68:e0:9c:2f:81:b5:9e:7a:7d:8c:54:
fe:05:0f:c0:d5:89:ad:90:19:d8:ad:77:8b:f5:25:84:12:f7:
6e:69:2d:a2:5a:58:a1:1e:9a:fa:03:32:da:b5:2b:c1:cc:4e:
5c:df:e9:58:7d:7c:1c:37:47:c8:1e:be:f2:56:1f:88:98:aa:
92:65:4d:14:44:c9:c5:05:8b:3f:54:98:0a:ab:bf:b5:ac:05:
a3:f7:b9:a4:ce:87:c4:a2:3c:22:d8:cf:ca:2c:a4:83:e6:e2:
f8:98:31:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYhx6KeF2SzwGs1lu0znjPcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwNTMxMTMwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYwNzczZDlhMmRjMjE4MDU3MDUxMjkzNmY1ODdkY2RjYTFjZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZjRPlS28wDdOrcZSR5PYt3n6nr5
/fmXc1YZ7vLZh7Yp/UXFUfC7MQ/jhmakqR/OcBXASEZOW89zVzSKUuEyQXk6mZ2i
q9bbquDBqp4idBGnZQLjHsQk03x7uXr9xyD6tJoii74tuX9fOxm9n1G9hqQDxDzY
JVSimj3LxGCj28atZl6pTEJOlYzgZP4fFrmTJh0w/4uKod5ArcP0xXbcctkYURGD
sxyZ5CG9LBOwDtJKPTiQwopfWfLEM38tdeBx4RejTxOa6FPHRNAkADyRjXi9mLKk
XF1f3F3M/raasvvIs99KsAvGGeQprGjXc5U/PW6m1f7OWo93PBYbTrIP2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFZgdz2aLcIYBXBRKTb1h9zcoc/jMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvVm1CM1Bab3R3aGdGY0ZFcE52V0gzTnloei1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wANQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB31CjI/kXqltyD0KNjVnGZWZ0H9N8MhV1km5Ui
+0zEyF/HTPdaDjZ9O4wsRlEwzB2JOmlcNOpLsfF2YX1zrDGA5L4qES89Fn1anvL2
pwYuydyMijuQK/7uifGgzvxLl3Ybyd7NRLy/mNZhh2F8tIGqdzIeFlYNZ6f82mIo
NzJGy/19/XGk7JyoxS9sNOhU30LyIL0S41kNaOCcL4G1nnp9jFT+BQ/A1YmtkBnY
rXeL9SWEEvduaS2iWlihHpr6AzLatSvBzE5c3+lYfXwcN0fIHr7yVh+ImKqSZU0U
RMnFBYs/VJgKq7+1rAWj97mkzofEojwi2M/KLKSD5uL4mDFc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org