Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mQDaOXdobhlHqtnFtvp7ao_KPcI.roa
File: mQDaOXdobhlHqtnFtvp7ao_KPcI.roa (raw, json)
Hash identifier: azvKyyEkPFzC54PdL++3xWgNp8WCaxdFpCbGZB7ho28=
Subject key identifier: 99:00:DA:39:77:68:6E:19:47:AA:D9:C5:B6:FA:7B:6A:8F:CA:3D:C2
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018B860E74D91D5E2AB9B6FDE97EF0BC7A3F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mQDaOXdobhlHqtnFtvp7ao_KPcI.roa
Signing time: Tue 31 Oct 2023 14:06:16 +0000
ROA not before: Tue 31 Oct 2023 14:06:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216061
IP address blocks: 2a12:bec0:580::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:0e:74:d9:1d:5e:2a:b9:b6:fd:e9:7e:f0:bc:7a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Oct 31 14:06:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9900da3977686e1947aad9c5b6fa7b6a8fca3dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:ea:87:37:53:80:6a:ad:f5:4f:18:b8:6c:
a1:ef:22:39:61:23:54:d6:96:79:d5:c8:9f:ab:5a:
2b:72:e9:be:75:c5:ad:c7:fc:18:57:41:64:e4:e2:
07:50:14:3d:e7:3a:6d:ee:2f:35:84:35:18:d2:e3:
b4:2f:69:33:1e:f0:1a:c1:47:c6:6e:2f:95:63:ca:
d4:4a:7c:20:ea:f8:07:62:61:fe:0b:08:ea:f3:ac:
f6:77:00:a9:0f:98:26:4b:ce:48:a6:64:d4:c9:f1:
f0:dc:e5:e3:ad:8e:58:de:d7:9a:76:47:32:8a:59:
35:3f:f0:07:4b:11:69:ce:85:cb:8b:d1:f2:5d:2e:
66:1d:e7:c0:bd:8a:65:17:05:88:85:cd:04:6d:d1:
73:33:30:dd:e4:fc:3a:91:4b:c0:94:07:1b:89:4b:
a1:b9:0f:2f:c2:13:8f:b8:02:a3:45:35:cf:04:47:
ea:c9:8f:b2:9a:9b:04:c5:fe:45:81:36:62:2a:d9:
84:8b:b5:51:e8:cf:d4:87:50:13:b1:f4:b6:e9:19:
7c:24:23:f5:b7:e7:18:8e:29:65:62:88:f5:a4:d8:
e3:7b:4b:b2:fd:fc:44:98:dd:b2:bb:b0:58:dc:19:
a4:55:34:79:3f:f9:51:4b:9d:01:79:34:7d:80:dd:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:00:DA:39:77:68:6E:19:47:AA:D9:C5:B6:FA:7B:6A:8F:CA:3D:C2
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mQDaOXdobhlHqtnFtvp7ao_KPcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:580::/44
Signature Algorithm: sha256WithRSAEncryption
02:f1:40:0b:63:78:e1:22:b1:b3:3b:2a:e1:85:0d:28:a2:6c:
a1:1f:a5:bf:b1:b3:4e:0c:b2:7e:ca:53:63:31:5d:fd:81:47:
87:49:a5:24:cb:75:7e:9c:ba:fa:df:bb:b5:16:cb:c2:9c:5c:
92:b0:c8:71:12:1d:41:02:56:f5:d5:87:2a:26:a9:a8:2d:b3:
c3:7b:9b:cd:7d:05:6f:6c:53:bc:6b:ad:3e:b7:12:de:7e:5e:
c9:e7:b5:ee:0f:dd:1b:5a:61:5d:7c:e8:29:e3:9a:d3:f8:24:
a4:6d:0d:f3:4c:c5:78:25:09:ec:0a:62:74:aa:78:af:a4:39:
00:43:d2:7d:4a:08:01:3a:51:95:d6:53:b9:33:37:bf:98:e8:
41:4a:20:69:19:3c:47:c0:0b:4f:01:a5:c0:90:2a:f5:20:2b:
f5:a0:63:2f:58:ad:60:1f:79:f2:b3:55:06:31:78:e6:e4:67:
24:13:af:7f:21:d7:1f:32:b9:cd:3f:92:70:d4:8d:96:4a:c0:
9c:1b:c5:d3:9e:ec:1e:be:f6:97:00:ff:06:b8:b4:f2:c9:69:
bc:90:de:a8:78:a2:1f:f9:28:c3:a4:a1:1c:c4:0d:fa:6c:36:
f0:a6:21:2c:ad:e9:1a:69:d1:40:00:c5:eb:8e:bf:f4:f2:ee:
07:38:89:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYuGDnTZHV4qubb96X7wvHo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMxMDMxMTQwNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAwZGEzOTc3Njg2ZTE5NDdhYWQ5YzViNmZhN2I2YThmY2EzZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWfqhzdTgGqt9U8YuGyh7yI5YSNU
1pZ51cifq1orcum+dcWtx/wYV0Fk5OIHUBQ95zpt7i81hDUY0uO0L2kzHvAawUfG
bi+VY8rUSnwg6vgHYmH+Cwjq86z2dwCpD5gmS85IpmTUyfHw3OXjrY5Y3teadkcy
ilk1P/AHSxFpzoXLi9HyXS5mHefAvYplFwWIhc0EbdFzMzDd5Pw6kUvAlAcbiUuh
uQ8vwhOPuAKjRTXPBEfqyY+ympsExf5FgTZiKtmEi7VR6M/Uh1ATsfS26Rl8JCP1
t+cYjillYoj1pNjje0uy/fxEmN2yu7BY3BmkVTR5P/lRS50BeTR9gN0RYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJkA2jl3aG4ZR6rZxbb6e2qPyj3CMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvbVFEYU9YZG9iaGxIcXRuRnR2cDdhb19LUGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAC8UALY3jhIrGzOyrhhQ0oomyhH6W/sbNODLJ+
ylNjMV39gUeHSaUky3V+nLr637u1FsvCnFySsMhxEh1BAlb11YcqJqmoLbPDe5vN
fQVvbFO8a60+txLefl7J57XuD90bWmFdfOgp45rT+CSkbQ3zTMV4JQnsCmJ0qniv
pDkAQ9J9SggBOlGV1lO5Mze/mOhBSiBpGTxHwAtPAaXAkCr1ICv1oGMvWK1gH3ny
s1UGMXjm5GckE69/IdcfMrnNP5Jw1I2WSsCcG8XTnuwevvaXAP8GuLTyyWm8kN6o
eKIf+SjDpKEcxA36bDbwpiEsrekaadFAAMXrjr/08u4HOIkW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org