Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r4_GtY9wYlseGR9QvDhfVuIFP54.roa
File: r4_GtY9wYlseGR9QvDhfVuIFP54.roa (raw, json)
Hash identifier: 1y43Dp6qDPwwyOQpNL7f4mdA711iycn39gitmJ4G4xI=
Subject key identifier: AF:8F:C6:B5:8F:70:62:5B:1E:19:1F:50:BC:38:5F:56:E2:05:3F:9E
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018CC64A1268ED95867C9B9F0081FA4C4A00
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r4_GtY9wYlseGR9QvDhfVuIFP54.roa
Signing time: Mon 01 Jan 2024 18:29:52 +0000
ROA not before: Mon 01 Jan 2024 18:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216311
IP address blocks: 2a12:bec0:500::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Feb 2024 10:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:12:68:ed:95:86:7c:9b:9f:00:81:fa:4c:4a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 18:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af8fc6b58f70625b1e191f50bc385f56e2053f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:b4:15:32:2b:5f:13:2e:26:a7:10:3e:7b:
b3:db:58:ee:da:0a:57:76:94:85:22:9a:b5:4b:6e:
95:06:5f:8f:19:ff:06:51:d2:ee:3f:5f:79:90:98:
71:bf:cc:e2:fc:5d:d1:7b:ee:ba:d6:db:df:e6:05:
08:2c:bf:1e:2e:9d:fd:3f:88:df:14:bf:a6:d8:fa:
96:79:6c:03:24:f9:e1:af:23:28:04:61:b0:12:42:
80:46:33:6f:58:d9:c4:c2:f0:c3:fe:2d:81:e0:97:
16:2f:4c:c3:5c:95:9f:4a:81:b0:d5:b7:b5:af:50:
cb:ce:d1:bb:83:bc:97:32:ca:e1:ce:91:da:0e:33:
0e:33:36:53:b4:1e:69:05:64:6f:37:d7:dc:ff:c4:
a6:fa:01:84:d9:49:bc:cf:90:73:25:4a:c6:ad:a8:
fc:fe:22:bb:0f:92:2d:9a:17:fc:33:93:1a:8d:a6:
7b:c1:21:0a:23:8e:b6:8c:dd:07:21:77:19:a9:66:
0a:ae:29:40:3d:49:d2:6f:2b:7b:9b:02:e8:d2:7e:
11:be:c2:c2:e2:9e:09:da:26:0b:59:36:60:fc:8a:
fb:34:9c:a7:1c:75:5d:49:29:23:e6:27:4f:17:5b:
0c:d7:0d:91:0a:47:f3:90:9f:9e:43:7a:fe:05:04:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8F:C6:B5:8F:70:62:5B:1E:19:1F:50:BC:38:5F:56:E2:05:3F:9E
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r4_GtY9wYlseGR9QvDhfVuIFP54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:500::/44
Signature Algorithm: sha256WithRSAEncryption
c1:d0:11:81:d0:66:88:29:2e:c3:1c:71:aa:91:64:c9:75:d6:
fd:d8:1a:33:9b:0d:01:37:26:71:42:2a:87:fe:e2:00:fc:6a:
dc:72:c8:d5:6b:a1:67:e8:73:89:ff:60:12:46:bc:24:4a:0b:
20:d9:36:c6:4c:54:af:cf:d4:c3:54:ca:b3:1c:2f:d2:74:57:
3e:76:ce:f1:3a:e0:58:b1:f8:2d:b5:10:13:93:13:9a:a0:bb:
7f:c2:10:23:22:62:5b:10:85:5c:06:38:28:3b:5f:d0:ce:cf:
a7:55:de:3a:f2:82:c1:f0:b8:1b:76:5c:5b:24:19:1e:4b:be:
36:3a:9d:e9:e9:fb:ac:63:6d:c4:09:0c:dc:99:82:5e:d3:b4:
e9:9f:6e:be:f3:f1:e9:17:61:db:de:dc:1e:1e:da:4a:57:39:
8f:b9:1b:2e:5e:01:0e:42:24:6b:13:34:53:ad:cb:3e:a8:ec:
1e:31:be:46:20:79:2a:83:48:ed:12:70:4f:79:d7:6b:4c:9b:
30:a1:d0:c6:53:49:ea:b9:38:11:40:0a:e4:72:8d:16:32:98:
81:19:2a:67:b6:ce:e7:25:0b:69:7f:fd:35:9e:06:7e:92:78:
10:70:39:45:72:33:1f:a5:90:eb:d8:e2:84:10:d1:45:3a:35:
b7:2b:e6:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGShJo7ZWGfJufAIH6TEoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTAxMTgyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjhmYzZiNThmNzA2MjViMWUxOTFmNTBiYzM4NWY1NmUyMDUzZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ20FTIrXxMuJqcQPnuz21ju2gpX
dpSFIpq1S26VBl+PGf8GUdLuP195kJhxv8zi/F3Re+661tvf5gUILL8eLp39P4jf
FL+m2PqWeWwDJPnhryMoBGGwEkKARjNvWNnEwvDD/i2B4JcWL0zDXJWfSoGw1be1
r1DLztG7g7yXMsrhzpHaDjMOMzZTtB5pBWRvN9fc/8Sm+gGE2Um8z5BzJUrGraj8
/iK7D5Itmhf8M5MajaZ7wSEKI462jN0HIXcZqWYKrilAPUnSbyt7mwLo0n4RvsLC
4p4J2iYLWTZg/Ir7NJynHHVdSSkj5idPF1sM1w2RCkfzkJ+eQ3r+BQTYZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK+PxrWPcGJbHhkfULw4X1biBT+eMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvcjRfR3RZOXdZbHNlR1I5UXZEaGZWdUlGUDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQDB0BGB0GaIKS7DHHGqkWTJddb92Bozmw0BNyZx
QiqH/uIA/GrccsjVa6Fn6HOJ/2ASRrwkSgsg2TbGTFSvz9TDVMqzHC/SdFc+ds7x
OuBYsfgttRATkxOaoLt/whAjImJbEIVcBjgoO1/Qzs+nVd468oLB8LgbdlxbJBke
S742Op3p6fusY23ECQzcmYJe07Tpn26+8/HpF2Hb3tweHtpKVzmPuRsuXgEOQiRr
EzRTrcs+qOweMb5GIHkqg0jtEnBPeddrTJswodDGU0nquTgRQArkco0WMpiBGSpn
ts7nJQtpf/01ngZ+kngQcDlFcjMfpZDr2OKEENFFOjW3K+ZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org