Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sgABoI_DmFNrgtiHvnDa971jvbM.roa
File: sgABoI_DmFNrgtiHvnDa971jvbM.roa (raw, json)
Hash identifier: yw4Jkl8pRv6qAtWfwqb21ZX7Xtkr08er1qL9IsKOJVU=
Subject key identifier: B2:00:01:A0:8F:C3:98:53:6B:82:D8:87:BE:70:DA:F7:BD:63:BD:B3
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01857079934BA779D1C501F6562B77D01EBC
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sgABoI_DmFNrgtiHvnDa971jvbM.roa
Signing time: Mon 02 Jan 2023 03:14:53 +0000
ROA not before: Mon 02 Jan 2023 03:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200586
IP address blocks: 2a12:bec0:a0::/44 maxlen: 48
2a12:bec0:b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:93:4b:a7:79:d1:c5:01:f6:56:2b:77:d0:1e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 2 03:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b20001a08fc398536b82d887be70daf7bd63bdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3a:4d:2a:52:68:85:c8:d3:d5:7b:b4:87:5b:
ea:75:2e:42:38:22:4e:28:3b:dd:47:79:29:12:69:
12:03:36:c6:46:9e:40:48:30:ca:d3:37:ce:75:22:
e6:06:34:0c:4e:f8:00:a0:10:22:8a:58:60:a7:2d:
05:bc:55:73:73:11:03:56:d4:68:bb:ba:f1:c5:b1:
52:37:6f:09:9f:27:40:c8:93:96:03:69:94:74:bf:
b9:cd:ee:68:a5:4f:8d:78:30:f5:1e:d8:36:01:b1:
70:ed:19:ab:cd:8d:65:07:41:16:b0:b7:86:80:d6:
54:8a:d2:57:2c:b7:dd:03:9e:e9:52:79:f4:84:9e:
20:74:3d:10:13:60:8b:c1:01:e7:65:f8:c4:5b:02:
bf:d2:0f:28:e7:ae:fe:e6:49:4d:8c:19:11:bf:33:
ea:b0:ac:58:0c:d4:fb:8a:c3:d3:93:15:fb:f8:69:
62:84:4c:dc:a7:55:52:17:76:e6:35:60:92:19:be:
b6:d4:36:1e:a0:d7:fc:9b:ee:e0:c4:2d:6a:72:25:
75:a4:ac:6c:be:ab:df:87:ca:66:3f:3e:7a:42:c2:
19:22:af:5e:3c:68:d5:ca:d7:34:11:a8:28:f0:85:
e2:20:ae:52:71:0c:a0:c7:68:e5:3d:99:bb:d8:47:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:00:01:A0:8F:C3:98:53:6B:82:D8:87:BE:70:DA:F7:BD:63:BD:B3
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sgABoI_DmFNrgtiHvnDa971jvbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:a0::/43
Signature Algorithm: sha256WithRSAEncryption
a2:fe:49:d7:1a:ac:c7:8f:3e:fc:1c:57:4c:9b:a2:f1:c1:a8:
8c:5e:b4:52:cb:c5:05:54:ac:3a:5a:59:71:f3:c0:45:4e:24:
d4:26:70:c0:78:fe:f3:7c:86:22:85:45:2b:b5:97:0d:31:41:
c2:a4:56:58:5b:2c:91:3f:b9:45:a8:5a:2b:8a:8b:42:64:e4:
c9:31:08:f0:cb:c6:b4:d8:c3:7f:4c:79:a5:bb:e3:2a:d6:95:
f4:b6:f7:84:7e:cf:43:2f:12:75:92:11:37:8c:2c:9e:8b:b5:
1d:72:8f:e0:af:fb:8e:a9:9a:21:44:e4:6a:6d:25:7e:b4:ad:
03:7e:57:76:e6:fd:4e:ef:9d:e8:f1:24:3f:36:ae:8e:70:c4:
79:ed:33:9c:6d:ee:a5:c3:75:b2:7f:04:cf:b9:57:d4:0a:b3:
b4:a1:6e:10:32:2f:82:df:79:e8:1d:49:76:2a:6a:da:2b:d2:
0c:6b:05:74:2d:16:c4:f9:38:d5:a3:1b:cc:84:94:9f:d6:65:
8b:cc:de:0b:ea:56:e1:bd:18:49:40:23:51:af:20:03:ac:1d:
fa:42:b5:ab:3b:17:b9:54:63:46:3f:2c:e0:05:68:fe:7a:b3:
c7:6d:06:f8:9a:4c:23:62:21:a9:c9:4f:1d:4e:2c:69:df:70:
ce:be:b6:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVweZNLp3nRxQH2Vit30B68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMTAyMDMxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAwMDFhMDhmYzM5ODUzNmI4MmQ4ODdiZTcwZGFmN2JkNjNiZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDpNKlJohcjT1Xu0h1vqdS5COCJO
KDvdR3kpEmkSAzbGRp5ASDDK0zfOdSLmBjQMTvgAoBAiilhgpy0FvFVzcxEDVtRo
u7rxxbFSN28JnydAyJOWA2mUdL+5ze5opU+NeDD1Htg2AbFw7RmrzY1lB0EWsLeG
gNZUitJXLLfdA57pUnn0hJ4gdD0QE2CLwQHnZfjEWwK/0g8o567+5klNjBkRvzPq
sKxYDNT7isPTkxX7+GlihEzcp1VSF3bmNWCSGb621DYeoNf8m+7gxC1qciV1pKxs
vqvfh8pmPz56QsIZIq9ePGjVytc0Eago8IXiIK5ScQygx2jlPZm72EcRQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLIAAaCPw5hTa4LYh75w2ve9Y72zMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvc2dBQm9JX0RtRk5yZ3RpSHZuRGE5NzFqdmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKhK+wACg
MA0GCSqGSIb3DQEBCwUAA4IBAQCi/knXGqzHjz78HFdMm6LxwaiMXrRSy8UFVKw6
Wllx88BFTiTUJnDAeP7zfIYihUUrtZcNMUHCpFZYWyyRP7lFqForiotCZOTJMQjw
y8a02MN/THmlu+Mq1pX0tveEfs9DLxJ1khE3jCyei7Udco/gr/uOqZohRORqbSV+
tK0Dfld25v1O753o8SQ/Nq6OcMR57TOcbe6lw3WyfwTPuVfUCrO0oW4QMi+C33no
HUl2KmraK9IMawV0LRbE+TjVoxvMhJSf1mWLzN4L6lbhvRhJQCNRryADrB36QrWr
Oxe5VGNGPyzgBWj+erPHbQb4mkwjYiGpyU8dTixp33DOvrZr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org