Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/pKO7DPCJVf4dbETLhynq7krJmPg.roa
File: pKO7DPCJVf4dbETLhynq7krJmPg.roa (raw, json)
Hash identifier: tukB6RpVaKzwYg7PXIYM7npJXuUhq4M97qliCZY0CKk=
Subject key identifier: A4:A3:BB:0C:F0:89:55:FE:1D:6C:44:CB:87:29:EA:EE:4A:C9:98:F8
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 018572DEFF9FE53299F293D0E577B980842A
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/pKO7DPCJVf4dbETLhynq7krJmPg.roa
Signing time: Mon 02 Jan 2023 14:24:55 +0000
ROA not before: Mon 02 Jan 2023 14:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 941
IP address blocks: 2a12:f3c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:ff:9f:e5:32:99:f2:93:d0:e5:77:b9:80:84:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: Jan 2 14:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4a3bb0cf08955fe1d6c44cb8729eaee4ac998f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:4f:d8:c4:fe:58:fb:d8:48:e7:28:25:78:
d8:7b:60:50:3d:ad:35:0e:5d:02:f2:61:0d:c2:d6:
3e:b5:7e:42:83:a0:60:18:5e:d7:5c:38:f6:b8:a6:
dc:a3:d2:a5:d9:ea:ca:74:ca:3b:1d:3c:9b:d8:54:
41:66:0d:4e:65:b5:32:d9:fe:36:49:70:b4:3a:ee:
95:8e:9f:31:d1:fa:f2:65:ea:af:f2:a4:c5:99:2f:
d8:2a:d1:d6:7f:8a:70:71:e0:5b:f5:db:51:d9:35:
dd:0d:81:0b:04:e5:49:c7:40:19:d5:ae:38:3b:fa:
e1:61:b9:bb:fc:84:70:a5:38:b6:51:e5:30:c8:00:
ed:04:97:02:b2:85:7f:18:d0:6b:6d:d1:5e:72:d4:
62:f8:5e:23:be:c3:a0:94:bc:1b:11:bf:84:a6:52:
49:3c:b4:04:07:fa:02:44:32:4f:a3:b7:3c:99:07:
8b:14:c6:7d:1b:b1:60:0c:86:9b:62:b6:a3:3b:a9:
fa:4c:4f:2c:61:d7:73:2c:ea:f4:80:2a:1b:fa:14:
20:27:98:26:1b:c6:3f:de:65:96:b4:8b:1f:44:f3:
d7:35:40:d9:c7:45:77:04:58:0a:c2:be:af:0f:1e:
bd:d2:28:d2:d5:99:13:2b:57:04:70:b0:e5:16:9a:
ec:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A3:BB:0C:F0:89:55:FE:1D:6C:44:CB:87:29:EA:EE:4A:C9:98:F8
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/pKO7DPCJVf4dbETLhynq7krJmPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:af:af:74:35:ef:60:2d:e2:39:06:cc:3b:40:85:37:e2:0f:
e1:4c:23:ec:37:9c:1f:5a:9a:8a:77:f9:7e:b6:16:e9:d7:81:
4c:ba:d7:f9:72:66:84:b9:92:13:4d:10:c6:3c:79:ed:73:f3:
8e:0b:93:7c:52:3e:cd:65:e6:3a:56:1b:87:9b:14:eb:8f:4e:
28:06:bb:5a:4d:27:93:31:a5:2b:67:26:e9:ef:89:cf:42:6b:
7f:3f:87:41:90:9a:d5:9e:27:61:ad:89:a2:53:24:65:ec:e1:
06:f1:70:9d:54:d6:79:40:f0:bd:9d:63:92:a3:43:8f:6f:72:
a7:77:0c:82:58:92:eb:54:87:00:68:b4:68:19:ea:44:54:fc:
fb:26:8b:21:ef:07:61:d7:84:14:6d:59:8f:b3:af:37:60:24:
1a:b5:d3:cb:db:f8:77:e5:e9:57:33:84:17:bb:1c:67:a3:b0:
df:5d:85:8b:47:43:5f:08:f9:9e:bd:4a:74:d5:e7:ca:c6:51:
85:75:b2:f0:f7:62:03:da:f0:3f:ae:79:5f:3c:94:a8:01:fc:
38:24:cd:47:0c:00:97:d9:dc:51:70:c3:72:b2:49:99:a8:9a:
73:4b:33:7f:f1:40:da:7d:4e:ee:82:5d:80:b2:57:3c:73:b6:
be:a5:6c:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy3v+f5TKZ8pPQ5Xe5gIQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4
ODRkMTgwHhcNMjMwMTAyMTQyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGEzYmIwY2YwODk1NWZlMWQ2YzQ0Y2I4NzI5ZWFlZTRhYzk5OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlslP2MT+WPvYSOcoJXjYe2BQPa01
Dl0C8mENwtY+tX5Cg6BgGF7XXDj2uKbco9Kl2erKdMo7HTyb2FRBZg1OZbUy2f42
SXC0Ou6Vjp8x0fryZeqv8qTFmS/YKtHWf4pwceBb9dtR2TXdDYELBOVJx0AZ1a44
O/rhYbm7/IRwpTi2UeUwyADtBJcCsoV/GNBrbdFectRi+F4jvsOglLwbEb+EplJJ
PLQEB/oCRDJPo7c8mQeLFMZ9G7FgDIabYrajO6n6TE8sYddzLOr0gCob+hQgJ5gm
G8Y/3mWWtIsfRPPXNUDZx0V3BFgKwr6vDx690ijS1ZkTK1cEcLDlFprsIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKSjuwzwiVX+HWxEy4cp6u5KyZj4MB8GA1UdIwQY
MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt
Mzg4ZDhhZDJhNWJiLzEvcEtPN0RQQ0pWZjRkYkVUTGh5bnE3a3JKbVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi
LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDAN
BgkqhkiG9w0BAQsFAAOCAQEACK+vdDXvYC3iOQbMO0CFN+IP4Uwj7DecH1qainf5
frYW6deBTLrX+XJmhLmSE00Qxjx57XPzjguTfFI+zWXmOlYbh5sU649OKAa7Wk0n
kzGlK2cm6e+Jz0Jrfz+HQZCa1Z4nYa2JolMkZezhBvFwnVTWeUDwvZ1jkqNDj29y
p3cMgliS61SHAGi0aBnqRFT8+yaLIe8HYdeEFG1Zj7OvN2AkGrXTy9v4d+XpVzOE
F7scZ6Ow312Fi0dDXwj5nr1KdNXnysZRhXWy8PdiA9rwP655XzyUqAH8OCTNRwwA
l9ncUXDDcrJJmaiac0szf/FA2n1O7oJdgLJXPHO2vqVsog==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:49 2023 by rpki-client on console-ams.rpki-client.org