Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a6c008-dfdf-47ba-a7e6-25eded73fc70/1/TmL3blTK5pyBcEP6FOeWv1ss4c8.roa
File: TmL3blTK5pyBcEP6FOeWv1ss4c8.roa (raw, json)
Hash identifier: Ua1D4Ic9KfitwUboOpqVPR4oopzPO2YzkkhaOZ3GngY=
Subject key identifier: 4E:62:F7:6E:54:CA:E6:9C:81:70:43:FA:14:E7:96:BF:5B:2C:E1:CF
Certificate issuer: /CN=ccf94814139e50cf0ad138f03dcc7f35b8b4dfb4
Certificate serial: 018571BA181F5F75C666EC97B38CF66746F5
Authority key identifier: CC:F9:48:14:13:9E:50:CF:0A:D1:38:F0:3D:CC:7F:35:B8:B4:DF:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPlIFBOeUM8K0TjwPcx_Nbi037Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c008-dfdf-47ba-a7e6-25eded73fc70/1/TmL3blTK5pyBcEP6FOeWv1ss4c8.roa
Signing time: Mon 02 Jan 2023 09:04:59 +0000
ROA not before: Mon 02 Jan 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25596
IP address blocks: 2a02:58::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:18:1f:5f:75:c6:66:ec:97:b3:8c:f6:67:46:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccf94814139e50cf0ad138f03dcc7f35b8b4dfb4
Validity
Not Before: Jan 2 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e62f76e54cae69c817043fa14e796bf5b2ce1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:37:a1:68:47:e0:6f:5c:5f:7d:50:88:f5:6b:
72:4a:58:a7:c3:37:03:a0:2d:cd:3f:14:74:5e:00:
d8:8e:11:c6:30:96:ab:01:78:10:10:3c:ef:7a:63:
58:2b:98:89:b7:35:c9:b4:54:d3:31:ed:2b:04:46:
56:e5:9a:46:a1:89:f6:81:98:4e:f5:6f:48:a0:7b:
91:3c:12:40:6a:15:39:38:3b:06:7c:79:25:c8:83:
0a:81:db:a4:91:ec:0f:52:59:20:f4:a0:19:c9:e6:
f2:35:c3:ef:55:e0:00:7d:73:ea:dc:13:4d:30:b4:
98:6b:96:fd:82:d7:89:5c:f2:eb:34:22:39:f0:25:
6e:f0:90:60:f5:84:ac:e9:2a:a5:79:b5:a3:34:33:
ac:93:2e:b3:90:f7:52:7a:9e:33:1e:a9:9a:44:2b:
91:6f:9d:7a:e8:b4:cc:a2:18:13:69:ce:1e:3f:a6:
d4:1e:f2:1d:60:d1:36:ff:55:89:70:ae:7d:53:ad:
5a:27:4e:2b:6c:e3:d6:5f:c3:29:7d:ee:61:e1:9a:
01:39:52:26:23:2e:40:95:76:ba:3c:8c:72:5d:c0:
78:a7:10:5b:ee:f7:aa:ed:32:cf:5a:89:11:95:78:
96:31:5c:3f:d4:41:7a:f2:3f:ab:74:ea:97:9f:2d:
87:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:62:F7:6E:54:CA:E6:9C:81:70:43:FA:14:E7:96:BF:5B:2C:E1:CF
X509v3 Authority Key Identifier:
keyid:CC:F9:48:14:13:9E:50:CF:0A:D1:38:F0:3D:CC:7F:35:B8:B4:DF:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPlIFBOeUM8K0TjwPcx_Nbi037Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c008-dfdf-47ba-a7e6-25eded73fc70/1/TmL3blTK5pyBcEP6FOeWv1ss4c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c008-dfdf-47ba-a7e6-25eded73fc70/1/zPlIFBOeUM8K0TjwPcx_Nbi037Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:58::/32
Signature Algorithm: sha256WithRSAEncryption
0e:0c:4b:65:36:70:3d:25:23:f1:6a:6e:8e:72:5a:8b:08:74:
f5:cb:d3:f2:99:a9:99:a6:e5:58:3c:b6:d6:35:24:5e:31:0a:
4f:ec:bc:c5:39:1a:ce:b7:77:19:77:6d:30:08:7c:18:22:c5:
7b:2b:71:1e:b0:02:f5:d7:48:0d:e3:48:23:fb:2b:0e:bc:25:
fc:2b:50:e2:c9:00:c4:7e:51:92:cb:42:cc:c4:3a:cb:46:41:
a2:b4:3b:e6:af:c4:37:81:b3:fc:89:a0:45:97:87:c0:18:e3:
7f:a3:0f:34:f8:69:01:e5:d6:02:27:d9:b1:61:63:65:21:ed:
1f:eb:8a:4d:4b:4f:a2:eb:db:8e:fd:af:bd:bb:d2:5f:5a:97:
3c:9b:aa:db:98:1a:33:89:47:80:cc:bc:31:10:0d:48:26:74:
3f:43:e1:66:f4:c3:54:ba:08:72:40:8c:82:e4:83:b6:05:72:
48:64:87:55:04:b4:6d:b1:dc:b3:71:90:7e:a8:27:29:95:9c:
68:61:b2:58:e4:3b:46:53:f3:6c:00:65:d2:63:49:52:db:46:
34:c4:db:cc:59:85:3d:ec:f6:06:8d:4d:58:a1:7b:ae:c2:26:
3f:88:7f:26:76:a3:dd:00:e9:36:5b:fc:88:7f:de:41:c0:bd:
07:b1:49:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxuhgfX3XGZuyXs4z2Z0b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZjk0ODE0MTM5ZTUwY2YwYWQxMzhmMDNkY2M3ZjM1Yjhi
NGRmYjQwHhcNMjMwMTAyMDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYyZjc2ZTU0Y2FlNjljODE3MDQzZmExNGU3OTZiZjViMmNlMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzehaEfgb1xffVCI9WtySlinwzcD
oC3NPxR0XgDYjhHGMJarAXgQEDzvemNYK5iJtzXJtFTTMe0rBEZW5ZpGoYn2gZhO
9W9IoHuRPBJAahU5ODsGfHklyIMKgdukkewPUlkg9KAZyebyNcPvVeAAfXPq3BNN
MLSYa5b9gteJXPLrNCI58CVu8JBg9YSs6SqlebWjNDOsky6zkPdSep4zHqmaRCuR
b5166LTMohgTac4eP6bUHvIdYNE2/1WJcK59U61aJ04rbOPWX8Mpfe5h4ZoBOVIm
Iy5AlXa6PIxyXcB4pxBb7veq7TLPWokRlXiWMVw/1EF68j+rdOqXny2HgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE5i925UyuacgXBD+hTnlr9bLOHPMB8GA1UdIwQY
MBaAFMz5SBQTnlDPCtE48D3MfzW4tN+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelBsSUZCT2VVTThLMFRqd1BjeF9OYmkwMzdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hNmMwMDgtZGZkZi00N2JhLWE3ZTYt
MjVlZGVkNzNmYzcwLzEvVG1MM2JsVEs1cHlCY0VQNkZPZVd2MXNzNGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hNmMwMDgtZGZkZi00N2JhLWE3ZTYtMjVlZGVkNzNmYzcw
LzEvelBsSUZCT2VVTThLMFRqd1BjeF9OYmkwMzdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIAWDAN
BgkqhkiG9w0BAQsFAAOCAQEADgxLZTZwPSUj8WpujnJaiwh09cvT8pmpmablWDy2
1jUkXjEKT+y8xTkazrd3GXdtMAh8GCLFeytxHrAC9ddIDeNII/srDrwl/CtQ4skA
xH5RkstCzMQ6y0ZBorQ75q/EN4Gz/ImgRZeHwBjjf6MPNPhpAeXWAifZsWFjZSHt
H+uKTUtPouvbjv2vvbvSX1qXPJuq25gaM4lHgMy8MRANSCZ0P0PhZvTDVLoIckCM
guSDtgVySGSHVQS0bbHcs3GQfqgnKZWcaGGyWOQ7RlPzbABl0mNJUttGNMTbzFmF
Pez2Bo1NWKF7rsImP4h/Jnaj3QDpNlv8iH/eQcC9B7FJLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:39 2024 by rpki-client on console-fra.rpki-client.org