Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/s2BL_R36HqhdcCJBOx4X1QkrTCk.roa
File: s2BL_R36HqhdcCJBOx4X1QkrTCk.roa (raw, json)
Hash identifier: kNInbvfC1srN0qH3b+Ug7SRcEL8dgIMMXwYy57rP0FU=
Subject key identifier: B3:60:4B:FD:1D:FA:1E:A8:5D:70:22:41:3B:1E:17:D5:09:2B:4C:29
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018F0FFB261E96AFE265EBDF77F6D14C12D5
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/s2BL_R36HqhdcCJBOx4X1QkrTCk.roa
Signing time: Wed 24 Apr 2024 12:01:08 +0000
ROA not before: Wed 24 Apr 2024 12:01:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1609
IP address blocks: 2a0b:2900::/32 maxlen: 56
2a0b:2900:1100::/40 maxlen: 56
Validation: Failed, certificate revoked on Wed 24 Apr 2024 13:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:fb:26:1e:96:af:e2:65:eb:df:77:f6:d1:4c:12:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Apr 24 12:01:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3604bfd1dfa1ea85d7022413b1e17d5092b4c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fd:a1:90:df:4e:b6:0d:54:8d:78:d5:de:2c:
00:46:01:0d:66:22:e2:24:17:77:60:38:34:f6:e4:
fb:1b:14:7f:1b:2c:4f:39:9b:55:1e:26:67:71:3a:
38:31:5d:b4:b5:6d:17:fc:0b:5e:56:4d:9f:bc:6a:
fb:ee:78:a8:86:9f:ba:b0:b1:e0:5c:8d:04:6f:bb:
b6:28:bf:13:ea:b2:10:3b:67:de:5e:e1:5a:cb:ab:
ba:a0:63:9e:96:88:02:c4:98:0a:fe:cd:f1:d6:34:
83:4f:54:9e:00:38:36:bd:c7:66:ff:73:c5:33:26:
23:5f:0e:13:7c:aa:01:4c:01:a4:1b:17:5f:b1:2f:
c4:4e:c7:62:82:7f:04:96:67:48:cd:ce:32:10:af:
59:34:72:5d:9f:c4:4b:19:d6:ac:bc:8a:0c:35:3d:
31:60:8c:b9:6a:ae:84:93:12:bd:e7:91:71:c5:08:
0e:29:94:5e:71:13:91:b5:45:51:d8:db:ae:7a:6b:
e9:a6:33:3a:a3:07:6a:67:57:e3:da:ef:c4:36:ff:
25:64:05:b2:d1:25:97:30:35:23:e6:6a:e5:5c:2a:
ed:86:df:fc:4c:dc:58:c9:a0:8f:df:9b:79:18:7b:
14:de:7f:0d:4b:20:0e:52:c0:20:79:b7:88:b6:44:
01:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:60:4B:FD:1D:FA:1E:A8:5D:70:22:41:3B:1E:17:D5:09:2B:4C:29
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/s2BL_R36HqhdcCJBOx4X1QkrTCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2900::/32
Signature Algorithm: sha256WithRSAEncryption
01:c9:86:9c:0a:22:d5:96:c0:f9:66:39:0d:51:25:7b:5a:03:
4d:0d:8e:e4:81:4f:50:a1:55:82:d4:1c:36:58:30:eb:ad:ba:
29:db:cf:a0:e6:7a:36:23:fa:78:15:e5:b7:43:a1:46:08:8a:
fe:5b:ca:9c:1d:10:e5:21:47:25:a4:c2:93:8e:a0:d0:6f:87:
e7:e5:33:ca:7d:9b:63:b1:34:9d:fd:71:ef:d5:23:a8:a6:32:
88:15:b5:28:89:18:9e:c9:30:e0:ab:7e:80:2b:a6:42:fb:16:
69:21:c6:be:bf:b2:e9:b1:0a:5e:35:e3:80:ad:f5:9a:38:ac:
95:8a:89:30:17:c7:7d:a8:99:af:c5:c6:a7:f2:dc:3e:7e:50:
72:35:26:64:35:48:8f:3f:74:cb:4b:b4:56:dd:ec:24:99:ed:
d2:10:9e:01:3a:5a:a4:bf:02:91:0c:59:64:ab:4b:7f:e5:d2:
7f:96:d5:c1:db:cc:6c:42:83:7a:78:e9:d5:67:da:c9:97:63:
a1:26:08:a2:fd:ed:67:8f:d8:3b:d6:b1:69:f9:48:0e:a7:9c:
c8:36:2b:90:82:0c:3f:32:cc:05:5e:89:92:92:9a:b6:ab:ae:
c7:c4:40:b6:83:a8:0e:8e:ba:69:3e:04:e7:42:95:79:1e:af:
8b:15:ec:c9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8P+yYelq/iZevfd/bRTBLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwNDI0MTIwMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYwNGJmZDFkZmExZWE4NWQ3MDIyNDEzYjFlMTdkNTA5MmI0YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP2hkN9Otg1UjXjV3iwARgENZiLi
JBd3YDg09uT7GxR/GyxPOZtVHiZncTo4MV20tW0X/AteVk2fvGr77niohp+6sLHg
XI0Eb7u2KL8T6rIQO2feXuFay6u6oGOelogCxJgK/s3x1jSDT1SeADg2vcdm/3PF
MyYjXw4TfKoBTAGkGxdfsS/ETsdign8ElmdIzc4yEK9ZNHJdn8RLGdasvIoMNT0x
YIy5aq6EkxK955FxxQgOKZRecRORtUVR2NuuemvppjM6owdqZ1fj2u/ENv8lZAWy
0SWXMDUj5mrlXCrtht/8TNxYyaCP35t5GHsU3n8NSyAOUsAgebeItkQBEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLNgS/0d+h6oXXAiQTseF9UJK0wpMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvczJCTF9SMzZIcWhkY0NKQk94NFgxUWtyVENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgspADAN
BgkqhkiG9w0BAQsFAAOCAQEAAcmGnAoi1ZbA+WY5DVEle1oDTQ2O5IFPUKFVgtQc
Nlgw6626KdvPoOZ6NiP6eBXlt0OhRgiK/lvKnB0Q5SFHJaTCk46g0G+H5+Uzyn2b
Y7E0nf1x79UjqKYyiBW1KIkYnskw4Kt+gCumQvsWaSHGvr+y6bEKXjXjgK31mjis
lYqJMBfHfaiZr8XGp/LcPn5QcjUmZDVIjz90y0u0Vt3sJJnt0hCeATpapL8CkQxZ
ZKtLf+XSf5bVwdvMbEKDenjp1WfayZdjoSYIov3tZ4/YO9axaflIDqecyDYrkIIM
PzLMBV6JkpKatquux8RAtoOoDo66aT4E50KVeR6vixXsyQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 17:32:18 2024 by rpki-client on console-ams.rpki-client.org