Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yD2pjYUi_UmFwn3ETqTeNFkHXUM.roa
File: yD2pjYUi_UmFwn3ETqTeNFkHXUM.roa (raw, json)
Hash identifier: p08NFIcsPqJaXkDZXEPlXT/PPExqzhcDoqub184ULVc=
Subject key identifier: C8:3D:A9:8D:85:22:FD:49:85:C2:7D:C4:4E:A4:DE:34:59:07:5D:43
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018727572A0C6988BD971ED7DE786D3E3B53
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yD2pjYUi_UmFwn3ETqTeNFkHXUM.roa
Signing time: Tue 28 Mar 2023 08:30:36 +0000
ROA not before: Tue 28 Mar 2023 08:30:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211027
IP address blocks: 2a0f:cc81::/32 maxlen: 32
2a11:200:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 02 Aug 2023 10:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:57:2a:0c:69:88:bd:97:1e:d7:de:78:6d:3e:3b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 28 08:30:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c83da98d8522fd4985c27dc44ea4de3459075d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:10:e3:31:49:d2:34:40:0a:0b:98:b8:72:8f:
99:33:2b:c2:df:d7:bd:79:39:50:d0:ae:1d:fb:02:
11:95:8d:61:c7:97:87:28:f0:0f:0f:cf:ca:39:ca:
28:d6:84:b1:73:b1:f8:4f:76:15:a4:6d:0c:ac:c9:
9e:07:a7:8b:49:14:5f:cd:47:c8:16:f6:43:87:97:
39:e7:9a:d9:b5:43:b4:5e:3e:91:53:27:ce:54:39:
74:0f:a6:86:26:41:44:1a:b4:ec:d7:7d:d5:7f:6c:
69:55:50:d9:9e:bd:c2:c2:ad:23:11:e3:fd:1d:0a:
f5:c7:5e:33:9c:13:ca:52:ca:b1:ad:f6:85:a0:e3:
33:34:eb:a7:5e:44:92:b5:0b:2e:47:3b:73:e8:14:
d6:31:82:10:92:4b:f0:08:f0:af:2b:72:35:0f:44:
07:b0:36:87:ba:e4:b1:62:03:d1:aa:62:26:a8:0f:
4a:1b:3c:2b:51:80:70:21:c4:3a:c8:b5:a4:92:46:
b9:04:b9:55:f1:88:17:35:f2:22:f2:01:8d:ae:10:
e7:44:5a:89:41:4b:d4:f6:6e:bb:dc:9c:46:f3:f9:
0c:30:c1:22:a6:4b:da:10:d3:59:ad:1a:90:a5:31:
6e:99:33:c4:1c:75:26:ef:f3:02:94:f8:72:f0:84:
9f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3D:A9:8D:85:22:FD:49:85:C2:7D:C4:4E:A4:DE:34:59:07:5D:43
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yD2pjYUi_UmFwn3ETqTeNFkHXUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:cc81::/32
2a11:200:2000::/36
Signature Algorithm: sha256WithRSAEncryption
4f:7a:04:66:cd:5f:bb:60:af:46:fd:a8:31:87:c7:87:d0:03:
03:a6:ae:88:96:a7:3d:b5:8e:a7:24:f7:8a:1d:1a:c2:e9:6b:
c6:de:54:05:56:59:80:a5:56:b3:cc:f4:56:57:e5:62:d2:7d:
32:7a:f6:85:f5:51:9b:06:68:8b:49:0d:d4:bb:1b:f8:8a:3d:
64:f7:14:72:42:36:9f:35:8d:dd:72:40:43:85:23:94:c7:da:
93:85:1a:9d:0e:f1:cd:f2:bf:90:fe:1e:86:1a:cf:50:2f:0c:
f3:9d:52:a6:50:f2:52:32:49:ee:21:88:82:02:d2:7d:c6:6b:
7d:7d:be:86:6a:66:84:d1:5b:73:aa:32:15:18:f0:78:45:a3:
e6:49:7f:06:a2:25:35:24:02:00:93:83:5c:b3:26:72:f7:18:
83:b5:53:6c:1b:c1:60:98:bf:2c:11:03:f6:65:a8:16:b9:53:
3e:83:10:5f:11:64:f2:01:19:de:02:96:2b:60:70:82:0f:0e:
75:48:70:c4:cb:27:33:d4:00:26:20:71:88:27:59:70:2a:7a:
21:7e:73:e1:08:a9:0f:33:f8:b6:0e:16:0f:be:39:d2:7f:1f:
42:2c:6a:d0:e0:1f:12:6a:2b:85:2f:c0:3c:ba:c2:ba:db:2e:
92:dd:a8:32
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYcnVyoMaYi9lx7X3nhtPjtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMzI4MDgzMDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNkYTk4ZDg1MjJmZDQ5ODVjMjdkYzQ0ZWE0ZGUzNDU5MDc1ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRDjMUnSNEAKC5i4co+ZMyvC39e9
eTlQ0K4d+wIRlY1hx5eHKPAPD8/KOcoo1oSxc7H4T3YVpG0MrMmeB6eLSRRfzUfI
FvZDh5c555rZtUO0Xj6RUyfOVDl0D6aGJkFEGrTs133Vf2xpVVDZnr3Cwq0jEeP9
HQr1x14znBPKUsqxrfaFoOMzNOunXkSStQsuRztz6BTWMYIQkkvwCPCvK3I1D0QH
sDaHuuSxYgPRqmImqA9KGzwrUYBwIcQ6yLWkkka5BLlV8YgXNfIi8gGNrhDnRFqJ
QUvU9m673JxG8/kMMMEipkvaENNZrRqQpTFumTPEHHUm7/MClPhy8ISf4wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFMg9qY2FIv1JhcJ9xE6k3jRZB11DMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEveUQycGpZVWlfVW1Gd24zRVRxVGVORmtIWFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUAKg/MgQMG
BCoRAgAgMA0GCSqGSIb3DQEBCwUAA4IBAQBPegRmzV+7YK9G/agxh8eH0AMDpq6I
lqc9tY6nJPeKHRrC6WvG3lQFVlmApVazzPRWV+Vi0n0yevaF9VGbBmiLSQ3Uuxv4
ij1k9xRyQjafNY3dckBDhSOUx9qThRqdDvHN8r+Q/h6GGs9QLwzznVKmUPJSMknu
IYiCAtJ9xmt9fb6GamaE0VtzqjIVGPB4RaPmSX8GoiU1JAIAk4NcsyZy9xiDtVNs
G8FgmL8sEQP2ZagWuVM+gxBfEWTyARneApYrYHCCDw51SHDEyycz1AAmIHGIJ1lw
KnohfnPhCKkPM/i2DhYPvjnSfx9CLGrQ4B8SaiuFL8A8usK62y6S3agy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org