Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/1-TzTZmxPatnxNqZfJkMh3pbs5vU.roa
File: 1-TzTZmxPatnxNqZfJkMh3pbs5vU.roa (raw, json)
Hash identifier: DKmmMUxrhpB0H+02XFzNGEPyPfHnFcWYTLzdixf44o8=
Subject key identifier: F9:3C:D3:66:6C:4F:6A:D9:F1:36:A6:5F:26:43:21:DE:96:EC:E6:F5
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C31CBD16ECE0B9C944AECD265E5669
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/1-TzTZmxPatnxNqZfJkMh3pbs5vU.roa
Signing time: Mon 02 Jan 2023 09:14:50 +0000
ROA not before: Mon 02 Jan 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204624
IP address blocks: 2a06:e881:3900::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:1c:bd:16:ec:e0:b9:c9:44:ae:cd:26:5e:56:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f93cd3666c4f6ad9f136a65f264321de96ece6f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:44:09:ad:06:17:9c:96:6f:71:47:9a:d9:fa:
08:a1:54:5e:0b:4d:80:fa:a4:db:63:eb:6a:fa:f9:
3f:ff:a2:71:18:fe:d2:8a:cb:a9:fd:10:28:e9:7c:
2a:3f:9f:9c:b8:e4:1b:33:d1:ea:60:ab:1b:ac:9f:
a5:af:fb:75:41:8a:ed:39:b8:be:03:79:f7:6a:a3:
31:01:96:39:9a:c5:00:a4:35:a5:e2:16:66:9b:8f:
02:2b:99:96:38:fe:13:4d:47:09:e1:ad:3d:cc:d3:
50:97:ce:b0:ab:5e:b5:55:ed:29:da:0f:44:c8:01:
cc:e1:66:0d:12:b4:0d:ee:c6:dd:e9:04:30:57:44:
df:6b:e2:3f:35:83:b1:ac:f4:5d:af:7f:4c:cd:4e:
2f:11:4d:71:16:59:a9:00:3c:cf:ec:ed:07:92:f2:
ae:ad:d0:5d:d6:d0:7d:38:70:5c:13:88:a2:97:5e:
74:ca:dc:d1:20:7a:06:22:e0:28:b5:b6:53:77:9f:
23:b8:b6:3a:10:79:0e:f2:2b:08:e0:64:79:09:54:
8a:77:d2:d1:89:49:00:b2:fe:d7:30:2f:b4:a3:ff:
87:b0:5f:1b:db:ae:89:33:21:1c:e6:16:af:12:f6:
73:ab:78:22:28:12:89:c1:08:cb:47:62:e8:2d:68:
9c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3C:D3:66:6C:4F:6A:D9:F1:36:A6:5F:26:43:21:DE:96:EC:E6:F5
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/1-TzTZmxPatnxNqZfJkMh3pbs5vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:3900::/44
Signature Algorithm: sha256WithRSAEncryption
23:94:2b:6b:ad:17:30:97:fd:bf:07:64:76:f5:c2:fc:8f:d0:
ba:d6:13:d4:5b:1e:c6:e6:0a:d4:31:b8:c2:8e:c7:37:20:67:
80:d5:5f:df:c8:9c:1a:8c:fc:0b:21:55:c4:1d:58:9f:fd:e8:
f5:0c:a1:58:47:90:c6:5b:de:5d:59:3f:25:c7:bb:cd:5e:5f:
6b:15:aa:97:57:44:98:1e:c1:15:68:77:2f:18:0a:25:fc:e0:
1f:83:06:d6:86:ae:2b:ea:37:a1:42:50:bf:dc:b5:e5:8d:68:
8f:ca:3c:41:c0:98:a0:a3:9c:58:9e:cb:66:f1:bc:8f:7a:48:
53:2c:e2:bf:7e:00:3f:cd:13:11:fb:d6:45:7b:67:90:fa:be:
d7:b3:9e:92:8d:68:b6:88:38:ac:cf:d7:dd:71:c7:04:08:62:
6f:9c:4a:45:8b:e5:c8:b1:65:62:ba:9c:03:db:31:48:dc:d9:
f7:9a:60:93:4f:11:e9:25:b0:1f:33:12:cb:6a:e9:fe:c4:ed:
24:90:a7:48:ac:3f:04:e2:35:e9:d0:24:f7:32:a0:16:7c:6e:
fe:11:64:dd:7a:8d:a4:1d:6b:2d:7a:71:d4:da:9f:b2:a5:d2:
92:e2:26:90:c9:23:28:16:0f:b7:c2:17:67:53:8c:20:51:cc:
db:ee:c8:6b
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVxwxy9FuzguclErs0mXlZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTNjZDM2NjZjNGY2YWQ5ZjEzNmE2NWYyNjQzMjFkZTk2ZWNlNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEQJrQYXnJZvcUea2foIoVReC02A
+qTbY+tq+vk//6JxGP7Sisup/RAo6XwqP5+cuOQbM9HqYKsbrJ+lr/t1QYrtObi+
A3n3aqMxAZY5msUApDWl4hZmm48CK5mWOP4TTUcJ4a09zNNQl86wq161Ve0p2g9E
yAHM4WYNErQN7sbd6QQwV0Tfa+I/NYOxrPRdr39MzU4vEU1xFlmpADzP7O0HkvKu
rdBd1tB9OHBcE4iil150ytzRIHoGIuAotbZTd58juLY6EHkO8isI4GR5CVSKd9LR
iUkAsv7XMC+0o/+HsF8b266JMyEc5havEvZzq3giKBKJwQjLR2LoLWic0QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPk802ZsT2rZ8TamXyZDId6W7Ob1MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvMS1UelRabXhQYXRueE5xWmZKa01oM3BiczV2VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvMWU0M2U0LWQwNmUtNGE1NS1iZGI2LTNkOTFlZGU1YjJi
MS8xL3VBZExRWjZ0VE9fcUx5clN3bG5aZU1YdGVWUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoG6IE5
ADANBgkqhkiG9w0BAQsFAAOCAQEAI5Qra60XMJf9vwdkdvXC/I/QutYT1FsexuYK
1DG4wo7HNyBngNVf38icGoz8CyFVxB1Yn/3o9QyhWEeQxlveXVk/Jce7zV5faxWq
l1dEmB7BFWh3LxgKJfzgH4MG1oauK+o3oUJQv9y15Y1oj8o8QcCYoKOcWJ7LZvG8
j3pIUyziv34AP80TEfvWRXtnkPq+17Oeko1otog4rM/X3XHHBAhib5xKRYvlyLFl
YrqcA9sxSNzZ95pgk08R6SWwHzMSy2rp/sTtJJCnSKw/BOI16dAk9zKgFnxu/hFk
3XqNpB1rLXpx1NqfsqXSkuImkMkjKBYPt8IXZ1OMIFHM2+7Iaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org