Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/G1PRu-49kYHTSj41Eh1q6EFzViU.roa
File: G1PRu-49kYHTSj41Eh1q6EFzViU.roa (raw, json)
Hash identifier: oKxmDUG01mKpBuWloZB20O3zcAFtMaIr15lv4UvQZ4I=
Subject key identifier: 1B:53:D1:BB:EE:3D:91:81:D3:4A:3E:35:12:1D:6A:E8:41:73:56:25
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018BEC11F4B4467DEBA96C88FAA8C71B4977
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/G1PRu-49kYHTSj41Eh1q6EFzViU.roa
Signing time: Mon 20 Nov 2023 09:31:21 +0000
ROA not before: Mon 20 Nov 2023 09:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134666
IP address blocks: 2a06:e881:480f::/48 maxlen: 48
2a06:e881:4800::/48 maxlen: 48
2a06:e881:4801::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:11:f4:b4:46:7d:eb:a9:6c:88:fa:a8:c7:1b:49:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Nov 20 09:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b53d1bbee3d9181d34a3e35121d6ae841735625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:58:98:5c:9b:96:6c:a7:94:a3:48:32:bb:7a:
30:05:d7:9e:ea:6c:98:0b:97:c3:2c:8b:17:02:7d:
fc:19:63:fd:d0:e6:00:cb:7d:64:be:12:e2:77:6a:
9d:a4:1e:2e:b6:54:f3:c3:37:33:0e:67:53:b7:3b:
0e:ef:54:e9:fb:66:27:d9:bc:84:c3:69:da:4d:d2:
cc:da:74:c8:42:61:90:91:1f:ac:47:47:3e:42:63:
bc:17:48:d5:51:fe:66:82:d0:fa:30:68:95:53:c2:
af:c6:0a:82:98:85:7b:88:e8:88:94:a5:bf:55:de:
a7:ca:17:b0:5f:62:a5:2c:c0:e5:27:68:4d:13:50:
7e:91:84:5c:f6:29:5c:44:c0:8e:ce:5f:bc:45:af:
0c:04:0e:2b:49:e9:41:21:47:18:8e:64:60:10:5b:
90:57:49:ea:f0:0b:63:78:83:9d:91:40:cf:13:7f:
62:c4:76:23:0f:b0:2c:c0:99:ae:09:34:80:c8:ba:
e2:ce:1f:a3:1f:04:75:78:88:36:19:cb:d0:1f:ef:
a9:0b:b9:84:65:79:4e:a6:99:18:17:b5:48:a1:3d:
76:80:dc:f5:4a:8d:3b:bd:f3:63:85:af:2d:15:0a:
55:8d:81:15:f4:cf:47:84:9e:a7:d1:53:92:5c:08:
d2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:53:D1:BB:EE:3D:91:81:D3:4A:3E:35:12:1D:6A:E8:41:73:56:25
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/G1PRu-49kYHTSj41Eh1q6EFzViU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:4800::/47
2a06:e881:480f::/48
Signature Algorithm: sha256WithRSAEncryption
a6:61:89:fd:95:39:27:dc:ce:fd:48:bc:38:cf:d0:d9:e0:8e:
c4:70:b4:1e:94:58:e5:ff:4d:fd:05:f3:65:d7:8c:7b:7a:cc:
5d:4e:31:07:50:9b:8f:37:e1:0e:37:0f:d3:54:ea:52:ec:07:
09:fd:11:44:fb:53:a4:13:f6:e0:b3:ae:c6:e8:7d:80:3e:a7:
3c:aa:fa:ae:bd:59:19:9a:22:7f:15:cb:ef:31:af:29:7e:0c:
26:8a:a6:a7:5e:5b:be:98:8b:14:6f:d9:82:6e:3e:6d:84:a9:
5e:c4:d5:89:7c:93:c6:a4:bd:ee:25:13:3d:b2:58:de:0a:47:
4a:48:3c:83:5d:52:5d:aa:a2:bb:85:7f:82:24:75:03:15:c0:
c2:7c:a9:b0:10:88:af:75:63:b2:99:d8:f4:e2:80:12:b4:d6:
28:81:7c:39:89:1c:e9:6e:2d:5b:42:20:cc:8f:0d:06:91:6f:
81:25:22:97:30:23:86:ff:ad:71:1f:4b:ec:31:aa:e8:88:fa:
b8:e1:c8:58:7c:e6:7e:95:c1:80:9c:8c:eb:86:a9:43:ec:14:
c4:77:1a:ea:d8:aa:e3:39:c2:1b:d2:cd:78:e7:5b:12:d9:0c:
03:22:be:fd:24:39:55:3b:ec:63:59:0d:93:9a:3a:8d:38:c8:
87:a6:47:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvsEfS0Rn3rqWyI+qjHG0l3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMxMTIwMDkzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUzZDFiYmVlM2Q5MTgxZDM0YTNlMzUxMjFkNmFlODQxNzM1NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1iYXJuWbKeUo0gyu3owBdee6myY
C5fDLIsXAn38GWP90OYAy31kvhLid2qdpB4utlTzwzczDmdTtzsO71Tp+2Yn2byE
w2naTdLM2nTIQmGQkR+sR0c+QmO8F0jVUf5mgtD6MGiVU8KvxgqCmIV7iOiIlKW/
Vd6nyhewX2KlLMDlJ2hNE1B+kYRc9ilcRMCOzl+8Ra8MBA4rSelBIUcYjmRgEFuQ
V0nq8AtjeIOdkUDPE39ixHYjD7AswJmuCTSAyLrizh+jHwR1eIg2GcvQH++pC7mE
ZXlOppkYF7VIoT12gNz1So07vfNjha8tFQpVjYEV9M9HhJ6n0VOSXAjSMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBtT0bvuPZGB00o+NRIdauhBc1YlMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvRzFQUnUtNDlrWUhUU2o0MUVoMXE2RUZ6VmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgbogUgA
AwcAKgbogUgPMA0GCSqGSIb3DQEBCwUAA4IBAQCmYYn9lTkn3M79SLw4z9DZ4I7E
cLQelFjl/039BfNl14x7esxdTjEHUJuPN+EONw/TVOpS7AcJ/RFE+1OkE/bgs67G
6H2APqc8qvquvVkZmiJ/FcvvMa8pfgwmiqanXlu+mIsUb9mCbj5thKlexNWJfJPG
pL3uJRM9sljeCkdKSDyDXVJdqqK7hX+CJHUDFcDCfKmwEIivdWOymdj04oAStNYo
gXw5iRzpbi1bQiDMjw0GkW+BJSKXMCOG/61xH0vsMaroiPq44chYfOZ+lcGAnIzr
hqlD7BTEdxrq2KrjOcIb0s1451sS2QwDIr79JDlVO+xjWQ2TmjqNOMiHpkdU
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org