Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/tJI_7MjG7hrwlWbIYqTPYbWzvYY.roa
File: tJI_7MjG7hrwlWbIYqTPYbWzvYY.roa (raw, json)
Hash identifier: toILavSWYsFpecpaOWwdGcf2fG0Ur/sy5i13+LQm6lM=
Subject key identifier: B4:92:3F:EC:C8:C6:EE:1A:F0:95:66:C8:62:A4:CF:61:B5:B3:BD:86
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C329A2DB169C0211D06FCE7106DB06
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/tJI_7MjG7hrwlWbIYqTPYbWzvYY.roa
Signing time: Mon 02 Jan 2023 09:14:53 +0000
ROA not before: Mon 02 Jan 2023 09:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212024
IP address blocks: 2a06:e881:7700::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:29:a2:db:16:9c:02:11:d0:6f:ce:71:06:db:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4923fecc8c6ee1af09566c862a4cf61b5b3bd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1b:2b:be:55:0f:49:ba:35:27:16:11:6c:0b:
95:09:9e:a0:86:5d:ea:ff:53:b2:cc:25:dc:c0:20:
5a:ef:6b:90:b9:e6:39:b5:49:22:25:73:17:5d:03:
30:0b:8e:ad:b2:8b:48:af:fa:3b:f7:e1:13:83:4e:
61:0b:e5:bd:5b:10:e3:f8:08:a8:58:d1:75:83:d4:
53:eb:ea:e7:ff:6a:c7:30:ab:9a:c7:90:81:ea:e0:
4b:f5:67:b8:eb:d0:c9:ef:36:f0:84:a8:87:02:3f:
9a:d6:53:08:57:dd:d0:f2:cc:56:16:db:52:4f:bd:
3f:35:fa:e6:79:b5:3a:90:3e:11:8f:70:5c:0b:b9:
78:a9:8e:34:2f:30:59:e5:29:a0:10:bf:35:14:05:
76:29:b8:d5:31:8e:7b:45:78:15:4e:5c:bc:6d:0e:
73:47:0c:29:ff:54:88:b9:a1:df:3e:f7:8d:b2:3b:
10:e9:8d:3c:07:79:61:f0:9d:ff:2a:d1:90:10:46:
70:20:0b:f6:0d:6b:c5:f9:0c:fd:6d:eb:0e:e0:ea:
60:76:6c:9e:fd:47:8d:13:cb:8d:46:df:32:c0:2e:
0c:19:99:1d:8f:3f:ce:3c:2d:b6:6c:90:39:dd:b6:
da:f9:94:33:03:34:43:1c:39:42:29:8e:a8:59:ff:
19:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:92:3F:EC:C8:C6:EE:1A:F0:95:66:C8:62:A4:CF:61:B5:B3:BD:86
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/tJI_7MjG7hrwlWbIYqTPYbWzvYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:7700::/40
Signature Algorithm: sha256WithRSAEncryption
80:8c:f4:b8:1d:9c:fb:8b:4b:05:d3:b1:3b:a5:ba:ed:66:af:
eb:81:b5:3e:6b:d4:df:ce:5e:78:09:a7:b2:34:8b:66:4d:88:
9f:5c:5d:ea:21:bb:84:c4:dd:ef:40:79:f8:5b:f5:6f:0a:50:
66:3f:8c:eb:57:90:97:f2:70:a9:fc:98:c7:b9:22:d7:bd:cb:
67:b8:5e:06:20:de:81:71:cf:b9:1f:23:b5:3f:e6:2e:84:52:
ec:7c:31:e5:87:37:fa:0b:d6:ff:76:03:be:cd:fd:17:ea:65:
e6:0a:e2:5e:3c:26:be:cf:f4:3f:fc:42:3e:85:68:71:b3:f2:
6f:50:b2:dc:4f:ab:3e:db:ce:a5:f1:bd:0c:4d:96:ef:1f:c3:
6e:a6:01:f8:6e:41:4e:9c:12:e6:08:24:a0:dd:76:a0:4c:cc:
54:4f:59:29:b2:94:c4:b7:17:c9:38:77:e2:91:cb:7b:c4:72:
2e:d8:ba:6d:04:39:26:b5:5e:26:69:1c:84:21:54:35:45:f8:
57:36:fb:1e:09:94:f0:78:5d:1e:9d:7a:bb:2e:ba:60:53:c9:
8c:bd:40:96:8d:e9:90:45:1c:07:67:84:5f:5d:9b:14:8b:46:
15:60:f1:4b:a1:2a:f0:89:60:17:e2:43:42:f2:8d:97:5c:76:
dc:4e:16:38
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwymi2xacAhHQb85xBtsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDkyM2ZlY2M4YzZlZTFhZjA5NTY2Yzg2MmE0Y2Y2MWI1YjNiZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxsrvlUPSbo1JxYRbAuVCZ6ghl3q
/1OyzCXcwCBa72uQueY5tUkiJXMXXQMwC46tsotIr/o79+ETg05hC+W9WxDj+Aio
WNF1g9RT6+rn/2rHMKuax5CB6uBL9We469DJ7zbwhKiHAj+a1lMIV93Q8sxWFttS
T70/NfrmebU6kD4Rj3BcC7l4qY40LzBZ5SmgEL81FAV2KbjVMY57RXgVTly8bQ5z
Rwwp/1SIuaHfPveNsjsQ6Y08B3lh8J3/KtGQEEZwIAv2DWvF+Qz9besO4Opgdmye
/UeNE8uNRt8ywC4MGZkdjz/OPC22bJA53bba+ZQzAzRDHDlCKY6oWf8ZHwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLSSP+zIxu4a8JVmyGKkz2G1s72GMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvdEpJXzdNakc3aHJ3bFdiSVlxVFBZYld6dllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgbogXcw
DQYJKoZIhvcNAQELBQADggEBAICM9LgdnPuLSwXTsTuluu1mr+uBtT5r1N/OXngJ
p7I0i2ZNiJ9cXeohu4TE3e9Aefhb9W8KUGY/jOtXkJfycKn8mMe5Ite9y2e4XgYg
3oFxz7kfI7U/5i6EUux8MeWHN/oL1v92A77N/RfqZeYK4l48Jr7P9D/8Qj6FaHGz
8m9QstxPqz7bzqXxvQxNlu8fw26mAfhuQU6cEuYIJKDddqBMzFRPWSmylMS3F8k4
d+KRy3vEci7Yum0EOSa1XiZpHIQhVDVF+Fc2+x4JlPB4XR6dersuumBTyYy9QJaN
6ZBFHAdnhF9dmxSLRhVg8UuhKvCJYBfiQ0LyjZdcdtxOFjg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:04 2024 by rpki-client on console-ams.rpki-client.org