Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/l1yafoilTsDImvT4DHJUiokeKLY.roa
File: l1yafoilTsDImvT4DHJUiokeKLY.roa (raw, json)
Hash identifier: QcDIJSABhLpGLde7+iD8mshZtVz8wn++s9O7kk3Ln5Y=
Subject key identifier: 97:5C:9A:7E:88:A5:4E:C0:C8:9A:F4:F8:0C:72:54:8A:89:1E:28:B6
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 018AFA2893F32940C4171D8963DB3E0F3B42
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/l1yafoilTsDImvT4DHJUiokeKLY.roa
Signing time: Wed 04 Oct 2023 10:07:57 +0000
ROA not before: Wed 04 Oct 2023 10:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216435
IP address blocks: 2a10:500::/32 maxlen: 48
2a10:500:fe00::/40 maxlen: 48
2a10:500:9400::/40 maxlen: 48
2a10:500:1300::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Oct 2023 11:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:28:93:f3:29:40:c4:17:1d:89:63:db:3e:0f:3b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Oct 4 10:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=975c9a7e88a54ec0c89af4f80c72548a891e28b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9b:dc:ee:f0:eb:80:30:86:a3:19:74:14:db:
b1:2d:14:ac:6a:a9:93:13:a2:ab:c2:a5:4c:c8:b2:
21:88:6f:80:cc:65:fe:b8:e4:b1:09:35:d2:48:bc:
7b:34:4e:85:05:5b:c6:26:1a:7f:a1:37:0b:26:01:
c9:0e:60:f9:54:13:9e:18:26:55:f4:d3:9e:6b:55:
5e:06:0d:ff:da:65:08:52:56:9d:58:6a:de:2a:c4:
2a:8d:33:95:fb:e5:8a:8e:41:a2:04:9d:d1:86:51:
0c:a2:7e:be:03:b5:66:29:1f:dd:0e:ff:5f:72:87:
50:8e:7e:8f:9f:24:72:a4:b4:43:f4:f6:76:e6:f8:
fe:e6:8a:2d:45:cf:ce:0b:11:3a:ff:4f:36:87:c8:
38:17:0b:38:75:05:95:3c:13:77:6b:ce:0d:5d:2b:
f2:98:df:c6:7c:07:38:c2:23:6a:5b:b8:94:0d:0c:
5a:bb:58:e3:63:e3:45:98:b5:ae:b0:19:33:a4:1f:
28:a7:d8:93:5f:34:80:98:4e:f6:15:80:3b:12:3f:
84:f8:2b:06:95:00:b8:9e:4c:ec:b0:ee:d1:83:a3:
a3:39:16:d2:e9:12:1d:34:84:e5:c6:76:54:6b:3d:
b8:60:6e:f6:bd:59:2f:c7:5e:5a:12:4c:f6:f3:7d:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5C:9A:7E:88:A5:4E:C0:C8:9A:F4:F8:0C:72:54:8A:89:1E:28:B6
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/l1yafoilTsDImvT4DHJUiokeKLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::/32
Signature Algorithm: sha256WithRSAEncryption
8c:4b:bd:c6:95:9d:df:89:90:6a:53:cd:77:20:fa:3f:49:7a:
58:9d:f8:a8:ec:fb:18:1f:40:82:60:d7:68:07:38:f1:a6:6f:
03:d6:2d:cc:d1:1b:ae:a0:00:12:09:db:03:85:eb:28:69:12:
e4:15:28:4f:2b:34:4a:c5:dd:8d:9e:ea:a7:7d:95:d1:48:b0:
d2:59:99:12:3c:41:28:41:43:e9:28:1f:17:15:1b:69:40:3c:
33:0e:c4:d7:61:eb:46:36:93:f9:b5:34:26:c1:e9:bc:ba:ff:
c3:70:ec:6a:0e:b2:0a:a0:c5:94:05:42:21:7c:54:26:9f:8a:
6c:0a:9e:73:f6:ba:74:1c:3b:85:69:3a:f8:4d:5f:f7:94:d2:
30:a0:99:74:1d:b1:78:db:40:61:9a:e5:9c:ae:94:18:1c:06:
07:18:5e:a2:42:71:c6:c6:69:4f:f0:2c:09:fc:84:2b:67:74:
cf:b4:0f:21:2c:77:82:47:5f:f7:ab:20:a3:80:81:53:a2:36:
46:77:31:5e:53:98:9a:c6:69:36:fe:b3:16:e7:f1:59:83:5b:
c3:3c:02:47:2e:07:37:01:9b:1c:36:1e:2b:b6:ee:9d:2c:b3:
e8:ab:ee:bc:4c:a5:1a:4c:e7:37:29:23:f4:59:47:d9:b0:1a:
a3:44:d1:fc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYr6KJPzKUDEFx2JY9s+DztCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMxMDA0MTAwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzVjOWE3ZTg4YTU0ZWMwYzg5YWY0ZjgwYzcyNTQ4YTg5MWUyOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJvc7vDrgDCGoxl0FNuxLRSsaqmT
E6KrwqVMyLIhiG+AzGX+uOSxCTXSSLx7NE6FBVvGJhp/oTcLJgHJDmD5VBOeGCZV
9NOea1VeBg3/2mUIUladWGreKsQqjTOV++WKjkGiBJ3RhlEMon6+A7VmKR/dDv9f
codQjn6PnyRypLRD9PZ25vj+5ootRc/OCxE6/082h8g4Fws4dQWVPBN3a84NXSvy
mN/GfAc4wiNqW7iUDQxau1jjY+NFmLWusBkzpB8op9iTXzSAmE72FYA7Ej+E+CsG
lQC4nkzssO7Rg6OjORbS6RIdNITlxnZUaz24YG72vVkvx15aEkz2830/IQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJdcmn6IpU7AyJr0+AxyVIqJHii2MB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvbDF5YWZvaWxUc0RJbXZUNERISlVpb2tlS0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFADAN
BgkqhkiG9w0BAQsFAAOCAQEAjEu9xpWd34mQalPNdyD6P0l6WJ34qOz7GB9AgmDX
aAc48aZvA9YtzNEbrqAAEgnbA4XrKGkS5BUoTys0SsXdjZ7qp32V0Uiw0lmZEjxB
KEFD6SgfFxUbaUA8Mw7E12HrRjaT+bU0JsHpvLr/w3Dsag6yCqDFlAVCIXxUJp+K
bAqec/a6dBw7hWk6+E1f95TSMKCZdB2xeNtAYZrlnK6UGBwGBxheokJxxsZpT/As
CfyEK2d0z7QPISx3gkdf96sgo4CBU6I2RncxXlOYmsZpNv6zFufxWYNbwzwCRy4H
NwGbHDYeK7bunSyz6KvuvEylGkznNykj9FlH2bAao0TR/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:37 2024 by rpki-client on console-ams.rpki-client.org