Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/RNcKM1weYOo1FRD_QlyUqi54Dq4.roa
File: RNcKM1weYOo1FRD_QlyUqi54Dq4.roa (raw, json)
Hash identifier: jkJGLIUWDYAbCT1M1hCylZH/76MOyDRCLk2RpNlwr/4=
Subject key identifier: 44:D7:0A:33:5C:1E:60:EA:35:15:10:FF:42:5C:94:AA:2E:78:0E:AE
Certificate issuer: /CN=72b25d859ff06be1ebc97add5dec05d36fcdca2d
Certificate serial: 01856B934933F086EE5A1CC4F7CA91124FC3
Authority key identifier: 72:B2:5D:85:9F:F0:6B:E1:EB:C9:7A:DD:5D:EC:05:D3:6F:CD:CA:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crJdhZ_wa-HryXrdXewF02_Nyi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/RNcKM1weYOo1FRD_QlyUqi54Dq4.roa
Signing time: Sun 01 Jan 2023 04:24:52 +0000
ROA not before: Sun 01 Jan 2023 04:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35675
IP address blocks: 2001:678:980::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:49:33:f0:86:ee:5a:1c:c4:f7:ca:91:12:4f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b25d859ff06be1ebc97add5dec05d36fcdca2d
Validity
Not Before: Jan 1 04:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44d70a335c1e60ea351510ff425c94aa2e780eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:34:9a:7d:e5:ee:b6:50:b6:c4:5d:6f:2d:26:
37:ae:c2:f3:ba:e7:50:f3:65:6e:bd:0a:55:bc:62:
71:66:bc:4c:e4:25:6c:0a:2b:78:92:8f:6d:24:d6:
0c:b5:e5:a5:b5:b1:b5:af:bc:a8:bb:dd:bf:8a:71:
fd:5e:26:75:d3:28:de:cc:ac:fb:90:82:54:da:5d:
0d:5c:44:f1:41:3f:05:be:67:ab:30:f5:18:ca:2f:
85:a5:c1:09:a0:e9:91:15:9c:4b:e9:35:63:5c:44:
4a:1e:cf:39:39:89:c1:9b:ba:0b:1f:27:1b:6b:87:
13:0e:90:d2:71:66:11:fc:86:67:12:fb:4a:de:40:
a0:f7:75:10:12:77:f3:a8:61:df:6b:cc:47:bb:ea:
fe:18:35:ac:e3:5c:82:dd:a8:a6:e1:a6:60:48:e1:
a7:c2:1b:c8:04:05:52:7c:cd:96:39:83:c6:96:f2:
24:bd:f7:11:fa:7e:b3:0f:46:93:f5:a8:a3:f2:5c:
5a:3e:08:57:ab:7b:19:7d:ac:1d:94:2f:08:71:50:
6a:14:b7:ca:68:c0:69:69:19:70:01:c7:41:a7:04:
e5:83:41:98:54:83:20:c7:1e:63:bb:71:38:f5:ec:
62:76:4b:56:72:be:9e:4f:a4:3b:d1:af:e7:31:e7:
31:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D7:0A:33:5C:1E:60:EA:35:15:10:FF:42:5C:94:AA:2E:78:0E:AE
X509v3 Authority Key Identifier:
keyid:72:B2:5D:85:9F:F0:6B:E1:EB:C9:7A:DD:5D:EC:05:D3:6F:CD:CA:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crJdhZ_wa-HryXrdXewF02_Nyi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/RNcKM1weYOo1FRD_QlyUqi54Dq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/2f833f-a7e8-4f9d-a383-123fa2ab9408/1/crJdhZ_wa-HryXrdXewF02_Nyi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:980::/48
Signature Algorithm: sha256WithRSAEncryption
6d:c3:a5:7e:ac:b5:df:6c:db:e2:b3:3b:84:74:dc:0f:88:57:
2f:3a:cc:00:01:ae:6d:73:d6:15:3e:4f:3a:68:fc:90:5f:96:
b3:5e:c4:32:96:1d:f9:e2:fe:8d:08:53:c4:ed:34:a0:71:67:
01:90:b2:f5:57:dc:22:63:2e:7f:ce:c5:89:db:1a:62:1f:00:
c0:77:a3:70:99:6d:aa:ef:a4:ea:5f:54:40:f9:9f:9e:01:62:
1f:2a:12:5c:10:38:d5:02:9a:bc:a9:5e:e7:e7:e0:a3:23:6a:
4d:2e:36:71:50:18:c3:9b:df:c7:56:4f:56:dd:25:e3:4a:a5:
16:ca:7c:1b:b1:a4:17:6f:6a:b3:eb:de:a0:98:05:7f:a9:a1:
59:66:39:05:e5:78:af:e4:cf:90:35:22:fc:53:e0:99:91:88:
0a:1d:cd:da:b2:c3:61:d3:58:3f:dc:da:3b:53:aa:7c:b7:db:
8d:ef:6e:fc:04:e8:a4:69:42:ec:d3:15:54:0e:6d:ac:e2:60:
11:76:0a:64:c4:4e:58:37:21:61:24:8d:85:29:c8:6b:15:41:
8b:10:90:af:0c:9f:d3:44:8e:8d:42:bc:4a:e9:05:e8:a5:1d:
17:15:46:cd:8f:11:c1:6e:6b:f7:c4:be:08:94:ca:d4:27:8c:
b1:67:74:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrk0kz8IbuWhzE98qREk/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjI1ZDg1OWZmMDZiZTFlYmM5N2FkZDVkZWMwNWQzNmZj
ZGNhMmQwHhcNMjMwMTAxMDQyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ3MGEzMzVjMWU2MGVhMzUxNTEwZmY0MjVjOTRhYTJlNzgwZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTSafeXutlC2xF1vLSY3rsLzuudQ
82VuvQpVvGJxZrxM5CVsCit4ko9tJNYMteWltbG1r7you92/inH9XiZ10yjezKz7
kIJU2l0NXETxQT8FvmerMPUYyi+FpcEJoOmRFZxL6TVjXERKHs85OYnBm7oLHycb
a4cTDpDScWYR/IZnEvtK3kCg93UQEnfzqGHfa8xHu+r+GDWs41yC3aim4aZgSOGn
whvIBAVSfM2WOYPGlvIkvfcR+n6zD0aT9aij8lxaPghXq3sZfawdlC8IcVBqFLfK
aMBpaRlwAcdBpwTlg0GYVIMgxx5ju3E49exidktWcr6eT6Q70a/nMecxUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFETXCjNcHmDqNRUQ/0JclKoueA6uMB8GA1UdIwQY
MBaAFHKyXYWf8Gvh68l63V3sBdNvzcotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JKZGhaX3dhLUhyeVhyZFhld0YwMl9OeWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8yZjgzM2YtYTdlOC00ZjlkLWEzODMt
MTIzZmEyYWI5NDA4LzEvUk5jS00xd2VZT28xRlJEX1FseVVxaTU0RHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8yZjgzM2YtYTdlOC00ZjlkLWEzODMtMTIzZmEyYWI5NDA4
LzEvY3JKZGhaX3dhLUhyeVhyZFhld0YwMl9OeWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAmA
MA0GCSqGSIb3DQEBCwUAA4IBAQBtw6V+rLXfbNviszuEdNwPiFcvOswAAa5tc9YV
Pk86aPyQX5azXsQylh354v6NCFPE7TSgcWcBkLL1V9wiYy5/zsWJ2xpiHwDAd6Nw
mW2q76TqX1RA+Z+eAWIfKhJcEDjVApq8qV7n5+CjI2pNLjZxUBjDm9/HVk9W3SXj
SqUWynwbsaQXb2qz696gmAV/qaFZZjkF5Xiv5M+QNSL8U+CZkYgKHc3assNh01g/
3No7U6p8t9uN7278BOikaULs0xVUDm2s4mARdgpkxE5YNyFhJI2FKchrFUGLEJCv
DJ/TRI6NQrxK6QXopR0XFUbNjxHBbmv3xL4IlMrUJ4yxZ3Q/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:45 2024 by rpki-client on console-ams.rpki-client.org