Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1d0jqmZms1jBBguYBiIw8lNfYu0.roa
File: 1d0jqmZms1jBBguYBiIw8lNfYu0.roa (raw, json)
Hash identifier: km2dlGjR2MqwPk9OUX35tgjfE5U851v3pxzAGmg0vL8=
Subject key identifier: D5:DD:23:AA:66:66:B3:58:C1:06:0B:98:06:22:30:F2:53:5F:62:ED
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7620056E4F479D5243F52D8EDEA7
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1d0jqmZms1jBBguYBiIw8lNfYu0.roa
Signing time: Mon 02 Jan 2023 13:45:00 +0000
ROA not before: Mon 02 Jan 2023 13:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205593
IP address blocks: 2a0f:5701:3100::/40 maxlen: 48
2a0f:5701:3500::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:76:20:05:6e:4f:47:9d:52:43:f5:2d:8e:de:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5dd23aa6666b358c1060b98062230f2535f62ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:f1:c9:0c:ee:d9:3b:77:56:08:b1:15:7d:
29:b8:b0:cb:52:68:c1:42:9f:ba:ae:14:61:d9:5e:
33:08:b4:fc:87:ee:ea:e5:ec:97:db:f0:3e:34:b8:
ed:28:43:fd:51:d1:46:44:a3:a3:82:11:1e:17:db:
27:06:bc:b1:09:0a:8b:c8:62:c7:96:df:74:ec:c8:
da:65:5b:74:d2:53:aa:c5:7f:7f:53:2c:7f:9d:f0:
6e:af:e5:a2:04:b2:0c:85:5f:26:47:77:b3:9c:77:
fb:98:f6:55:e9:52:0f:f6:d2:b4:a2:32:f8:ba:3c:
7e:07:f8:b6:c8:33:34:75:81:9e:91:5a:7d:ef:4f:
8c:23:a9:36:67:65:68:9d:e3:d3:68:1b:61:e6:78:
69:5b:14:47:99:f8:73:54:f5:cb:f2:f7:86:45:f7:
f4:8f:a3:ed:9e:61:fd:49:94:63:55:78:1f:f5:7d:
17:9b:6f:f9:8e:6f:76:22:a4:8e:b7:ed:a4:80:32:
f4:21:52:d5:a8:d6:3b:39:df:e0:82:f4:ef:85:5a:
70:63:b6:61:10:f3:a8:b5:72:f5:b0:6d:aa:71:8a:
32:fe:5c:3c:a9:d3:49:af:52:20:f5:dc:9a:45:43:
3b:0e:ea:de:60:f1:32:26:d6:fb:e8:19:f6:cf:ea:
4e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DD:23:AA:66:66:B3:58:C1:06:0B:98:06:22:30:F2:53:5F:62:ED
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/1d0jqmZms1jBBguYBiIw8lNfYu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5701:3100::/40
2a0f:5701:3500::/40
Signature Algorithm: sha256WithRSAEncryption
60:f8:ae:37:7e:38:6a:ad:bf:b0:43:44:6c:b2:02:a1:5c:5d:
ee:56:4d:35:96:75:0d:4a:12:10:92:3c:0c:4c:a0:31:33:a6:
8e:f9:2e:4c:5b:0c:63:1d:dc:6e:ea:d0:2e:22:be:7f:34:77:
98:4e:d0:b5:7f:1a:3d:b2:7e:44:27:1c:1b:b2:38:51:59:d3:
61:d5:c1:6f:b7:ee:1f:aa:a9:78:a4:f3:5f:f6:a1:aa:7f:a0:
19:e2:72:f9:a6:18:82:b3:c1:94:37:a8:ec:f5:64:87:7e:65:
f0:5a:1d:42:f4:35:3a:86:fd:ca:49:c6:f6:08:0c:d2:6f:44:
70:5a:fe:4b:1e:48:d7:73:6b:37:b5:6c:11:7a:00:99:c6:99:
46:e9:ba:03:11:9e:0d:48:d6:be:28:b4:cc:bd:d4:a3:78:8c:
56:3e:93:36:26:0a:9b:f5:8e:22:49:71:79:e4:b1:a8:4f:8e:
82:2f:0f:1f:54:22:3b:81:08:c0:1f:d9:10:9c:82:f8:1d:b2:
5d:e4:a4:8c:55:6d:2c:25:8d:32:c4:30:cc:60:dc:1e:04:f7:
f0:01:ea:61:7c:bf:37:19:be:eb:fe:32:8b:b1:54:a6:fd:16:
2b:04:95:c9:e0:d9:7c:71:28:57:48:37:b1:2e:07:39:e8:8f:
b1:cc:3a:c6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVyunYgBW5PR51SQ/Utjt6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRkMjNhYTY2NjZiMzU4YzEwNjBiOTgwNjIyMzBmMjUzNWY2MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykvxyQzu2Tt3VgixFX0puLDLUmjB
Qp+6rhRh2V4zCLT8h+7q5eyX2/A+NLjtKEP9UdFGRKOjghEeF9snBryxCQqLyGLH
lt907MjaZVt00lOqxX9/Uyx/nfBur+WiBLIMhV8mR3eznHf7mPZV6VIP9tK0ojL4
ujx+B/i2yDM0dYGekVp970+MI6k2Z2VonePTaBth5nhpWxRHmfhzVPXL8veGRff0
j6PtnmH9SZRjVXgf9X0Xm2/5jm92IqSOt+2kgDL0IVLVqNY7Od/ggvTvhVpwY7Zh
EPOotXL1sG2qcYoy/lw8qdNJr1Ig9dyaRUM7DureYPEyJtb76Bn2z+pOZQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNXdI6pmZrNYwQYLmAYiMPJTX2LtMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvMWQwanFtWm1zMWpCQmd1WUJpSXc4bE5mWXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKg9XATED
BgAqD1cBNTANBgkqhkiG9w0BAQsFAAOCAQEAYPiuN344aq2/sENEbLICoVxd7lZN
NZZ1DUoSEJI8DEygMTOmjvkuTFsMYx3cburQLiK+fzR3mE7QtX8aPbJ+RCccG7I4
UVnTYdXBb7fuH6qpeKTzX/ahqn+gGeJy+aYYgrPBlDeo7PVkh35l8FodQvQ1Oob9
yknG9ggM0m9EcFr+Sx5I13NrN7VsEXoAmcaZRum6AxGeDUjWvii0zL3Uo3iMVj6T
NiYKm/WOIklxeeSxqE+Ogi8PH1QiO4EIwB/ZEJyC+B2yXeSkjFVtLCWNMsQwzGDc
HgT38AHqYXy/Nxm+6/4yi7FUpv0WKwSVyeDZfHEoV0g3sS4HOeiPscw6xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org