Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/3sMcm9tGHS-m0gy5WiTlsOA4n9g.roa
File: 3sMcm9tGHS-m0gy5WiTlsOA4n9g.roa (raw, json)
Hash identifier: GuUHOEkrgMrMF+EeFXocuuk+IBjXvzkaYmTPM/ZiSVk=
Subject key identifier: DE:C3:1C:9B:DB:46:1D:2F:A6:D2:0C:B9:5A:24:E5:B0:E0:38:9F:D8
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7A6E8F156B8AA7FBE114AA4BC482
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/3sMcm9tGHS-m0gy5WiTlsOA4n9g.roa
Signing time: Mon 02 Jan 2023 13:45:01 +0000
ROA not before: Mon 02 Jan 2023 13:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207468
IP address blocks: 2a0f:5707:ffa4::/46 maxlen: 48
2a0f:5707:fff2::/48 maxlen: 48
2a0f:5707:ffa0::/46 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7a:6e:8f:15:6b:8a:a7:fb:e1:14:aa:4b:c4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dec31c9bdb461d2fa6d20cb95a24e5b0e0389fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:33:ac:d6:10:1f:dc:63:05:96:15:0f:59:
16:81:53:65:f7:64:7d:57:27:a0:7f:15:c6:f5:54:
87:68:0d:cd:3c:68:65:83:fc:e4:34:07:d8:b5:e0:
30:34:47:ee:ea:af:fd:e8:0f:ce:88:c8:72:2f:05:
ab:1e:15:b6:1e:77:3e:05:e8:76:10:f4:c3:9b:c1:
b3:ce:74:45:d7:66:a5:dc:f8:f9:24:6b:00:88:62:
8c:b5:24:20:17:b0:8c:29:fe:fe:41:b9:26:1c:bc:
25:a6:80:43:e3:65:a0:12:7b:d7:bb:5b:e8:d7:8c:
ab:b9:b8:d3:d0:61:a9:24:61:fa:1c:19:bc:33:9e:
57:51:cc:a5:48:88:ad:72:81:4b:aa:35:e8:79:e0:
4d:ef:05:04:75:ca:27:c0:ab:bc:2d:6e:df:91:e5:
7b:9d:ae:c0:36:9a:1a:7e:f5:0f:25:65:55:cb:71:
f4:43:14:73:4a:19:ae:cc:61:c7:57:4e:71:7f:1c:
da:d3:74:c2:cf:75:45:32:8c:2a:95:ff:b3:85:e1:
3c:c6:1b:c7:d1:79:23:da:7c:89:b6:74:8d:12:a6:
70:8d:e8:50:b9:cc:3c:9e:29:96:14:2c:ec:13:2d:
ed:6c:9f:62:9d:78:ab:cc:22:ad:2d:4b:7e:98:a6:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C3:1C:9B:DB:46:1D:2F:A6:D2:0C:B9:5A:24:E5:B0:E0:38:9F:D8
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/3sMcm9tGHS-m0gy5WiTlsOA4n9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ffa0::/45
2a0f:5707:fff2::/48
Signature Algorithm: sha256WithRSAEncryption
0d:bf:ea:82:ed:ec:4e:c7:ca:50:53:51:42:13:f0:2b:cc:c0:
d9:e8:f5:99:38:07:fc:c7:d7:ae:b8:d1:cb:fa:98:db:b4:f6:
e3:14:9e:ca:f7:2f:94:5e:dd:76:dd:c9:31:24:40:44:80:72:
e4:04:26:1d:72:67:c8:7f:e5:cd:00:d4:af:75:2e:d1:bb:75:
f5:9b:76:81:7a:2f:58:c9:0f:8b:25:16:44:78:5d:b3:cc:49:
b3:ee:32:2d:15:81:6e:c1:60:59:ab:09:ba:0b:7f:9d:88:10:
42:1a:42:8f:97:96:fa:49:fa:36:fb:d0:b8:5e:63:ec:f1:8a:
1f:af:53:c7:e7:f4:ef:17:be:13:fe:09:e9:39:08:54:82:80:
c0:10:6e:d2:63:ec:7a:31:73:ff:b4:81:84:c3:ce:7e:5d:29:
37:99:65:9c:3b:0e:7c:4c:1a:b0:9b:58:bc:0b:8e:9a:b5:d9:
1b:54:ff:cc:7b:30:c0:e2:78:53:b9:68:04:fc:96:2c:76:68:
4a:95:cb:51:ed:34:91:1d:b3:51:58:82:4c:16:02:78:f9:a5:
fc:df:ee:9c:65:bf:a8:16:53:58:cc:0e:ce:7f:5d:3e:80:29:
ff:ca:c2:d7:86:03:74:a7:8e:43:7a:b4:32:73:97:31:13:a0:
f0:d9:37:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyunpujxVriqf74RSqS8SCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWMzMWM5YmRiNDYxZDJmYTZkMjBjYjk1YTI0ZTViMGUwMzg5ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN8zrNYQH9xjBZYVD1kWgVNl92R9
VyegfxXG9VSHaA3NPGhlg/zkNAfYteAwNEfu6q/96A/OiMhyLwWrHhW2Hnc+Beh2
EPTDm8GzznRF12al3Pj5JGsAiGKMtSQgF7CMKf7+QbkmHLwlpoBD42WgEnvXu1vo
14yrubjT0GGpJGH6HBm8M55XUcylSIitcoFLqjXoeeBN7wUEdconwKu8LW7fkeV7
na7ANpoafvUPJWVVy3H0QxRzShmuzGHHV05xfxza03TCz3VFMowqlf+zheE8xhvH
0Xkj2nyJtnSNEqZwjehQucw8nimWFCzsEy3tbJ9inXirzCKtLUt+mKbqcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN7DHJvbRh0vptIMuVok5bDgOJ/YMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvM3NNY205dEdIUy1tMGd5NVdpVGxzT0E0bjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg9XB/+g
AwcAKg9XB//yMA0GCSqGSIb3DQEBCwUAA4IBAQANv+qC7exOx8pQU1FCE/ArzMDZ
6PWZOAf8x9euuNHL+pjbtPbjFJ7K9y+UXt123ckxJEBEgHLkBCYdcmfIf+XNANSv
dS7Ru3X1m3aBei9YyQ+LJRZEeF2zzEmz7jItFYFuwWBZqwm6C3+diBBCGkKPl5b6
Sfo2+9C4XmPs8Yofr1PH5/TvF74T/gnpOQhUgoDAEG7SY+x6MXP/tIGEw85+XSk3
mWWcOw58TBqwm1i8C46atdkbVP/MezDA4nhTuWgE/JYsdmhKlctR7TSRHbNRWIJM
FgJ4+aX83+6cZb+oFlNYzA7Of10+gCn/ysLXhgN0p45DerQyc5cxE6Dw2Tdd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org