Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/d3NqqINEOErwB-9Op0VfTZBEPAM.roa
File: d3NqqINEOErwB-9Op0VfTZBEPAM.roa (raw, json)
Hash identifier: 97xB3npTi6qR7d20tN+IdIwdiRHrn5f8uUg4/ldLpBs=
Subject key identifier: 77:73:6A:A8:83:44:38:4A:F0:07:EF:4E:A7:45:5F:4D:90:44:3C:03
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA88CAA2B591F8C15414AE6DBFB4D9
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/d3NqqINEOErwB-9Op0VfTZBEPAM.roa
Signing time: Mon 02 Jan 2023 13:45:05 +0000
ROA not before: Mon 02 Jan 2023 13:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212997
IP address blocks: 2a0f:5707:aab1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:88:ca:a2:b5:91:f8:c1:54:14:ae:6d:bf:b4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77736aa88344384af007ef4ea7455f4d90443c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:49:09:5d:92:b2:9f:d2:0a:2c:d4:4e:6f:b0:
bf:de:7b:04:bc:24:73:77:90:48:09:77:7d:96:4d:
73:62:3e:e5:41:92:73:de:0c:2e:b4:e5:c2:15:87:
9e:c9:8e:9f:9e:23:50:c6:bb:1b:fb:af:f2:a6:a5:
8b:85:f3:e9:34:98:02:29:5a:6d:2d:d5:db:76:02:
0b:5e:b2:e5:6c:6c:1f:9f:17:d4:3a:0c:fd:1c:e8:
bd:15:17:bc:fb:5e:6c:0f:79:44:28:54:a7:42:e6:
84:4e:5f:58:00:d8:82:75:a3:ed:9b:78:41:c8:0b:
89:34:77:28:43:b7:a6:81:3f:8d:d8:78:d6:1c:0d:
45:bb:21:a4:6c:b7:9e:84:a9:65:18:37:74:5f:5a:
b5:8d:d1:06:f9:3e:83:dc:bb:2f:df:a3:bf:ce:b5:
df:97:52:d8:86:70:59:ab:c9:61:ea:43:79:48:de:
b0:33:4c:91:8b:2d:2d:80:b7:89:88:6d:8f:0d:fc:
9d:90:74:47:5b:c2:25:f7:80:a3:81:02:2d:cb:e8:
33:d4:e8:d1:74:e0:c2:c2:a0:0d:5c:34:28:ac:83:
8d:73:1c:06:2e:10:31:2f:04:d4:d7:f0:5c:8d:46:
d7:2a:c9:b9:65:52:f5:db:74:41:c4:72:33:c5:63:
77:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:73:6A:A8:83:44:38:4A:F0:07:EF:4E:A7:45:5F:4D:90:44:3C:03
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/d3NqqINEOErwB-9Op0VfTZBEPAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aab1::/48
Signature Algorithm: sha256WithRSAEncryption
aa:3b:23:e2:9f:ed:10:6c:77:c9:7e:39:bb:ff:97:09:84:49:
92:3a:5f:51:f4:88:02:f0:50:98:4b:db:a3:67:04:8c:c2:f6:
03:62:50:15:51:91:93:0c:89:d9:45:81:3d:0d:b8:14:5f:1e:
36:f7:e5:ed:7d:ff:41:9a:fc:7f:64:6b:eb:c6:19:34:e5:dd:
c5:1e:10:2f:d5:9f:43:f0:34:d9:25:52:eb:8e:39:7d:05:aa:
84:57:6c:ab:dc:c8:bc:8a:45:51:fd:59:fb:52:d7:3f:5b:ac:
b4:61:bd:1c:8d:7f:bc:bb:6e:1e:db:7a:92:84:02:72:d1:80:
6f:ca:99:82:86:38:7d:fb:00:09:e2:09:40:f3:d8:84:1a:64:
6f:2e:01:76:91:dd:a1:ba:b2:b3:9d:b2:bd:41:2b:32:26:63:
45:bc:c9:e5:5b:c5:e7:d4:1b:94:1d:4d:24:21:e9:b9:ac:32:
9f:96:42:75:bb:4a:7b:35:5d:f0:9c:20:fc:07:4b:1e:88:e7:
f0:b4:3e:ac:d0:f9:61:b6:23:eb:b8:96:67:9f:30:c2:85:67:
e1:c2:6d:f1:30:b0:1d:0a:89:1f:47:a4:79:92:12:40:e8:31:
94:26:15:ce:d9:d2:f5:d0:83:4b:37:af:21:47:9b:f1:80:66:
97:28:37:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyuojKorWR+MFUFK5tv7TZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzczNmFhODgzNDQzODRhZjAwN2VmNGVhNzQ1NWY0ZDkwNDQzYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0kJXZKyn9IKLNROb7C/3nsEvCRz
d5BICXd9lk1zYj7lQZJz3gwutOXCFYeeyY6fniNQxrsb+6/ypqWLhfPpNJgCKVpt
LdXbdgILXrLlbGwfnxfUOgz9HOi9FRe8+15sD3lEKFSnQuaETl9YANiCdaPtm3hB
yAuJNHcoQ7emgT+N2HjWHA1FuyGkbLeehKllGDd0X1q1jdEG+T6D3Lsv36O/zrXf
l1LYhnBZq8lh6kN5SN6wM0yRiy0tgLeJiG2PDfydkHRHW8Il94CjgQIty+gz1OjR
dODCwqANXDQorIONcxwGLhAxLwTU1/BcjUbXKsm5ZVL123RBxHIzxWN3ywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHdzaqiDRDhK8AfvTqdFX02QRDwDMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvZDNOcXFJTkVPRXJ3Qi05T3AwVmZUWkJFUEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9XB6qx
MA0GCSqGSIb3DQEBCwUAA4IBAQCqOyPin+0QbHfJfjm7/5cJhEmSOl9R9IgC8FCY
S9ujZwSMwvYDYlAVUZGTDInZRYE9DbgUXx429+Xtff9Bmvx/ZGvrxhk05d3FHhAv
1Z9D8DTZJVLrjjl9BaqEV2yr3Mi8ikVR/Vn7Utc/W6y0Yb0cjX+8u24e23qShAJy
0YBvypmChjh9+wAJ4glA89iEGmRvLgF2kd2hurKznbK9QSsyJmNFvMnlW8Xn1BuU
HU0kIem5rDKflkJ1u0p7NV3wnCD8B0seiOfwtD6s0PlhtiPruJZnnzDChWfhwm3x
MLAdCokfR6R5khJA6DGUJhXO2dL10INLN68hR5vxgGaXKDfv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org