Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/hT-VkVyGxbHPgs66azK4O0eixOA.roa
File: hT-VkVyGxbHPgs66azK4O0eixOA.roa (raw, json)
Hash identifier: U4izAkjMUGAsLp1gw1SlXgl+RzxrrF+CpYfJoVFxU7g=
Subject key identifier: 85:3F:95:91:5C:86:C5:B1:CF:82:CE:BA:6B:32:B8:3B:47:A2:C4:E0
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CC2DAF87D9D360F0CD20FD355599156E3
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/hT-VkVyGxbHPgs66azK4O0eixOA.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0f:5707:ba0f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jan 2024 22:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f8:7d:9d:36:0f:0c:d2:0f:d3:55:59:91:56:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853f95915c86c5b1cf82ceba6b32b83b47a2c4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6d:2e:39:ee:82:2e:f2:6a:55:d2:82:b4:02:
77:c7:47:15:47:44:9b:d8:1f:b6:13:c3:03:c0:5e:
eb:9d:ec:b2:a3:16:f6:92:79:cc:f5:7d:d7:98:9f:
b2:e5:66:d3:f4:e8:20:f7:7f:1f:b9:4f:5a:b0:d7:
29:63:ea:54:f0:41:30:70:d5:b3:f2:8c:d3:dd:f3:
3c:50:8f:77:8a:75:75:72:da:ad:ba:03:50:54:8d:
6b:ea:de:f5:59:f1:1a:64:eb:6e:da:3a:67:e6:45:
c5:a9:68:cb:a1:f9:c4:e4:a0:9d:60:84:39:94:8a:
69:87:2a:78:35:4e:c1:cc:99:cf:53:9e:05:6c:d6:
c5:c5:9b:89:ae:2b:10:2e:84:86:af:79:a9:0f:07:
14:71:a3:02:c0:d8:fb:31:73:85:ef:c1:9a:50:e2:
8a:9e:59:12:5f:1f:51:22:69:81:c1:6d:c4:42:6c:
9b:42:94:03:66:48:06:ff:1a:34:68:00:9e:58:d7:
56:0c:8c:79:c2:e5:ef:20:08:1f:1d:eb:84:7e:0f:
70:91:88:1c:d5:87:20:91:79:92:a9:5e:18:5e:2c:
ee:64:0a:bd:ae:81:4a:1b:c6:84:af:73:ed:2a:ca:
f4:f5:fd:a4:d7:9d:8e:37:cf:fb:e8:a7:8f:82:0f:
c7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3F:95:91:5C:86:C5:B1:CF:82:CE:BA:6B:32:B8:3B:47:A2:C4:E0
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/hT-VkVyGxbHPgs66azK4O0eixOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ba0f::/48
Signature Algorithm: sha256WithRSAEncryption
4a:25:bf:e5:47:7a:b2:81:0b:82:87:9f:b8:80:6b:c3:60:4f:
b8:c6:6e:6a:b5:8f:84:0e:b2:0c:11:03:fb:b3:0f:77:2f:bf:
5b:94:e8:18:dd:5e:4d:e1:3b:ff:c8:f7:c8:ef:6a:6d:a6:ea:
68:37:ff:4d:97:11:ea:ec:96:c6:38:3f:e1:bd:9e:aa:3e:96:
b4:02:bc:a0:f6:e3:3f:cf:25:76:b0:a4:f5:62:bc:a8:01:35:
c2:47:84:e1:0e:95:9b:01:ba:4e:55:13:e6:a1:0d:2d:3c:e4:
9d:4e:2f:d3:a8:87:b4:90:47:37:7d:2d:1b:10:96:04:63:ee:
61:75:c6:2b:32:2e:c4:22:69:fa:29:48:5d:63:3e:37:01:71:
61:d5:03:13:1c:14:7a:93:33:12:3f:46:7a:df:ce:24:37:d6:
fe:fe:34:02:7f:04:7b:de:ff:74:65:3a:60:dd:1c:60:8e:b3:
c0:a2:8f:b0:25:d9:8b:fd:e2:2c:40:29:8a:7c:be:aa:8a:41:
e2:e3:3c:e8:0f:1b:c6:5f:6d:99:83:be:31:b2:ef:a2:02:d1:
d8:34:23:d4:59:e2:9c:6e:43:af:18:cf:9f:15:4e:11:d5:64:
ac:13:9c:cc:75:f4:42:cb:08:81:84:b1:9b:ef:cb:75:18:76:
20:db:0f:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2vh9nTYPDNIP01VZkVbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNmOTU5MTVjODZjNWIxY2Y4MmNlYmE2YjMyYjgzYjQ3YTJjNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG0uOe6CLvJqVdKCtAJ3x0cVR0Sb
2B+2E8MDwF7rneyyoxb2knnM9X3XmJ+y5WbT9Ogg938fuU9asNcpY+pU8EEwcNWz
8ozT3fM8UI93inV1ctqtugNQVI1r6t71WfEaZOtu2jpn5kXFqWjLofnE5KCdYIQ5
lIpphyp4NU7BzJnPU54FbNbFxZuJrisQLoSGr3mpDwcUcaMCwNj7MXOF78GaUOKK
nlkSXx9RImmBwW3EQmybQpQDZkgG/xo0aACeWNdWDIx5wuXvIAgfHeuEfg9wkYgc
1YcgkXmSqV4YXizuZAq9roFKG8aEr3PtKsr09f2k152ON8/76KePgg/HSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIU/lZFchsWxz4LOumsyuDtHosTgMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvaFQtVmtWeUd4YkhQZ3M2NmF6SzRPMGVpeE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9XB7oP
MA0GCSqGSIb3DQEBCwUAA4IBAQBKJb/lR3qygQuCh5+4gGvDYE+4xm5qtY+EDrIM
EQP7sw93L79blOgY3V5N4Tv/yPfI72ptpupoN/9NlxHq7JbGOD/hvZ6qPpa0Aryg
9uM/zyV2sKT1YryoATXCR4ThDpWbAbpOVRPmoQ0tPOSdTi/TqIe0kEc3fS0bEJYE
Y+5hdcYrMi7EImn6KUhdYz43AXFh1QMTHBR6kzMSP0Z6384kN9b+/jQCfwR73v90
ZTpg3RxgjrPAoo+wJdmL/eIsQCmKfL6qikHi4zzoDxvGX22Zg74xsu+iAtHYNCPU
WeKcbkOvGM+fFU4R1WSsE5zMdfRCywiBhLGb78t1GHYg2w8U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org