Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sjT3ocGUZFyqGGL0jTyW4To2dqk.roa
File: sjT3ocGUZFyqGGL0jTyW4To2dqk.roa (raw, json)
Hash identifier: oVpDqpPlTr5f5N5yTUu3qIDjIF47mNa4WxGdyKfitrY=
Subject key identifier: B2:34:F7:A1:C1:94:64:5C:AA:18:62:F4:8D:3C:96:E1:3A:36:76:A9
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7238640F571E26C90FB9AD56C27F
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sjT3ocGUZFyqGGL0jTyW4To2dqk.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139589
IP address blocks: 2a0f:5707:ac02::/48 maxlen: 48
2a0f:5707:ac01::/48 maxlen: 48
2a0f:5707:ac00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:72:38:64:0f:57:1e:26:c9:0f:b9:ad:56:c2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b234f7a1c194645caa1862f48d3c96e13a3676a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:9e:a5:69:eb:20:ff:66:c3:20:b8:bb:fb:
dd:f2:63:be:f5:26:c1:22:52:66:b2:6f:e3:a9:2b:
b9:39:f6:ac:1c:74:ce:e5:30:0b:24:83:6e:5b:7c:
47:68:2d:c1:1d:6a:af:07:f7:77:1f:4a:90:6a:a8:
89:47:42:72:cc:a6:ec:08:fd:bd:6c:6b:74:1f:22:
f0:e3:0f:1d:79:e6:1d:87:ae:4b:4a:59:64:60:3f:
79:3e:a0:39:e4:6c:4c:ed:c1:05:70:94:93:58:af:
d8:9f:90:ed:fa:50:93:df:b6:77:0a:62:c2:d6:d0:
2d:cc:78:6f:63:73:43:4f:42:2c:ad:35:30:b0:9c:
74:87:06:e8:ec:db:14:ab:20:3a:43:d4:71:86:a6:
b9:48:0f:62:78:ef:78:b5:d4:09:e2:d8:1a:ba:39:
26:2e:08:1f:cd:1e:8b:d1:a7:75:6a:0c:36:3e:fe:
60:68:c2:aa:58:f5:7b:bb:2c:09:a5:1e:68:a3:57:
5f:41:58:5f:e2:7c:f7:58:e0:0c:91:98:c0:7a:8c:
b8:8a:44:d3:55:49:09:0e:ba:46:d9:52:4c:82:31:
5f:64:38:e0:a8:f9:4e:bc:19:8d:98:cb:f2:0f:9e:
d6:d5:0f:ac:fc:c8:38:d2:ba:77:ce:66:bc:3b:9f:
4a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:34:F7:A1:C1:94:64:5C:AA:18:62:F4:8D:3C:96:E1:3A:36:76:A9
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sjT3ocGUZFyqGGL0jTyW4To2dqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ac00::-2a0f:5707:ac02:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:10:a1:29:d7:3f:8b:71:24:8c:29:1d:8f:72:fe:19:87:cf:
aa:f4:38:9e:2a:fc:4b:de:e3:be:9e:a5:9c:15:73:ba:75:a5:
a2:ff:bd:97:30:26:43:d7:04:6f:a5:f3:8a:9d:9d:08:64:90:
7b:6d:10:a3:73:c7:1f:20:98:e3:7a:29:d3:ee:25:71:c7:e0:
f3:fc:d6:3d:a2:a8:73:f6:77:1e:b8:e3:7e:e5:8d:a5:67:85:
4b:b8:ca:bf:e2:fb:eb:23:cd:12:74:0f:d9:55:be:13:7f:fa:
80:e3:29:b7:69:cc:e2:b4:63:9e:d2:4c:47:e9:ea:c0:58:3f:
dd:be:a8:a0:3b:f3:08:7e:87:23:69:7d:aa:42:1e:0c:e8:4d:
52:14:f4:b7:63:52:5f:93:03:be:df:f0:fa:e5:1f:b9:2a:5c:
6b:3b:fd:54:e5:5a:ed:97:0f:28:28:49:b7:e7:26:6c:0d:b5:
3f:86:04:22:74:43:d8:87:9a:ba:73:da:55:17:bd:24:ee:52:
f0:18:13:99:83:08:2c:ab:1f:07:3a:5f:8e:da:2f:22:e6:cc:
c5:59:f2:86:b9:f4:55:fe:6e:6a:93:f4:8b:0d:ad:28:05:c4:
09:45:22:f9:8e:5d:93:8b:d2:d0:50:94:44:cc:06:7e:ba:f6:
b6:a9:67:39
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVyunI4ZA9XHibJD7mtVsJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM0ZjdhMWMxOTQ2NDVjYWExODYyZjQ4ZDNjOTZlMTNhMzY3NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2qepWnrIP9mwyC4u/vd8mO+9SbB
IlJmsm/jqSu5OfasHHTO5TALJINuW3xHaC3BHWqvB/d3H0qQaqiJR0JyzKbsCP29
bGt0HyLw4w8deeYdh65LSllkYD95PqA55GxM7cEFcJSTWK/Yn5Dt+lCT37Z3CmLC
1tAtzHhvY3NDT0IsrTUwsJx0hwbo7NsUqyA6Q9Rxhqa5SA9ieO94tdQJ4tgaujkm
LggfzR6L0ad1agw2Pv5gaMKqWPV7uywJpR5oo1dfQVhf4nz3WOAMkZjAeoy4ikTT
VUkJDrpG2VJMgjFfZDjgqPlOvBmNmMvyD57W1Q+s/Mg40rp3zma8O59KwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLI096HBlGRcqhhi9I08luE6NnapMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvc2pUM29jR1VaRnlxR0dMMGpUeVc0VG8yZHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgIqD1cH
rAMHACoPVwesAjANBgkqhkiG9w0BAQsFAAOCAQEAJxChKdc/i3EkjCkdj3L+GYfP
qvQ4nir8S97jvp6lnBVzunWlov+9lzAmQ9cEb6Xzip2dCGSQe20Qo3PHHyCY43op
0+4lccfg8/zWPaKoc/Z3HrjjfuWNpWeFS7jKv+L76yPNEnQP2VW+E3/6gOMpt2nM
4rRjntJMR+nqwFg/3b6ooDvzCH6HI2l9qkIeDOhNUhT0t2NSX5MDvt/w+uUfuSpc
azv9VOVa7ZcPKChJt+cmbA21P4YEInRD2IeaunPaVRe9JO5S8BgTmYMILKsfBzpf
jtovIubMxVnyhrn0Vf5uapP0iw2tKAXECUUi+Y5dk4vS0FCURMwGfrr2tqlnOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org