Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cjL4iKxZTrDB28XkmeklyB_xXl4.roa
File: cjL4iKxZTrDB28XkmeklyB_xXl4.roa (raw, json)
Hash identifier: V3XYxAriUsCV3NFWUMGyuFIkiPq3pW9OsIrMDPQVc8Y=
Subject key identifier: 72:32:F8:88:AC:59:4E:B0:C1:DB:C5:E4:99:E9:25:C8:1F:F1:5E:5E
Certificate issuer: /CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Certificate serial: 018A92F2259DA9DF781DABA21F3DD01848CB
Authority key identifier: 65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cjL4iKxZTrDB28XkmeklyB_xXl4.roa
Signing time: Thu 14 Sep 2023 09:07:37 +0000
ROA not before: Thu 14 Sep 2023 09:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34784
IP address blocks: 80.81.208.0/20 maxlen: 20
2a02:698::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:f2:25:9d:a9:df:78:1d:ab:a2:1f:3d:d0:18:48:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Validity
Not Before: Sep 14 09:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7232f888ac594eb0c1dbc5e499e925c81ff15e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1a:5c:56:e4:49:86:f1:b2:ea:eb:ed:19:7b:
b0:ef:08:93:1e:1e:92:19:c0:8c:9f:4d:aa:80:85:
5e:79:94:12:9a:e6:44:4a:1b:46:9d:6d:0c:45:b6:
f9:72:38:70:70:35:50:db:0d:f6:09:af:70:b3:ea:
93:ca:3d:05:3e:e8:02:f7:dd:ce:c3:71:3a:1d:b4:
82:3c:29:ae:d0:dd:ed:85:74:12:0a:26:c0:52:70:
ae:c5:b7:c2:1e:79:1e:e8:46:1b:5d:a8:9b:89:ba:
2c:48:a7:f5:a1:2b:b3:25:6a:14:86:8f:cf:e2:25:
33:0f:d4:26:ae:00:d4:11:7e:2b:d6:50:f0:c7:17:
fc:d7:bd:e8:8d:2c:59:dc:df:5f:03:53:64:2d:95:
33:6f:1b:12:a7:c2:0b:c1:97:69:4d:23:08:60:90:
c7:38:a8:7a:fa:ae:c6:46:3f:ad:35:e3:01:e9:c4:
b0:10:2f:b8:08:ef:9f:34:97:8a:9b:9a:05:26:e5:
e5:b3:d6:81:10:1b:fa:e6:e3:84:6c:cc:4a:6b:d1:
50:b0:b8:00:a3:c5:00:03:ca:af:98:b1:56:ed:8f:
de:4c:ce:8c:8c:f8:ba:5b:20:96:95:f6:3c:f3:21:
91:9a:6a:39:f2:fd:b8:4b:ac:e3:25:77:f9:9f:8b:
65:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:32:F8:88:AC:59:4E:B0:C1:DB:C5:E4:99:E9:25:C8:1F:F1:5E:5E
X509v3 Authority Key Identifier:
keyid:65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cjL4iKxZTrDB28XkmeklyB_xXl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/ZfASDuO28PjbUtDbgcAeREfY5Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.208.0/20
IPv6:
2a02:698::/32
Signature Algorithm: sha256WithRSAEncryption
38:f0:d5:b3:d1:d4:31:06:85:e1:24:b8:23:f7:4b:43:2f:c4:
eb:d6:6e:c5:7e:fb:0a:a8:f0:36:1b:85:bb:7b:65:50:41:b4:
ab:6b:92:9c:01:f0:3f:5b:3b:4c:f3:8f:b5:e1:e5:16:cd:f7:
74:a5:40:11:26:63:a2:29:d6:21:ab:56:3a:23:e5:76:5d:58:
1e:21:d7:9a:be:9e:b0:f4:19:fb:c8:0e:10:bb:48:1f:28:a1:
32:0b:45:5f:02:fb:bb:bc:b1:f9:b1:7f:86:2e:4c:58:f3:5a:
8a:0e:94:22:50:ed:09:d4:a9:7f:dd:f2:b9:b0:06:14:3c:19:
18:0a:31:75:f7:82:80:8f:87:09:48:4f:c7:e5:e5:97:54:8d:
40:2f:05:d1:51:e2:f5:97:44:b2:64:e8:41:5d:b0:3e:b4:be:
ee:77:e9:48:ba:36:9f:93:13:04:3e:93:99:0a:60:24:aa:9e:
ad:30:c5:fa:4a:3b:3a:82:c2:2f:37:2e:f6:43:a4:49:fe:45:
3f:42:d0:87:7e:a3:cd:20:02:84:d7:a0:42:15:e9:33:9c:d0:
e4:2b:0c:9d:ef:65:43:55:44:e6:fe:b3:5d:b2:c4:46:26:45:
de:df:fb:32:43:b4:e9:32:1c:51:e6:7b:ab:44:8e:c4:15:73:
81:f0:b3:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqS8iWdqd94HauiHz3QGEjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZjAxMjBlZTNiNmYwZjhkYjUyZDBkYjgxYzAxZTQ0NDdk
OGU0YmEwHhcNMjMwOTE0MDkwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjMyZjg4OGFjNTk0ZWIwYzFkYmM1ZTQ5OWU5MjVjODFmZjE1ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBpcVuRJhvGy6uvtGXuw7wiTHh6S
GcCMn02qgIVeeZQSmuZEShtGnW0MRbb5cjhwcDVQ2w32Ca9ws+qTyj0FPugC993O
w3E6HbSCPCmu0N3thXQSCibAUnCuxbfCHnke6EYbXaibibosSKf1oSuzJWoUho/P
4iUzD9QmrgDUEX4r1lDwxxf8173ojSxZ3N9fA1NkLZUzbxsSp8ILwZdpTSMIYJDH
OKh6+q7GRj+tNeMB6cSwEC+4CO+fNJeKm5oFJuXls9aBEBv65uOEbMxKa9FQsLgA
o8UAA8qvmLFW7Y/eTM6MjPi6WyCWlfY88yGRmmo58v24S6zjJXf5n4tlIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHIy+IisWU6wwdvF5JnpJcgf8V5eMB8GA1UdIwQY
MBaAFGXwEg7jtvD421LQ24HAHkRH2OS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmZBU0R1TzI4UGpiVXREYmdjQWVSRWZZNUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kMTQxOGMtN2NkOC00YWY5LTgxNjYt
NTc3YzAzOTEwNzAxLzEvY2pMNGlLeFpUckRCMjhYa21la2x5Ql94WGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kMTQxOGMtN2NkOC00YWY5LTgxNjYtNTc3YzAzOTEwNzAx
LzEvWmZBU0R1TzI4UGpiVXREYmdjQWVSRWZZNUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUFHQMA0E
AgACMAcDBQAqAgaYMA0GCSqGSIb3DQEBCwUAA4IBAQA48NWz0dQxBoXhJLgj90tD
L8Tr1m7FfvsKqPA2G4W7e2VQQbSra5KcAfA/WztM84+14eUWzfd0pUARJmOiKdYh
q1Y6I+V2XVgeIdeavp6w9Bn7yA4Qu0gfKKEyC0VfAvu7vLH5sX+GLkxY81qKDpQi
UO0J1Kl/3fK5sAYUPBkYCjF194KAj4cJSE/H5eWXVI1ALwXRUeL1l0SyZOhBXbA+
tL7ud+lIujafkxMEPpOZCmAkqp6tMMX6Sjs6gsIvNy72Q6RJ/kU/QtCHfqPNIAKE
16BCFekznNDkKwyd72VDVUTm/rNdssRGJkXe3/syQ7TpMhxR5nurRI7EFXOB8LM0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:14 2024 by rpki-client on console-ams.rpki-client.org