Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/9Pk6b7b8hxLpVROVej_QDcoTw0M.roa
File: 9Pk6b7b8hxLpVROVej_QDcoTw0M.roa (raw, json)
Hash identifier: Qdms4ac7DIOROVy6kGAlTQzzDp4lfotrDb3DR+xUluE=
Subject key identifier: F4:F9:3A:6F:B6:FC:87:12:E9:55:13:95:7A:3F:D0:0D:CA:13:C3:43
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 0187DB8F226420F8192740F660D14344DE92
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/9Pk6b7b8hxLpVROVej_QDcoTw0M.roa
Signing time: Tue 02 May 2023 08:23:23 +0000
ROA not before: Tue 02 May 2023 08:23:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206834
IP address blocks: 2a01:bb20:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:8f:22:64:20:f8:19:27:40:f6:60:d1:43:44:de:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: May 2 08:23:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4f93a6fb6fc8712e95513957a3fd00dca13c343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:21:58:81:f2:cb:c8:88:a5:01:c0:b6:f5:45:
9f:02:8f:7d:c3:be:67:de:f4:7f:79:c8:fa:be:fe:
02:db:5e:7f:79:4f:5c:85:b3:c4:d3:2d:f4:7f:5f:
26:f3:70:cf:1a:d4:70:54:e7:cc:15:ab:07:48:0a:
4c:4e:b0:ef:fd:22:f4:bd:2f:c0:4e:5b:c8:28:32:
26:e3:da:e1:a1:ac:4b:a8:82:ac:34:80:2c:ad:fe:
5e:af:f4:a9:83:7f:98:c4:d4:db:e8:01:6c:fa:2e:
b9:78:e3:87:57:16:23:bb:6e:4b:7b:2a:a2:41:fb:
64:d0:b7:97:ac:75:2f:1a:68:5d:a9:19:a1:cb:a8:
e7:85:42:16:0a:7d:db:0d:d0:01:23:8f:cf:21:53:
24:6c:7f:0d:ba:80:65:9a:83:39:24:b7:51:8a:85:
a7:94:f6:61:dc:34:aa:29:ac:8f:97:f6:c6:a6:a7:
a5:b4:92:e8:9f:a4:42:f1:f2:49:35:03:ba:60:05:
44:fb:53:a7:62:51:76:4c:6d:34:63:28:a9:52:05:
d6:28:76:40:3e:00:0a:3f:10:0d:86:e0:b1:00:18:
bd:34:55:b8:46:f9:65:dc:84:f8:c0:8d:5f:8b:0f:
50:9c:68:f8:3f:30:3a:f4:a8:3d:a3:d9:fb:c9:dd:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F9:3A:6F:B6:FC:87:12:E9:55:13:95:7A:3F:D0:0D:CA:13:C3:43
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/9Pk6b7b8hxLpVROVej_QDcoTw0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb20:2000::/36
Signature Algorithm: sha256WithRSAEncryption
9a:67:77:bc:85:bd:06:47:ff:d4:44:64:4c:a2:93:64:06:4f:
90:d6:1b:e6:61:13:ed:1c:cc:99:a6:cd:bf:dd:05:96:ba:70:
7f:26:b1:05:3e:f4:b1:4a:4a:81:7e:bc:19:07:61:c5:a5:0d:
ea:00:df:68:81:f2:4d:73:0e:fa:60:47:04:c3:19:ca:09:21:
1b:53:ca:e7:e7:ff:e2:2f:f4:fc:28:4b:46:ca:fd:b2:17:03:
ba:69:ff:a3:8b:d6:5b:98:e0:53:41:92:5e:4a:c7:28:61:4e:
98:27:fa:20:df:b4:97:3a:3a:7a:41:1f:00:a9:4e:be:19:4f:
e5:04:aa:d2:80:13:13:cc:fe:3b:64:c3:f4:be:8e:68:d9:92:
74:7f:11:67:4a:f6:de:05:57:5e:a3:87:9b:96:c0:cc:d1:ec:
b3:dd:f0:b6:a3:45:8f:88:ab:9d:59:bf:4c:16:da:26:81:18:
86:4c:0f:5d:ae:b9:fe:1f:c2:90:51:f3:04:40:28:24:7a:43:
19:c4:41:c8:63:9e:78:ef:db:c0:e8:11:59:0d:60:27:ad:98:
28:3c:a2:20:a7:3b:9c:2b:28:4b:bc:d9:bb:6d:22:04:45:42:
f1:54:0b:2c:81:06:0e:67:16:13:df:c9:19:90:7f:20:ca:f8:
41:5a:30:90
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYfbjyJkIPgZJ0D2YNFDRN6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjMwNTAyMDgyMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY5M2E2ZmI2ZmM4NzEyZTk1NTEzOTU3YTNmZDAwZGNhMTNjMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiFYgfLLyIilAcC29UWfAo99w75n
3vR/ecj6vv4C215/eU9chbPE0y30f18m83DPGtRwVOfMFasHSApMTrDv/SL0vS/A
TlvIKDIm49rhoaxLqIKsNIAsrf5er/Spg3+YxNTb6AFs+i65eOOHVxYju25Leyqi
Qftk0LeXrHUvGmhdqRmhy6jnhUIWCn3bDdABI4/PIVMkbH8NuoBlmoM5JLdRioWn
lPZh3DSqKayPl/bGpqeltJLon6RC8fJJNQO6YAVE+1OnYlF2TG00YyipUgXWKHZA
PgAKPxANhuCxABi9NFW4Rvll3IT4wI1fiw9QnGj4PzA69Kg9o9n7yd3SEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPT5Om+2/IcS6VUTlXo/0A3KE8NDMB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvOVBrNmI3YjhoeExwVlJPVmVqX1FEY29UdzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgG7ICAw
DQYJKoZIhvcNAQELBQADggEBAJpnd7yFvQZH/9REZEyik2QGT5DWG+ZhE+0czJmm
zb/dBZa6cH8msQU+9LFKSoF+vBkHYcWlDeoA32iB8k1zDvpgRwTDGcoJIRtTyufn
/+Iv9PwoS0bK/bIXA7pp/6OL1luY4FNBkl5KxyhhTpgn+iDftJc6OnpBHwCpTr4Z
T+UEqtKAExPM/jtkw/S+jmjZknR/EWdK9t4FV16jh5uWwMzR7LPd8LajRY+Iq51Z
v0wW2iaBGIZMD12uuf4fwpBR8wRAKCR6QxnEQchjnnjv28DoEVkNYCetmCg8oiCn
O5wrKEu82bttIgRFQvFUCyyBBg5nFhPfyRmQfyDK+EFaMJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:32 2024 by rpki-client on console-ams.rpki-client.org