Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/tFmaQDn2Ctg7AvHlDTwPx2dOpu8.roa
File: tFmaQDn2Ctg7AvHlDTwPx2dOpu8.roa (raw, json)
Hash identifier: IXiocoYFt7zYKatvp0iu+cpqgZ2xTMecR/x2ANyEV+Q=
Subject key identifier: B4:59:9A:40:39:F6:0A:D8:3B:02:F1:E5:0D:3C:0F:C7:67:4E:A6:EF
Certificate issuer: /CN=346474a33c051d17152b21322ccf4ff3808b4270
Certificate serial: 018EE20C17A3C4AFEAFB579B16B381A5DB72
Authority key identifier: 34:64:74:A3:3C:05:1D:17:15:2B:21:32:2C:CF:4F:F3:80:8B:42:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NGR0ozwFHRcVKyEyLM9P84CLQnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/tFmaQDn2Ctg7AvHlDTwPx2dOpu8.roa
Signing time: Mon 15 Apr 2024 13:57:06 +0000
ROA not before: Mon 15 Apr 2024 13:57:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215307
IP address blocks: 2a14:1f40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 10:34:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:0c:17:a3:c4:af:ea:fb:57:9b:16:b3:81:a5:db:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=346474a33c051d17152b21322ccf4ff3808b4270
Validity
Not Before: Apr 15 13:57:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4599a4039f60ad83b02f1e50d3c0fc7674ea6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:7c:d9:eb:90:84:82:5d:86:18:56:ba:a4:
50:dd:22:ec:9c:69:be:6f:27:d0:f7:eb:01:a2:a3:
d9:dc:24:6e:d2:6d:64:9c:86:78:e0:d3:63:15:6a:
65:a4:33:6b:38:b6:ba:b8:a7:af:4b:22:ad:1e:9a:
bf:a4:c5:45:da:d3:48:de:4b:7c:8d:19:04:d9:65:
6c:49:0f:dc:f8:f4:69:d4:ed:09:94:2d:98:fc:62:
83:6a:67:ee:9d:33:eb:53:64:ee:1a:8f:0e:4c:1c:
23:ec:ea:d0:5d:bb:02:9f:7b:c1:cb:74:9a:e3:ac:
95:f4:66:0c:48:bc:78:ba:c4:06:50:51:39:4e:5b:
28:d1:0a:5e:86:49:97:b2:f0:5a:74:d9:f1:80:f4:
34:a0:0b:3e:19:6c:a2:4c:0e:e9:43:9a:23:94:f9:
52:75:a7:09:d8:85:73:6c:bf:d6:6f:79:5f:2b:a4:
b7:18:38:db:a4:80:69:e4:f1:ca:bf:ba:89:f5:07:
5e:85:a0:a3:26:53:f5:be:df:4f:e8:68:30:70:db:
b2:ed:23:c1:1e:04:a9:48:06:f7:a3:d8:1e:37:c2:
89:52:89:d5:cd:14:3f:d0:25:ec:1d:7a:49:e6:63:
5b:ff:11:cd:b0:15:b5:9d:d8:0c:93:23:c6:30:44:
95:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:59:9A:40:39:F6:0A:D8:3B:02:F1:E5:0D:3C:0F:C7:67:4E:A6:EF
X509v3 Authority Key Identifier:
keyid:34:64:74:A3:3C:05:1D:17:15:2B:21:32:2C:CF:4F:F3:80:8B:42:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGR0ozwFHRcVKyEyLM9P84CLQnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/tFmaQDn2Ctg7AvHlDTwPx2dOpu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/NGR0ozwFHRcVKyEyLM9P84CLQnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1f40::/32
Signature Algorithm: sha256WithRSAEncryption
5a:1a:8d:5b:9a:2b:6a:bb:48:90:3f:34:13:ba:02:49:4c:e9:
f0:fe:17:f1:84:b0:6d:f2:26:e5:df:7e:5c:91:8e:77:ca:62:
8b:58:1b:cf:cc:a8:59:c8:af:b8:81:29:67:dc:eb:85:c7:af:
e3:9d:b5:a0:de:a1:11:86:4f:20:45:d7:91:70:e6:a6:9b:f5:
5f:65:ad:d1:24:93:a5:23:29:54:38:b2:c9:2f:97:17:5b:55:
d9:d9:c6:4b:d0:56:d4:b4:08:47:35:20:6c:67:09:cb:36:fe:
a9:6f:91:7c:8e:cd:72:70:ee:72:66:82:cc:d7:66:95:11:43:
4b:8f:f0:78:42:1a:8a:a4:16:d8:72:4d:13:cd:ef:3a:2f:19:
f4:e4:ca:4e:2e:d9:02:ac:ea:ca:bb:db:9b:c3:31:2d:eb:8c:
a5:65:65:0f:c4:6c:01:be:44:fe:d3:aa:bc:f2:ef:b0:0d:df:
aa:2e:a1:49:49:75:21:d8:84:bc:e4:4a:29:8e:95:9d:e1:6e:
08:4b:20:32:15:a2:76:8d:38:62:ae:c3:4f:40:a6:64:ad:93:
fe:7c:19:5d:9d:08:07:58:1c:3e:88:fa:9f:b9:d3:7d:c4:26:
d7:a2:60:0f:a8:56:55:a9:b7:df:08:b6:9b:48:59:b1:a1:fe:
40:ec:38:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7iDBejxK/q+1ebFrOBpdtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjQ3NGEzM2MwNTFkMTcxNTJiMjEzMjJjY2Y0ZmYzODA4
YjQyNzAwHhcNMjQwNDE1MTM1NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU5OWE0MDM5ZjYwYWQ4M2IwMmYxZTUwZDNjMGZjNzY3NGVhNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NF82euQhIJdhhhWuqRQ3SLsnGm+
byfQ9+sBoqPZ3CRu0m1knIZ44NNjFWplpDNrOLa6uKevSyKtHpq/pMVF2tNI3kt8
jRkE2WVsSQ/c+PRp1O0JlC2Y/GKDamfunTPrU2TuGo8OTBwj7OrQXbsCn3vBy3Sa
46yV9GYMSLx4usQGUFE5Tlso0QpehkmXsvBadNnxgPQ0oAs+GWyiTA7pQ5ojlPlS
dacJ2IVzbL/Wb3lfK6S3GDjbpIBp5PHKv7qJ9QdehaCjJlP1vt9P6GgwcNuy7SPB
HgSpSAb3o9geN8KJUonVzRQ/0CXsHXpJ5mNb/xHNsBW1ndgMkyPGMESVYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLRZmkA59grYOwLx5Q08D8dnTqbvMB8GA1UdIwQY
MBaAFDRkdKM8BR0XFSshMizPT/OAi0JwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdSMG96d0ZIUmNWS3lFeUxNOVA4NENMUW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8yYjlhNzItNjE4Ni00MTU0LWFlM2It
MDE1MjFlNjU4ZTk5LzEvdEZtYVFEbjJDdGc3QXZIbERUd1B4MmRPcHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8yYjlhNzItNjE4Ni00MTU0LWFlM2ItMDE1MjFlNjU4ZTk5
LzEvTkdSMG96d0ZIUmNWS3lFeUxNOVA4NENMUW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAWhqNW5orartIkD80E7oCSUzp8P4X8YSwbfIm5d9+
XJGOd8pii1gbz8yoWcivuIEpZ9zrhcev4521oN6hEYZPIEXXkXDmppv1X2Wt0SST
pSMpVDiyyS+XF1tV2dnGS9BW1LQIRzUgbGcJyzb+qW+RfI7NcnDucmaCzNdmlRFD
S4/weEIaiqQW2HJNE83vOi8Z9OTKTi7ZAqzqyrvbm8MxLeuMpWVlD8RsAb5E/tOq
vPLvsA3fqi6hSUl1IdiEvORKKY6VneFuCEsgMhWido04Yq7DT0CmZK2T/nwZXZ0I
B1gcPoj6n7nTfcQm16JgD6hWVam33wi2m0hZsaH+QOw4eA==
-----END CERTIFICATE-----
Generated at Wed Apr 17 15:04:50 2024 by rpki-client on console-ams.rpki-client.org