Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/dd8877-d082-41ea-9f85-696b615cbec3/1/904s3LWf8uITDwUgHzwIwDLhuMA.roa
File: 904s3LWf8uITDwUgHzwIwDLhuMA.roa (raw, json)
Hash identifier: xS3T/xzk8YK8ErB8MybXW70qJ1vREMkRL0dOiPxMn3Y=
Subject key identifier: F7:4E:2C:DC:B5:9F:F2:E2:13:0F:05:20:1F:3C:08:C0:32:E1:B8:C0
Certificate issuer: /CN=4003350bcc7b540fadea951e046081d8da06c145
Certificate serial: 018CC7274B59DB2E85D42F7D097FFF8D1882
Authority key identifier: 40:03:35:0B:CC:7B:54:0F:AD:EA:95:1E:04:60:81:D8:DA:06:C1:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAM1C8x7VA-t6pUeBGCB2NoGwUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/dd8877-d082-41ea-9f85-696b615cbec3/1/904s3LWf8uITDwUgHzwIwDLhuMA.roa
Signing time: Mon 01 Jan 2024 22:31:30 +0000
ROA not before: Mon 01 Jan 2024 22:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58251
IP address blocks: 2a13:8b40:2::/48 maxlen: 48
2a13:8b40:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Apr 2024 10:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4b:59:db:2e:85:d4:2f:7d:09:7f:ff:8d:18:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4003350bcc7b540fadea951e046081d8da06c145
Validity
Not Before: Jan 1 22:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74e2cdcb59ff2e2130f05201f3c08c032e1b8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:0a:a1:4e:87:a3:4b:d8:ff:d7:65:c5:0b:
77:20:41:3d:8b:55:94:ac:88:95:29:68:41:a9:74:
ee:6c:fe:26:d4:9d:ae:63:b9:57:26:13:02:72:a6:
95:d0:0a:36:8a:25:6f:8a:ba:0e:e4:ba:69:d4:2e:
02:8a:50:e6:6d:72:a5:3b:22:6b:77:07:3c:2d:c7:
11:95:95:4c:0a:21:1a:1a:76:a7:03:65:93:c3:a8:
a9:5f:d2:3b:74:15:d3:e8:58:50:d0:20:9b:f1:7b:
db:5b:75:fd:e3:a9:5c:86:2d:ea:a6:94:92:18:b0:
70:c4:5c:b0:1b:bc:bd:ae:02:43:93:3d:f9:f9:de:
96:25:e0:51:17:f1:f3:68:69:67:a3:54:20:27:2e:
3a:ec:38:55:03:0f:10:55:d7:4d:8f:78:22:f4:a4:
b7:e6:69:22:ac:bf:9f:3a:d0:f5:1f:5f:ca:c2:b9:
3b:29:bd:e3:76:d5:81:59:24:7a:c6:d1:6b:79:05:
97:a0:e1:eb:67:a2:01:e0:4b:59:c1:00:21:c7:e8:
a4:84:01:85:fb:f5:99:bd:77:16:7a:c1:77:9a:e8:
fc:fa:b7:9c:39:72:81:3b:24:7a:b4:49:46:ce:f4:
8a:fa:fc:04:d7:58:65:60:fa:af:98:f0:63:d2:d7:
4d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4E:2C:DC:B5:9F:F2:E2:13:0F:05:20:1F:3C:08:C0:32:E1:B8:C0
X509v3 Authority Key Identifier:
keyid:40:03:35:0B:CC:7B:54:0F:AD:EA:95:1E:04:60:81:D8:DA:06:C1:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAM1C8x7VA-t6pUeBGCB2NoGwUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/dd8877-d082-41ea-9f85-696b615cbec3/1/904s3LWf8uITDwUgHzwIwDLhuMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/dd8877-d082-41ea-9f85-696b615cbec3/1/QAM1C8x7VA-t6pUeBGCB2NoGwUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8b40:1::-2a13:8b40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
08:8b:1b:32:45:96:ce:3d:7b:f8:a6:7b:13:11:18:7b:ac:49:
e7:92:71:4a:78:c0:8c:b1:d4:3c:97:01:e5:81:e9:09:67:ea:
37:b4:bb:1d:8e:50:b2:e2:e1:76:b0:42:29:b7:32:06:d6:80:
f6:96:e8:68:42:68:61:f6:f9:6c:f3:b1:35:72:92:17:25:40:
6e:1c:ce:b5:b9:32:db:db:74:57:c0:ba:3d:26:62:13:99:2e:
45:f2:e0:65:9f:51:94:cc:50:da:82:4d:f1:53:ed:76:da:ae:
ca:3d:a4:58:3a:e1:f0:17:c0:95:98:24:93:b1:51:12:db:52:
57:99:5f:5f:8e:af:b9:67:3f:a4:7f:7e:50:76:5a:2b:d7:22:
a5:e8:5b:aa:a3:3c:c1:fd:c3:1e:00:54:97:05:a6:08:1b:e0:
13:a3:22:cc:fa:c8:a5:60:a1:b7:7e:fa:20:e6:b9:f0:0f:00:
9b:98:c3:2c:9e:cc:d6:07:ac:bf:9c:ce:91:78:84:b8:d6:b9:
ff:05:69:6c:65:d8:26:77:2f:c5:2b:90:dc:74:ed:96:6f:8c:
ee:fc:97:bc:d6:dd:e1:73:86:31:ab:d5:ed:c8:cf:8c:0c:e1:
56:54:25:a7:68:ab:25:b7:24:e8:bc:72:d7:8c:32:fc:3c:a8:
d2:6b:53:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJ0tZ2y6F1C99CX//jRiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDMzNTBiY2M3YjU0MGZhZGVhOTUxZTA0NjA4MWQ4ZGEw
NmMxNDUwHhcNMjQwMTAxMjIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRlMmNkY2I1OWZmMmUyMTMwZjA1MjAxZjNjMDhjMDMyZTFiOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnugKoU6Ho0vY/9dlxQt3IEE9i1WU
rIiVKWhBqXTubP4m1J2uY7lXJhMCcqaV0Ao2iiVviroO5Lpp1C4CilDmbXKlOyJr
dwc8LccRlZVMCiEaGnanA2WTw6ipX9I7dBXT6FhQ0CCb8XvbW3X946lchi3qppSS
GLBwxFywG7y9rgJDkz35+d6WJeBRF/HzaGlno1QgJy467DhVAw8QVddNj3gi9KS3
5mkirL+fOtD1H1/Kwrk7Kb3jdtWBWSR6xtFreQWXoOHrZ6IB4EtZwQAhx+ikhAGF
+/WZvXcWesF3muj8+recOXKBOyR6tElGzvSK+vwE11hlYPqvmPBj0tdNSQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPdOLNy1n/LiEw8FIB88CMAy4bjAMB8GA1UdIwQY
MBaAFEADNQvMe1QPreqVHgRggdjaBsFFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFNMUM4eDdWQS10NnBVZUJHQ0IyTm9Hd1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZDg4NzctZDA4Mi00MWVhLTlmODUt
Njk2YjYxNWNiZWMzLzEvOTA0czNMV2Y4dUlURHdVZ0h6d0l3RExodU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZDg4NzctZDA4Mi00MWVhLTlmODUtNjk2YjYxNWNiZWMz
LzEvUUFNMUM4eDdWQS10NnBVZUJHQ0IyTm9Hd1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqE4tA
AAEDBwAqE4tAAAIwDQYJKoZIhvcNAQELBQADggEBAAiLGzJFls49e/imexMRGHus
SeeScUp4wIyx1DyXAeWB6Qln6je0ux2OULLi4XawQim3MgbWgPaW6GhCaGH2+Wzz
sTVykhclQG4czrW5MtvbdFfAuj0mYhOZLkXy4GWfUZTMUNqCTfFT7Xbarso9pFg6
4fAXwJWYJJOxURLbUleZX1+Or7lnP6R/flB2WivXIqXoW6qjPMH9wx4AVJcFpggb
4BOjIsz6yKVgobd++iDmufAPAJuYwyyezNYHrL+czpF4hLjWuf8FaWxl2CZ3L8Ur
kNx07ZZvjO78l7zW3eFzhjGr1e3Iz4wM4VZUJadoqyW3JOi8cteMMvw8qNJrU2o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:13 2024 by rpki-client on console-ams.rpki-client.org