Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/x4iqI0vPnD702HhxAjX54IiZWpA.roa
File: x4iqI0vPnD702HhxAjX54IiZWpA.roa (raw, json)
Hash identifier: x/fI5f5rziOm9/J59z/e3qetS0hGtgIGmEfQ/P4vfKw=
Subject key identifier: C7:88:AA:23:4B:CF:9C:3E:F4:D8:78:71:02:35:F9:E0:88:99:5A:90
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185708C919B6C41B391727B64E02B379CFA
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/x4iqI0vPnD702HhxAjX54IiZWpA.roa
Signing time: Mon 02 Jan 2023 03:35:38 +0000
ROA not before: Mon 02 Jan 2023 03:35:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12929
IP address blocks: 2001:2020::/31 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:91:9b:6c:41:b3:91:72:7b:64:e0:2b:37:9c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 2 03:35:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c788aa234bcf9c3ef4d878710235f9e088995a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c6:c9:77:52:8c:e8:57:a4:5c:d6:c6:37:b2:
c7:ea:c8:cc:a4:92:9a:94:9f:bc:69:8f:c1:0f:da:
04:46:3d:aa:f1:f7:fb:a9:5c:f3:55:3e:d5:35:54:
84:71:08:0b:1b:86:cb:00:e3:e0:2d:e1:d2:57:42:
5d:34:36:15:a3:29:bb:6a:39:27:1d:43:4f:b2:85:
f8:6a:76:95:b0:57:67:f9:fc:3a:02:b5:5a:47:db:
e9:a2:bf:e4:06:4f:eb:a4:c2:75:b7:81:87:ed:5e:
52:b1:8f:d0:8f:c3:d9:8f:9c:ff:bb:05:e2:27:ad:
ac:c5:e9:d5:97:66:0b:6b:4d:48:85:9c:ef:fa:37:
1e:df:ab:4e:aa:64:27:4b:f2:8e:de:73:9d:a0:ed:
8a:f1:89:94:17:5d:95:87:11:4f:28:95:1f:99:dc:
29:ab:e6:2a:02:82:27:7e:41:1e:a6:7d:a2:39:e0:
84:4f:5a:11:66:57:f2:37:9d:a2:b1:37:67:5e:46:
bb:35:d9:ec:c2:80:e3:82:b4:f3:7e:29:d7:50:4a:
e5:b9:f0:c2:3e:2f:7c:72:e9:dc:dc:7e:0b:c7:cb:
a5:6f:b2:65:73:33:d2:5f:f7:9c:64:0f:91:9a:d1:
4c:ba:8b:c6:e3:09:66:ac:ef:79:9a:56:cd:0b:e8:
51:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:88:AA:23:4B:CF:9C:3E:F4:D8:78:71:02:35:F9:E0:88:99:5A:90
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/x4iqI0vPnD702HhxAjX54IiZWpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2020::/31
Signature Algorithm: sha256WithRSAEncryption
15:e5:82:f8:1a:0c:31:09:fe:67:d9:72:e2:6b:4f:60:1e:fa:
c1:fa:13:c2:6f:9c:4e:d5:69:3d:31:fd:d1:9a:71:c9:87:b9:
a4:e2:6c:6d:e1:76:58:5e:5b:ca:22:cd:f2:aa:ea:47:0c:96:
69:22:e0:de:59:7c:41:5c:de:6d:12:96:59:f8:b6:24:30:ed:
05:bb:08:ad:c7:27:6c:14:0a:67:87:0f:b1:53:8e:20:79:c1:
04:a9:50:22:88:01:14:bd:10:14:1c:77:7d:06:b9:30:4b:6a:
6f:40:12:a1:3b:42:8a:f9:7c:92:91:93:01:64:ce:7c:1b:ec:
26:a3:c3:c2:f4:20:1b:44:84:e1:64:34:71:dd:41:d8:d2:e0:
84:50:e4:da:01:cd:c8:d4:a3:e0:54:f8:f5:d4:a1:29:1b:5b:
57:bb:fd:bc:c5:5a:83:fa:ef:a5:ac:12:da:12:e7:da:2e:60:
e4:b6:1d:5d:f2:3c:47:41:2c:b3:da:19:68:f9:12:65:87:3d:
56:a4:79:e9:46:98:0d:85:9e:de:42:26:62:0d:4d:3b:9e:94:
84:b6:f4:ec:3d:91:84:f0:ad:31:4e:f2:c7:ae:c4:1f:de:df:
45:03:62:32:13:86:10:f6:e8:da:16:7c:62:de:02:f6:da:ab:
81:6e:85:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwjJGbbEGzkXJ7ZOArN5z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTAyMDMzNTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg4YWEyMzRiY2Y5YzNlZjRkODc4NzEwMjM1ZjllMDg4OTk1YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8bJd1KM6FekXNbGN7LH6sjMpJKa
lJ+8aY/BD9oERj2q8ff7qVzzVT7VNVSEcQgLG4bLAOPgLeHSV0JdNDYVoym7ajkn
HUNPsoX4anaVsFdn+fw6ArVaR9vpor/kBk/rpMJ1t4GH7V5SsY/Qj8PZj5z/uwXi
J62sxenVl2YLa01IhZzv+jce36tOqmQnS/KO3nOdoO2K8YmUF12VhxFPKJUfmdwp
q+YqAoInfkEepn2iOeCET1oRZlfyN52isTdnXka7NdnswoDjgrTzfinXUErlufDC
Pi98cunc3H4Lx8ulb7JlczPSX/ecZA+RmtFMuovG4wlmrO95mlbNC+hRvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMeIqiNLz5w+9Nh4cQI1+eCImVqQMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEveDRpcUkwdlBuRDcwMkhoeEFqWDU0SWlaV3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEgIDAN
BgkqhkiG9w0BAQsFAAOCAQEAFeWC+BoMMQn+Z9ly4mtPYB76wfoTwm+cTtVpPTH9
0ZpxyYe5pOJsbeF2WF5byiLN8qrqRwyWaSLg3ll8QVzebRKWWfi2JDDtBbsIrccn
bBQKZ4cPsVOOIHnBBKlQIogBFL0QFBx3fQa5MEtqb0ASoTtCivl8kpGTAWTOfBvs
JqPDwvQgG0SE4WQ0cd1B2NLghFDk2gHNyNSj4FT49dShKRtbV7v9vMVag/rvpawS
2hLn2i5g5LYdXfI8R0Ess9oZaPkSZYc9VqR56UaYDYWe3kImYg1NO56UhLb07D2R
hPCtMU7yx67EH97fRQNiMhOGEPbo2hZ8Yt4C9tqrgW6FlQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:34 2024 by rpki-client on console-ams.rpki-client.org