Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/1g_9TYdDG9z2d2nAo-7lAC5wKUc.roa
File: 1g_9TYdDG9z2d2nAo-7lAC5wKUc.roa (raw, json)
Hash identifier: 2jH8dKmeLOH2qi4PLOQwrG/cRWsHxufQcZPi+oK2atE=
Subject key identifier: D6:0F:FD:4D:87:43:1B:DC:F6:77:69:C0:A3:EE:E5:00:2E:70:29:47
Certificate issuer: /CN=3a48e033deb64ac4243c72ce899d53822df6996d
Certificate serial: 01856D0ABB36DFAADF7939DEE6A12B91A100
Authority key identifier: 3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/1g_9TYdDG9z2d2nAo-7lAC5wKUc.roa
Signing time: Sun 01 Jan 2023 11:14:57 +0000
ROA not before: Sun 01 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47543
IP address blocks: 2001:678:1c8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:bb:36:df:aa:df:79:39:de:e6:a1:2b:91:a1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48e033deb64ac4243c72ce899d53822df6996d
Validity
Not Before: Jan 1 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d60ffd4d87431bdcf67769c0a3eee5002e702947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1a:dc:9c:ba:e5:5f:bc:55:ca:69:4e:64:e4:
eb:0b:15:e6:9a:40:b6:90:87:62:e0:eb:04:0a:c5:
98:5f:29:34:04:85:3b:0d:13:ee:2a:97:da:8e:34:
03:36:00:c2:20:38:b5:f4:96:3c:c6:7c:40:7f:a1:
9e:6e:38:24:e7:19:4a:b5:31:18:80:bb:c7:71:80:
e4:dd:b9:a0:68:25:0d:6c:54:b5:40:03:20:77:c5:
e7:b7:87:c4:76:82:a1:72:28:a7:51:b0:b4:f9:94:
83:25:55:07:1f:fb:ee:bd:68:5e:b3:9c:69:b5:9c:
c1:36:4c:c3:ef:e1:3b:ee:65:45:c4:2d:b4:7c:55:
d6:d3:4d:2a:de:66:c5:58:45:c1:09:d0:40:55:67:
c3:35:93:2a:dc:13:dc:df:34:90:d8:56:71:40:5f:
ca:72:92:a4:4c:d0:ff:b2:54:e7:7a:01:81:91:b4:
69:81:39:7c:ff:c3:a8:64:1c:73:9c:c2:22:7e:8d:
a0:d5:02:0b:54:e9:a5:c0:b3:d6:8e:5f:09:f4:d5:
b9:cd:5c:0d:23:06:df:d7:b2:9b:68:1b:8b:6d:42:
ab:c2:64:c9:8e:f9:9e:67:f0:54:a1:a5:88:13:cb:
54:4b:ee:da:5d:5d:2a:01:c9:e2:0b:50:85:f5:17:
13:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0F:FD:4D:87:43:1B:DC:F6:77:69:C0:A3:EE:E5:00:2E:70:29:47
X509v3 Authority Key Identifier:
keyid:3A:48:E0:33:DE:B6:4A:C4:24:3C:72:CE:89:9D:53:82:2D:F6:99:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OkjgM962SsQkPHLOiZ1Tgi32mW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/1g_9TYdDG9z2d2nAo-7lAC5wKUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7fa7b0-ace4-492d-8e91-c5321dc9e64b/1/OkjgM962SsQkPHLOiZ1Tgi32mW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1c8::/48
Signature Algorithm: sha256WithRSAEncryption
2b:22:bb:18:b5:eb:c0:b8:c5:b3:90:56:4a:29:a7:4b:49:09:
65:8c:1e:c6:7f:44:c1:2f:8b:5b:ce:9f:dd:3a:eb:08:0f:fe:
f8:a3:9d:f5:c2:6b:73:18:9a:42:79:cc:02:15:3a:9c:65:f1:
01:fa:c8:23:08:dc:6d:82:c5:38:c6:f2:37:7c:52:14:46:27:
4a:97:5f:1a:30:ab:75:69:66:b3:6f:65:6a:12:75:bd:55:a8:
cf:4e:9c:cb:92:94:42:7f:e3:92:fc:a0:e3:b8:72:20:ac:b0:
50:22:74:f8:1a:87:bc:d7:1b:df:54:fb:de:9c:bc:8f:73:2d:
2e:9f:dd:27:3a:d0:83:53:82:8b:3f:57:8f:63:69:69:42:30:
6e:8a:8f:1f:a3:fa:de:8b:02:fc:06:f6:25:1d:70:a8:37:83:
98:75:2f:35:65:bc:df:da:d3:89:78:6f:1a:17:b0:cd:0e:6b:
7d:68:8d:95:8a:bd:d6:a3:b9:a1:9b:69:20:0a:7d:27:77:65:
b6:00:39:b8:d7:88:ee:b7:d0:9a:73:60:b1:2e:1a:f3:2a:86:
60:b6:6f:a2:4e:42:d0:d7:50:40:d5:dd:60:57:85:5e:44:ff:
05:fd:e8:a8:64:79:d2:be:df:ef:68:fe:d4:cf:49:5f:7d:af:
df:8e:ca:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtCrs236rfeTne5qErkaEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhlMDMzZGViNjRhYzQyNDNjNzJjZTg5OWQ1MzgyMmRm
Njk5NmQwHhcNMjMwMTAxMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBmZmQ0ZDg3NDMxYmRjZjY3NzY5YzBhM2VlZTUwMDJlNzAyOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhrcnLrlX7xVymlOZOTrCxXmmkC2
kIdi4OsECsWYXyk0BIU7DRPuKpfajjQDNgDCIDi19JY8xnxAf6Gebjgk5xlKtTEY
gLvHcYDk3bmgaCUNbFS1QAMgd8Xnt4fEdoKhciinUbC0+ZSDJVUHH/vuvWhes5xp
tZzBNkzD7+E77mVFxC20fFXW000q3mbFWEXBCdBAVWfDNZMq3BPc3zSQ2FZxQF/K
cpKkTND/slTnegGBkbRpgTl8/8OoZBxznMIifo2g1QILVOmlwLPWjl8J9NW5zVwN
Iwbf17KbaBuLbUKrwmTJjvmeZ/BUoaWIE8tUS+7aXV0qAcniC1CF9RcTPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNYP/U2HQxvc9ndpwKPu5QAucClHMB8GA1UdIwQY
MBaAFDpI4DPetkrEJDxyzomdU4It9pltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEt
YzUzMjFkYzllNjRiLzEvMWdfOVRZZERHOXoyZDJuQW8tN2xBQzV3S1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83ZmE3YjAtYWNlNC00OTJkLThlOTEtYzUzMjFkYzllNjRi
LzEvT2tqZ005NjJTc1FrUEhMT2laMVRnaTMybVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAHI
MA0GCSqGSIb3DQEBCwUAA4IBAQArIrsYtevAuMWzkFZKKadLSQlljB7Gf0TBL4tb
zp/dOusID/74o531wmtzGJpCecwCFTqcZfEB+sgjCNxtgsU4xvI3fFIURidKl18a
MKt1aWazb2VqEnW9VajPTpzLkpRCf+OS/KDjuHIgrLBQInT4Goe81xvfVPvenLyP
cy0un90nOtCDU4KLP1ePY2lpQjBuio8fo/reiwL8BvYlHXCoN4OYdS81Zbzf2tOJ
eG8aF7DNDmt9aI2Vir3Wo7mhm2kgCn0nd2W2ADm414jut9Cac2CxLhrzKoZgtm+i
TkLQ11BA1d1gV4VeRP8F/eioZHnSvt/vaP7Uz0lffa/fjsrj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org