Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/sfI7iv0vDs9kwzVY_gTOsi_a9WY.roa
File: sfI7iv0vDs9kwzVY_gTOsi_a9WY.roa (raw, json)
Hash identifier: xvmJ2cjr4Rr9UxExxbJPACaigIlMTQNJvAHvpi6Jh7Y=
Subject key identifier: B1:F2:3B:8A:FD:2F:0E:CF:64:C3:35:58:FE:04:CE:B2:2F:DA:F5:66
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018CC3B6AC91F32DFFCD703D48A5479F4DFF
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/sfI7iv0vDs9kwzVY_gTOsi_a9WY.roa
Signing time: Mon 01 Jan 2024 06:29:38 +0000
ROA not before: Mon 01 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204010
IP address blocks: 2a05:906::/32 maxlen: 32
2a05:905::/32 maxlen: 32
2a05:907::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Mar 2024 12:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ac:91:f3:2d:ff:cd:70:3d:48:a5:47:9f:4d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jan 1 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1f23b8afd2f0ecf64c33558fe04ceb22fdaf566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:ff:41:24:b4:29:d3:75:b4:9a:7b:c3:53:
e4:fe:4d:a6:65:65:0d:b5:ab:18:5b:dd:54:b7:82:
fa:cc:dd:72:9d:eb:c6:05:98:82:da:45:f2:1a:6c:
e5:54:27:8d:37:13:4b:c2:ac:f4:89:00:41:1b:18:
4f:84:a3:be:a4:77:e8:af:47:16:6a:db:a8:05:ee:
70:3f:a4:06:e0:eb:a7:c0:ad:fa:c5:63:30:48:e9:
e3:79:0c:1a:c0:d8:98:c2:63:b5:3f:96:f6:47:2f:
2a:17:ca:e0:0b:85:03:35:be:63:77:a0:fb:d8:ce:
9e:fd:96:1c:4d:73:c8:b8:cc:56:ac:70:99:29:21:
48:93:cb:d0:64:25:a8:ab:59:0d:6b:43:f2:f7:0d:
ab:76:eb:f0:6f:9b:81:be:8e:d2:b1:c1:41:6f:e0:
ab:1a:fb:c2:a9:db:43:1f:a6:97:5e:5f:00:13:c3:
5b:0d:62:39:89:55:24:38:79:63:8f:36:64:fe:8e:
d3:23:1d:d8:c3:d3:f7:78:1a:b4:76:79:da:5d:b2:
cd:2e:f3:c3:25:43:32:1c:15:4d:c5:a4:4d:08:06:
ec:2a:ad:54:05:96:bf:46:c3:e3:5d:ea:56:b0:60:
70:47:e0:e1:2f:1e:01:7f:a3:d4:19:bc:9d:16:65:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F2:3B:8A:FD:2F:0E:CF:64:C3:35:58:FE:04:CE:B2:2F:DA:F5:66
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/sfI7iv0vDs9kwzVY_gTOsi_a9WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:905::-2a05:907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:1c:4a:5e:1c:db:b3:5c:b8:89:6e:ee:e0:a6:19:3b:e0:31:
59:8b:49:14:cc:e3:f9:bc:3e:0f:15:68:ce:55:47:12:44:97:
a8:c6:62:3d:3c:78:37:ae:97:9b:ec:48:1c:ee:a4:1f:11:74:
33:08:dd:46:a2:1a:a4:fc:4f:95:26:d2:91:22:27:e5:10:0c:
99:61:85:e6:0b:62:db:74:09:3c:21:a1:aa:34:af:8d:5e:d4:
65:66:4b:1b:08:e5:7e:35:61:5c:12:50:72:92:c3:e6:68:f6:
b9:b3:3d:e4:8b:ec:a9:7a:a1:56:82:f8:db:4f:1e:9e:a9:62:
8f:f4:7b:25:49:20:ee:34:c3:2f:58:ea:2d:f0:29:8d:94:94:
84:42:43:9c:49:80:1d:0c:ad:e5:cf:e0:08:40:bc:3c:87:48:
7e:28:eb:4c:b1:9f:af:f5:1b:5a:3e:fd:5f:31:10:43:3c:30:
a2:c2:fd:a3:db:d9:b6:95:2d:04:eb:20:e8:7a:ea:d3:68:01:
e6:0d:52:ea:bc:47:e2:38:96:3c:1a:89:43:ba:03:e3:46:3d:
96:31:2a:00:2e:0f:12:5e:08:8a:ec:f3:77:03:12:da:29:f4:
0a:b2:13:a9:40:d3:d9:2b:fd:d4:17:87:b7:d2:26:34:fc:8e:
ee:69:44:01
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzDtqyR8y3/zXA9SKVHn03/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYyM2I4YWZkMmYwZWNmNjRjMzM1NThmZTA0Y2ViMjJmZGFmNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnj/QSS0KdN1tJp7w1Pk/k2mZWUN
tasYW91Ut4L6zN1ynevGBZiC2kXyGmzlVCeNNxNLwqz0iQBBGxhPhKO+pHfor0cW
atuoBe5wP6QG4OunwK36xWMwSOnjeQwawNiYwmO1P5b2Ry8qF8rgC4UDNb5jd6D7
2M6e/ZYcTXPIuMxWrHCZKSFIk8vQZCWoq1kNa0Py9w2rduvwb5uBvo7SscFBb+Cr
GvvCqdtDH6aXXl8AE8NbDWI5iVUkOHljjzZk/o7TIx3Yw9P3eBq0dnnaXbLNLvPD
JUMyHBVNxaRNCAbsKq1UBZa/RsPjXepWsGBwR+DhLx4Bf6PUGbydFmWJpwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLHyO4r9Lw7PZMM1WP4EzrIv2vVmMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvc2ZJN2l2MHZEczlrd3pWWV9nVE9zaV9hOVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqBQkF
AwUDKgUJADANBgkqhkiG9w0BAQsFAAOCAQEAORxKXhzbs1y4iW7u4KYZO+AxWYtJ
FMzj+bw+DxVozlVHEkSXqMZiPTx4N66Xm+xIHO6kHxF0MwjdRqIapPxPlSbSkSIn
5RAMmWGF5gti23QJPCGhqjSvjV7UZWZLGwjlfjVhXBJQcpLD5mj2ubM95IvsqXqh
VoL4208enqlij/R7JUkg7jTDL1jqLfApjZSUhEJDnEmAHQyt5c/gCEC8PIdIfijr
TLGfr/UbWj79XzEQQzwwosL9o9vZtpUtBOsg6Hrq02gB5g1S6rxH4jiWPBqJQ7oD
40Y9ljEqAC4PEl4IiuzzdwMS2in0CrITqUDT2Sv91BeHt9ImNPyO7mlEAQ==
-----END CERTIFICATE-----
Generated at Thu Mar 7 17:08:13 2024 by rpki-client on console-ams.rpki-client.org