Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/lTKvhIs1ATAWqNMCKMMmsCi6Btc.roa
File: lTKvhIs1ATAWqNMCKMMmsCi6Btc.roa (raw, json)
Hash identifier: KsuU3oPpN3wQ8Id9FLnJpfKwNbyjLZ55tqXyJztXYZw=
Subject key identifier: 95:32:AF:84:8B:35:01:30:16:A8:D3:02:28:C3:26:B0:28:BA:06:D7
Certificate issuer: /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial: 018CC8713E4A2D85DAB5FD8DC69A5DB11209
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/lTKvhIs1ATAWqNMCKMMmsCi6Btc.roa
Signing time: Tue 02 Jan 2024 04:31:53 +0000
ROA not before: Tue 02 Jan 2024 04:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52041
IP address blocks: 2a0c:7b82::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jan 2024 23:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3e:4a:2d:85:da:b5:fd:8d:c6:9a:5d:b1:12:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Validity
Not Before: Jan 2 04:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9532af848b35013016a8d30228c326b028ba06d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:81:8d:16:49:c5:f1:e7:d2:76:9b:3e:8e:7d:
cf:f7:bb:5f:e5:c1:89:35:d2:95:27:4e:58:f2:5c:
61:a2:74:8d:4f:0b:ef:a5:28:6d:c1:a4:aa:da:fc:
69:7e:b6:3d:14:04:ca:14:35:45:af:bc:39:4e:87:
91:43:d2:e0:ca:e4:2a:86:cd:15:75:26:92:6a:e7:
63:78:b6:22:1a:88:fb:65:d8:1a:0f:d7:97:8b:b6:
fa:f5:3f:6c:07:c4:3e:58:52:fd:ce:a5:2f:0e:9c:
9f:49:02:e8:21:e3:3d:4a:fe:09:47:60:c6:28:c3:
e4:68:0f:4d:48:71:f9:ce:ef:6a:59:9c:17:3e:4b:
d6:a2:fb:16:ac:20:af:36:67:59:48:da:13:78:a8:
43:fd:6a:1e:c8:52:43:fb:f5:79:af:dc:7f:85:12:
07:4f:47:b7:9f:c1:68:0b:83:35:2d:cc:83:ea:05:
11:21:6a:57:a2:46:68:c8:61:3e:7a:f3:30:aa:bd:
a3:ec:c4:f1:65:5f:d9:0e:be:f7:f1:2f:0f:17:05:
d3:6b:9f:bd:78:42:94:51:c0:24:95:36:c5:0f:45:
aa:b2:19:fd:6f:80:60:84:d0:b2:95:31:c4:d6:eb:
54:b6:4a:b7:b5:8d:a9:9a:cc:42:17:45:fd:2b:48:
68:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:32:AF:84:8B:35:01:30:16:A8:D3:02:28:C3:26:B0:28:BA:06:D7
X509v3 Authority Key Identifier:
keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/lTKvhIs1ATAWqNMCKMMmsCi6Btc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7b82::/32
Signature Algorithm: sha256WithRSAEncryption
9a:3c:e3:ff:90:c8:7a:63:b2:58:b6:67:77:89:b4:3e:ee:25:
b3:e1:01:fb:8e:03:49:23:6e:eb:b5:f3:8e:e7:c4:e0:d8:c6:
65:0c:ae:96:e2:57:2e:ee:0b:aa:33:ab:77:73:47:12:d9:93:
62:7d:65:4d:5b:d3:2c:b4:e3:2a:90:ed:c2:31:51:da:b3:13:
0f:f2:08:16:f2:8d:80:14:0f:5e:f7:cf:f5:2e:3f:1a:d1:18:
40:a8:0d:a0:10:16:94:43:06:8f:6f:4e:01:28:a3:71:a2:ca:
6c:38:66:14:8c:f5:14:c2:c8:81:cd:31:ad:ac:4c:e1:cb:aa:
12:e7:3d:49:81:d3:30:78:a3:5c:71:fc:98:41:b2:e7:65:e0:
c5:ed:2b:12:91:48:0e:6f:9e:01:98:0f:dd:b4:75:85:c7:d4:
98:1e:48:14:33:b8:ee:fe:99:93:fe:8c:31:4e:e9:62:99:da:
4c:df:a0:0b:59:84:a8:10:b8:b3:81:a1:99:1e:9b:e4:7b:a5:
2a:1a:52:5b:a6:a2:67:4f:4b:bc:5d:b4:91:30:ae:15:d6:e6:
99:8e:81:5c:73:02:ce:c7:ca:8d:99:37:f8:d1:70:04:ad:05:
ca:e6:67:1d:62:13:35:7e:64:ae:29:9d:99:f8:fa:0b:64:2c:
38:9e:46:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcT5KLYXatf2NxppdsRIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjQwMTAyMDQzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTMyYWY4NDhiMzUwMTMwMTZhOGQzMDIyOGMzMjZiMDI4YmEwNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoGNFknF8efSdps+jn3P97tf5cGJ
NdKVJ05Y8lxhonSNTwvvpShtwaSq2vxpfrY9FATKFDVFr7w5ToeRQ9LgyuQqhs0V
dSaSaudjeLYiGoj7ZdgaD9eXi7b69T9sB8Q+WFL9zqUvDpyfSQLoIeM9Sv4JR2DG
KMPkaA9NSHH5zu9qWZwXPkvWovsWrCCvNmdZSNoTeKhD/WoeyFJD+/V5r9x/hRIH
T0e3n8FoC4M1LcyD6gURIWpXokZoyGE+evMwqr2j7MTxZV/ZDr738S8PFwXTa5+9
eEKUUcAklTbFD0Wqshn9b4BghNCylTHE1utUtkq3tY2pmsxCF0X9K0hoRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJUyr4SLNQEwFqjTAijDJrAougbXMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvbFRLdmhJczFBVEFXcU5NQ0tNTW1zQ2k2QnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgx7gjAN
BgkqhkiG9w0BAQsFAAOCAQEAmjzj/5DIemOyWLZnd4m0Pu4ls+EB+44DSSNu67Xz
jufE4NjGZQyuluJXLu4LqjOrd3NHEtmTYn1lTVvTLLTjKpDtwjFR2rMTD/IIFvKN
gBQPXvfP9S4/GtEYQKgNoBAWlEMGj29OASijcaLKbDhmFIz1FMLIgc0xraxM4cuq
Euc9SYHTMHijXHH8mEGy52Xgxe0rEpFIDm+eAZgP3bR1hcfUmB5IFDO47v6Zk/6M
MU7pYpnaTN+gC1mEqBC4s4GhmR6b5HulKhpSW6aiZ09LvF20kTCuFdbmmY6BXHMC
zsfKjZk3+NFwBK0FyuZnHWITNX5krimdmfj6C2QsOJ5GuQ==
-----END CERTIFICATE-----
Generated at Thu Jan 11 02:23:03 2024 by rpki-client on console-ams.rpki-client.org