Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/3B7DfFGzUga5zW6yDJx6bQt-S_g.roa
File: 3B7DfFGzUga5zW6yDJx6bQt-S_g.roa (raw, json)
Hash identifier: LwgFrujOxjt34teIxJU1+TzssZ3VgMHk23Vj2qTrvis=
Subject key identifier: DC:1E:C3:7C:51:B3:52:06:B9:CD:6E:B2:0C:9C:7A:6D:0B:7E:4B:F8
Certificate issuer: /CN=3026806a6b8dac68c2a32b65849229524fc33da7
Certificate serial: 018AB6BE5EF82AF83D03C013E5F0874B0D40
Authority key identifier: 30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/3B7DfFGzUga5zW6yDJx6bQt-S_g.roa
Signing time: Thu 21 Sep 2023 07:57:23 +0000
ROA not before: Thu 21 Sep 2023 07:57:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49697
IP address blocks: 2001:678:a00::/48 maxlen: 48
2001:678:964::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:be:5e:f8:2a:f8:3d:03:c0:13:e5:f0:87:4b:0d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3026806a6b8dac68c2a32b65849229524fc33da7
Validity
Not Before: Sep 21 07:57:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc1ec37c51b35206b9cd6eb20c9c7a6d0b7e4bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:26:92:8a:7f:73:6a:2e:61:59:44:02:bc:8f:
07:b0:14:e5:0a:a1:f3:9a:c5:ce:64:44:3d:64:65:
45:63:44:29:81:52:db:31:6e:f6:1e:25:a6:cf:d8:
35:dc:07:a0:4c:96:61:26:45:87:48:d0:77:44:e8:
7a:50:87:bb:37:31:28:2b:c2:9d:79:34:2c:ce:25:
77:43:d0:54:5d:bc:bf:43:78:28:aa:37:16:4f:7f:
17:e4:f6:a5:63:56:52:a2:c5:67:37:6f:cd:56:78:
5a:f9:a6:a5:10:ec:59:f7:0e:7b:17:d0:58:50:4c:
a1:db:84:b3:7a:1d:e5:22:e4:d4:92:8d:d0:72:83:
6b:67:81:db:ff:a8:dc:85:f3:09:a7:21:2e:2d:64:
b9:6c:39:f5:57:03:50:c9:da:ef:92:a7:7e:06:b6:
4c:e5:96:cd:5b:1e:16:29:ed:ff:3f:e5:bb:8c:bc:
99:4a:ff:7a:70:62:ff:86:57:d4:c8:04:ae:09:f6:
ed:e6:3e:3c:ba:67:3b:eb:41:0e:da:f2:74:d2:b1:
7c:12:8b:0b:1d:57:24:5a:69:66:29:a1:44:3a:a8:
eb:d9:08:43:97:ff:8c:6a:ab:7f:60:d6:5b:20:9b:
88:df:88:b9:91:2c:15:fe:25:f0:ec:56:75:0c:a7:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1E:C3:7C:51:B3:52:06:B9:CD:6E:B2:0C:9C:7A:6D:0B:7E:4B:F8
X509v3 Authority Key Identifier:
keyid:30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/3B7DfFGzUga5zW6yDJx6bQt-S_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:964::/48
2001:678:a00::/48
Signature Algorithm: sha256WithRSAEncryption
00:c2:d2:4f:79:8d:20:5f:31:d8:87:63:44:2a:4f:44:f4:67:
14:44:f1:ba:a3:c4:94:a8:d3:cf:f1:f1:ef:aa:c4:8b:3b:37:
67:05:c3:93:9d:8f:79:ff:7d:1b:d2:f7:70:07:dd:9f:af:88:
f0:c3:e4:7c:9c:05:55:94:bd:04:72:53:5e:3b:f2:eb:7e:df:
f0:7b:6f:08:b1:5c:a9:ee:e4:66:fa:77:11:8d:4b:b8:85:d4:
f1:de:d9:31:95:b5:3e:23:9e:b1:04:47:cd:ce:c1:53:d5:46:
c9:9b:09:16:f2:77:8e:de:f8:cc:8a:d5:52:77:02:38:68:75:
84:70:25:b0:f5:c0:98:f7:16:6c:e0:c7:bb:16:88:c1:94:9a:
00:51:aa:ef:35:65:db:a2:bf:bd:87:3e:4b:92:f5:4a:13:b9:
d8:38:6b:ea:ae:be:a5:f6:c0:e0:62:d9:7c:ad:87:c2:50:c7:
fa:ec:7c:3e:0c:86:1b:b9:c3:28:31:01:e7:5f:cc:80:4d:d7:
93:5c:1d:9a:8a:23:c8:10:c9:5f:ca:b1:1d:3f:a5:65:37:b6:
16:55:38:33:04:dd:fe:82:06:e0:71:0e:df:16:67:fe:ca:3b:
f8:47:38:b1:31:4b:ac:91:8c:01:ae:87:56:b4:25:d0:00:a3:
b8:31:a1:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYq2vl74Kvg9A8AT5fCHSw1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjY4MDZhNmI4ZGFjNjhjMmEzMmI2NTg0OTIyOTUyNGZj
MzNkYTcwHhcNMjMwOTIxMDc1NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzFlYzM3YzUxYjM1MjA2YjljZDZlYjIwYzljN2E2ZDBiN2U0YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSaSin9zai5hWUQCvI8HsBTlCqHz
msXOZEQ9ZGVFY0QpgVLbMW72HiWmz9g13AegTJZhJkWHSNB3ROh6UIe7NzEoK8Kd
eTQsziV3Q9BUXby/Q3goqjcWT38X5PalY1ZSosVnN2/NVnha+aalEOxZ9w57F9BY
UEyh24Szeh3lIuTUko3QcoNrZ4Hb/6jchfMJpyEuLWS5bDn1VwNQydrvkqd+BrZM
5ZbNWx4WKe3/P+W7jLyZSv96cGL/hlfUyASuCfbt5j48umc760EO2vJ00rF8EosL
HVckWmlmKaFEOqjr2QhDl/+Maqt/YNZbIJuI34i5kSwV/iXw7FZ1DKdMNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNwew3xRs1IGuc1usgycem0Lfkv4MB8GA1UdIwQY
MBaAFDAmgGprjaxowqMrZYSSKVJPwz2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUt
MDhlMmIxMDE3OTI3LzEvM0I3RGZGR3pVZ2E1elc2eURKeDZiUXQtU19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUtMDhlMmIxMDE3OTI3
LzEvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAlk
AwcAIAEGeAoAMA0GCSqGSIb3DQEBCwUAA4IBAQAAwtJPeY0gXzHYh2NEKk9E9GcU
RPG6o8SUqNPP8fHvqsSLOzdnBcOTnY95/30b0vdwB92fr4jww+R8nAVVlL0EclNe
O/Lrft/we28IsVyp7uRm+ncRjUu4hdTx3tkxlbU+I56xBEfNzsFT1UbJmwkW8neO
3vjMitVSdwI4aHWEcCWw9cCY9xZs4Me7FojBlJoAUarvNWXbor+9hz5LkvVKE7nY
OGvqrr6l9sDgYtl8rYfCUMf67Hw+DIYbucMoMQHnX8yATdeTXB2aiiPIEMlfyrEd
P6VlN7YWVTgzBN3+ggbgcQ7fFmf+yjv4RzixMUuskYwBrodWtCXQAKO4MaEA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:52 2024 by rpki-client on console-ams.rpki-client.org