Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/tdzcrJI0HiEWH5z8HfzwsYWC0uk.roa
File: tdzcrJI0HiEWH5z8HfzwsYWC0uk.roa (raw, json)
Hash identifier: 8wLUjDrBvwm7INqPCoh2ojckGN4rKi1PEDyt7pjWMcU=
Subject key identifier: B5:DC:DC:AC:92:34:1E:21:16:1F:9C:FC:1D:FC:F0:B1:85:82:D2:E9
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018D5583D58A08E4C32B2B70A743B61477F6
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/tdzcrJI0HiEWH5z8HfzwsYWC0uk.roa
Signing time: Mon 29 Jan 2024 13:58:39 +0000
ROA not before: Mon 29 Jan 2024 13:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215738
IP address blocks: 2a12:3e80:401::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Sep 2024 14:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:83:d5:8a:08:e4:c3:2b:2b:70:a7:43:b6:14:77:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Jan 29 13:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5dcdcac92341e21161f9cfc1dfcf0b18582d2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:90:9a:e5:e8:56:21:c1:47:29:0f:b9:64:76:
54:d3:31:90:5e:d1:bb:4a:f5:05:75:7c:44:37:7d:
a8:4b:a8:3a:6c:e3:62:08:7d:4a:23:4e:f5:59:24:
53:75:1d:57:ee:1a:43:df:0a:f9:ed:e7:6e:bb:00:
e7:69:b4:2d:f8:f3:6b:3e:97:3a:07:3a:17:9d:8f:
38:aa:2b:13:fd:15:a9:6d:0a:92:d5:34:5f:5e:e6:
b3:be:6d:67:d4:99:6b:6a:47:12:e0:c4:2c:de:ca:
48:f7:5a:3e:d8:ee:35:2d:20:2b:af:7b:86:6d:e3:
c9:10:a7:49:fd:9a:51:6f:7d:32:ef:d0:09:39:3a:
ca:f5:be:b3:31:4a:85:3a:cb:5f:e0:00:28:32:4c:
c3:89:d1:4a:74:09:9e:08:75:95:fb:ea:de:be:ac:
e9:3f:f3:7c:d4:ba:ab:ce:d3:25:22:30:fa:79:a1:
ea:e3:60:94:16:a6:e7:c8:05:31:df:ab:87:45:c5:
3d:28:bb:cb:82:02:61:a3:88:75:de:e6:ed:49:59:
ba:81:af:56:13:3f:25:4e:51:19:30:51:40:e6:01:
86:44:ba:81:dc:aa:8f:47:8d:cb:b2:84:92:2c:79:
6d:1f:24:2a:57:79:2f:a5:98:4d:81:b9:8c:d9:da:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:DC:AC:92:34:1E:21:16:1F:9C:FC:1D:FC:F0:B1:85:82:D2:E9
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/tdzcrJI0HiEWH5z8HfzwsYWC0uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3e80:401::/48
Signature Algorithm: sha256WithRSAEncryption
6d:d7:00:cc:b8:86:5e:9c:dc:a0:c0:5d:c0:d8:ac:58:05:3d:
89:23:e8:59:f8:d8:50:d4:16:16:93:53:c4:3f:67:ff:c2:56:
60:a6:4b:a4:75:9e:51:9b:c5:6d:64:d8:d7:45:bc:a1:44:a7:
62:32:2c:25:50:4e:b8:49:44:f5:d6:0d:0e:38:9c:05:f8:a8:
88:59:2c:c2:56:62:4c:9e:1d:3f:08:75:2d:88:a0:e9:bd:68:
37:de:3c:16:d2:14:99:ac:19:19:5b:57:cb:e9:f3:8f:42:ce:
a1:f7:72:48:fe:e8:82:ec:d1:fc:f4:62:d3:e1:79:af:d0:1e:
42:a7:a0:63:63:00:b5:38:a6:81:49:1e:8e:dd:b3:6c:e5:99:
16:b2:a3:ac:e3:84:d1:61:df:0c:4d:33:59:e7:31:ca:57:b0:
b5:0c:8b:7f:af:bb:ec:bb:2b:08:1a:49:cf:ca:04:fb:55:ea:
a3:87:dc:e3:a6:c8:6e:d3:e5:c7:21:6c:8f:72:1c:92:d2:a2:
51:3d:45:7a:db:31:0f:b7:9b:c1:04:5d:76:ba:15:b3:53:c3:
ae:1c:a8:68:69:a0:5e:5a:db:f5:42:fd:f4:a5:50:12:2c:68:
dc:16:c1:a9:67:ad:bc:8d:d2:13:5b:28:4c:1e:ee:9a:1b:08:
46:3f:28:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1Vg9WKCOTDKytwp0O2FHf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjQwMTI5MTM1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRjZGNhYzkyMzQxZTIxMTYxZjljZmMxZGZjZjBiMTg1ODJkMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZCa5ehWIcFHKQ+5ZHZU0zGQXtG7
SvUFdXxEN32oS6g6bONiCH1KI071WSRTdR1X7hpD3wr57eduuwDnabQt+PNrPpc6
BzoXnY84qisT/RWpbQqS1TRfXuazvm1n1JlrakcS4MQs3spI91o+2O41LSArr3uG
bePJEKdJ/ZpRb30y79AJOTrK9b6zMUqFOstf4AAoMkzDidFKdAmeCHWV++revqzp
P/N81LqrztMlIjD6eaHq42CUFqbnyAUx36uHRcU9KLvLggJho4h13ubtSVm6ga9W
Ez8lTlEZMFFA5gGGRLqB3KqPR43LsoSSLHltHyQqV3kvpZhNgbmM2do6CwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLXc3KySNB4hFh+c/B388LGFgtLpMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvdGR6Y3JKSTBIaUVXSDV6OEhmendzWVdDMHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI+gAQB
MA0GCSqGSIb3DQEBCwUAA4IBAQBt1wDMuIZenNygwF3A2KxYBT2JI+hZ+NhQ1BYW
k1PEP2f/wlZgpkukdZ5Rm8VtZNjXRbyhRKdiMiwlUE64SUT11g0OOJwF+KiIWSzC
VmJMnh0/CHUtiKDpvWg33jwW0hSZrBkZW1fL6fOPQs6h93JI/uiC7NH89GLT4Xmv
0B5Cp6BjYwC1OKaBSR6O3bNs5ZkWsqOs44TRYd8MTTNZ5zHKV7C1DIt/r7vsuysI
GknPygT7Veqjh9zjpshu0+XHIWyPchyS0qJRPUV62zEPt5vBBF12uhWzU8OuHKho
aaBeWtv1Qv30pVASLGjcFsGpZ628jdITWyhMHu6aGwhGPyi4
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:11:00 2024 by rpki-client on console-fra.rpki-client.org