Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lYEgW-R6t0mn3EkmKXhWXoJSlDw.roa
File: lYEgW-R6t0mn3EkmKXhWXoJSlDw.roa (raw, json)
Hash identifier: H/CR/fV/+qLj6fS+zb/W1miMNNWeBFa2FTP3E9Mw0us=
Subject key identifier: 95:81:20:5B:E4:7A:B7:49:A7:DC:49:26:29:78:56:5E:82:52:94:3C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018AF9F5505C4388A46E3925B1F7324ECE49
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lYEgW-R6t0mn3EkmKXhWXoJSlDw.roa
Signing time: Wed 04 Oct 2023 09:11:58 +0000
ROA not before: Wed 04 Oct 2023 09:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199290
IP address blocks: 2a0a:3000::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:f5:50:5c:43:88:a4:6e:39:25:b1:f7:32:4e:ce:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Oct 4 09:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9581205be47ab749a7dc49262978565e8252943c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:95:16:c7:4e:19:31:c0:6c:07:9b:ee:45:81:
b1:c2:6d:cb:8e:7a:b7:30:41:d9:d3:f7:5c:3d:bc:
72:cc:8e:dd:9b:69:a8:e1:1e:d0:f3:0c:98:b0:4c:
b5:82:58:5b:ef:00:09:0c:bf:f4:f7:15:c7:73:ab:
e1:d9:00:07:9d:3d:1e:a9:b0:ac:86:07:62:e1:f7:
05:28:c1:76:76:6a:88:54:71:ce:ed:98:47:92:5d:
13:af:16:d9:32:5e:e0:06:95:ff:de:b1:cc:93:2d:
3e:81:fd:f9:e9:8b:0a:3e:e2:e8:90:97:aa:c6:29:
d4:cb:28:93:ca:b7:17:9e:69:d4:6b:7f:9d:17:db:
93:df:e3:eb:c3:46:91:4d:43:7b:c9:c4:eb:d7:58:
23:62:91:85:72:0b:71:17:92:a6:10:4a:a0:89:8a:
c2:99:a7:98:34:96:ee:7b:39:8f:67:44:07:7a:8c:
32:78:f5:7d:51:82:7a:31:44:62:e1:27:5a:d1:e0:
58:77:a8:09:a9:ff:e9:9f:66:42:0b:b4:fb:bd:4a:
1b:ea:e7:36:44:69:13:0a:22:a9:22:c8:a2:36:ce:
e0:da:2d:36:e7:c7:d7:1b:6f:0f:e6:35:c1:0f:ca:
cf:54:95:d7:7f:18:f7:6c:02:17:e6:2d:db:25:e2:
91:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:81:20:5B:E4:7A:B7:49:A7:DC:49:26:29:78:56:5E:82:52:94:3C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lYEgW-R6t0mn3EkmKXhWXoJSlDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:3000::/32
Signature Algorithm: sha256WithRSAEncryption
b9:5a:6a:b3:6e:8e:05:44:9e:42:e3:2f:fb:bc:86:4a:07:a6:
ae:81:1b:82:03:f7:4f:7a:45:42:84:c0:d8:5a:6e:b5:98:3b:
0c:57:c0:f3:ba:e2:9b:96:a0:c3:1d:47:83:8b:49:a6:c4:19:
ba:ec:2d:f8:aa:40:f1:c1:e8:4f:c7:46:34:93:f5:44:29:e2:
b0:1f:fa:a7:60:3e:c0:6c:d4:d9:dc:47:78:b6:2c:de:a0:d5:
0e:7d:2d:4c:d0:0e:f3:a8:aa:69:62:b5:42:89:18:59:df:44:
48:ff:ed:0a:33:c1:df:dd:e6:ff:07:32:90:5d:10:f1:b1:fd:
7a:4e:1f:60:92:a8:3e:f6:2d:25:23:55:70:d4:74:53:d5:74:
84:d1:13:7f:2d:0f:55:e7:6e:0b:57:f0:4c:0e:fb:24:c7:0b:
0e:fa:91:1d:d4:67:ad:60:a5:79:3d:6a:d2:ba:2d:48:55:83:
81:51:8b:f9:2b:9d:ad:dd:6b:de:d3:a2:46:27:5c:34:ef:a6:
37:46:64:cd:c6:32:19:82:81:fc:99:4b:8f:e7:13:92:af:7b:
c8:bc:7f:c5:30:aa:53:4f:7f:04:3d:85:f7:88:8b:b8:5e:f7:
49:5b:f4:79:4f:c6:9c:70:13:ea:0c:d2:b8:8c:66:c9:dc:54:
38:69:8c:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYr59VBcQ4ikbjklsfcyTs5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMxMDA0MDkxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgxMjA1YmU0N2FiNzQ5YTdkYzQ5MjYyOTc4NTY1ZTgyNTI5NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJUWx04ZMcBsB5vuRYGxwm3Ljnq3
MEHZ0/dcPbxyzI7dm2mo4R7Q8wyYsEy1glhb7wAJDL/09xXHc6vh2QAHnT0eqbCs
hgdi4fcFKMF2dmqIVHHO7ZhHkl0TrxbZMl7gBpX/3rHMky0+gf356YsKPuLokJeq
xinUyyiTyrcXnmnUa3+dF9uT3+Prw0aRTUN7ycTr11gjYpGFcgtxF5KmEEqgiYrC
maeYNJbuezmPZ0QHeowyePV9UYJ6MURi4Sda0eBYd6gJqf/pn2ZCC7T7vUob6uc2
RGkTCiKpIsiiNs7g2i0258fXG28P5jXBD8rPVJXXfxj3bAIX5i3bJeKRzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJWBIFvkerdJp9xJJil4Vl6CUpQ8MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbFlFZ1ctUjZ0MG1uM0VrbUtYaFdYb0pTbER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgowADAN
BgkqhkiG9w0BAQsFAAOCAQEAuVpqs26OBUSeQuMv+7yGSgemroEbggP3T3pFQoTA
2FputZg7DFfA87rim5agwx1Hg4tJpsQZuuwt+KpA8cHoT8dGNJP1RCnisB/6p2A+
wGzU2dxHeLYs3qDVDn0tTNAO86iqaWK1QokYWd9ESP/tCjPB393m/wcykF0Q8bH9
ek4fYJKoPvYtJSNVcNR0U9V0hNETfy0PVeduC1fwTA77JMcLDvqRHdRnrWCleT1q
0rotSFWDgVGL+Sudrd1r3tOiRidcNO+mN0ZkzcYyGYKB/JlLj+cTkq97yLx/xTCq
U09/BD2F94iLuF73SVv0eU/GnHAT6gzSuIxmydxUOGmMmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org