Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/tlERJXxVbHwaqmDkUMQeK9T-JRM.roa
File: tlERJXxVbHwaqmDkUMQeK9T-JRM.roa (raw, json)
Hash identifier: IdS242PM4sjk7N4yoCkf5gYbAdjoX/SeuL3kNwwh2Bg=
Subject key identifier: B6:51:11:25:7C:55:6C:7C:1A:AA:60:E4:50:C4:1E:2B:D4:FE:25:13
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 01856FA70435CEDF5FBC7F596993D43D43EF
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/tlERJXxVbHwaqmDkUMQeK9T-JRM.roa
Signing time: Sun 01 Jan 2023 23:24:54 +0000
ROA not before: Sun 01 Jan 2023 23:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20495
IP address blocks: 2a04:d9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 May 2023 08:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:04:35:ce:df:5f:bc:7f:59:69:93:d4:3d:43:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Jan 1 23:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b65111257c556c7c1aaa60e450c41e2bd4fe2513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:77:a7:b2:1a:1a:2e:0c:8a:bc:dd:81:a4:62:
7d:98:35:33:79:8c:2c:14:8e:2c:82:17:b7:83:86:
44:eb:ba:ed:36:31:e3:79:07:5d:19:02:bf:bf:32:
d8:10:0e:f6:e5:99:a3:68:c1:f2:5c:2a:bd:07:2e:
b5:b9:a3:f2:bf:de:b6:1a:15:e9:54:ea:b3:6c:f6:
26:c5:1d:0e:a8:8a:c7:78:cb:d0:2b:33:29:78:6c:
0a:57:2d:8e:f2:27:7c:36:ea:0d:7b:62:11:5e:5f:
8e:bd:f1:56:63:77:7c:a0:d0:29:3e:a0:a3:09:3c:
e4:c3:8f:15:c7:d9:e2:e9:43:0b:d3:ac:21:88:8f:
a8:bc:b3:5a:0e:7c:93:94:80:57:ac:25:ad:55:79:
b8:31:ed:71:fa:78:fc:a4:d0:be:75:30:67:62:63:
a5:09:26:d0:c4:4a:f5:6b:14:e9:37:b2:98:5d:ea:
97:d2:e9:92:0a:7d:42:f0:86:ea:80:29:20:f8:ee:
32:89:73:3f:d1:89:e8:65:f1:b2:56:ec:5e:e8:fa:
04:2d:24:47:de:2d:3b:e0:4c:26:3c:1b:74:a3:9c:
f8:d2:3a:ca:5a:fc:49:4b:11:15:b1:96:06:0c:d5:
8c:1a:b4:2d:1b:34:57:04:80:e1:4b:41:65:31:ab:
df:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:51:11:25:7C:55:6C:7C:1A:AA:60:E4:50:C4:1E:2B:D4:FE:25:13
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/tlERJXxVbHwaqmDkUMQeK9T-JRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:d9c0::/32
Signature Algorithm: sha256WithRSAEncryption
23:33:28:e1:f5:94:b9:c2:e3:82:c8:4a:25:7c:27:4d:d0:09:
27:c2:4e:76:32:63:23:dc:70:1a:70:fa:8a:ec:37:71:61:fc:
bb:4b:34:43:1a:31:e7:56:3b:26:b4:34:78:aa:06:70:bf:ac:
1b:76:93:f4:36:4b:bc:07:dc:ea:57:83:ed:71:14:8c:69:4f:
b2:fc:f0:42:fc:0d:95:8d:9a:89:f3:19:07:c8:4e:dc:87:20:
42:ef:99:63:8a:8a:67:b1:ea:b9:c3:c1:26:60:6d:a8:80:ca:
2d:f4:e5:10:c8:b7:34:25:79:01:b7:26:b4:ad:5c:ef:a3:27:
9e:0f:1f:59:6c:31:47:cf:76:4d:0e:45:a2:a8:62:10:a9:15:
a1:3a:3d:4c:29:12:20:3b:63:48:c9:55:b4:54:f6:5a:8e:e5:
54:7b:32:ec:d9:cb:9f:c4:48:5f:83:3f:31:f3:99:20:bd:94:
76:fa:8d:43:a6:35:6c:42:e1:3b:8c:04:41:c2:77:72:43:03:
12:da:34:88:1b:70:f0:c5:4b:08:70:85:d5:d9:8d:88:b3:bc:
b1:bc:da:4a:8c:1f:ff:bc:f8:71:f7:a6:e4:bd:c4:32:c6:5c:
dc:0e:f4:5b:0b:f4:58:79:18:d6:fb:93:a0:a0:c0:52:58:73:
eb:39:c3:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvpwQ1zt9fvH9ZaZPUPUPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjMwMTAxMjMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjUxMTEyNTdjNTU2YzdjMWFhYTYwZTQ1MGM0MWUyYmQ0ZmUyNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXenshoaLgyKvN2BpGJ9mDUzeYws
FI4sghe3g4ZE67rtNjHjeQddGQK/vzLYEA725ZmjaMHyXCq9By61uaPyv962GhXp
VOqzbPYmxR0OqIrHeMvQKzMpeGwKVy2O8id8NuoNe2IRXl+OvfFWY3d8oNApPqCj
CTzkw48Vx9ni6UML06whiI+ovLNaDnyTlIBXrCWtVXm4Me1x+nj8pNC+dTBnYmOl
CSbQxEr1axTpN7KYXeqX0umSCn1C8IbqgCkg+O4yiXM/0YnoZfGyVuxe6PoELSRH
3i074EwmPBt0o5z40jrKWvxJSxEVsZYGDNWMGrQtGzRXBIDhS0FlMavfRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLZRESV8VWx8Gqpg5FDEHivU/iUTMB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvdGxFUkpYeFZiSHdhcW1Ea1VNUWVLOVQtSlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgTZwDAN
BgkqhkiG9w0BAQsFAAOCAQEAIzMo4fWUucLjgshKJXwnTdAJJ8JOdjJjI9xwGnD6
iuw3cWH8u0s0Qxox51Y7JrQ0eKoGcL+sG3aT9DZLvAfc6leD7XEUjGlPsvzwQvwN
lY2aifMZB8hO3IcgQu+ZY4qKZ7HqucPBJmBtqIDKLfTlEMi3NCV5AbcmtK1c76Mn
ng8fWWwxR892TQ5FoqhiEKkVoTo9TCkSIDtjSMlVtFT2Wo7lVHsy7NnLn8RIX4M/
MfOZIL2UdvqNQ6Y1bELhO4wEQcJ3ckMDEto0iBtw8MVLCHCF1dmNiLO8sbzaSowf
/7z4cfem5L3EMsZc3A70Wwv0WHkY1vuToKDAUlhz6znDkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:18 2024 by rpki-client on console-ams.rpki-client.org