Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tfRJH8frjN7p0DJBCuUNsMDz_5g.roa
File: tfRJH8frjN7p0DJBCuUNsMDz_5g.roa (raw, json)
Hash identifier: t+Zt58GiGdL9T7u/6QvlrnyCcph6IOHdlNks91dmCIk=
Subject key identifier: B5:F4:49:1F:C7:EB:8C:DE:E9:D0:32:41:0A:E5:0D:B0:C0:F3:FF:98
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018E0CF8E17BDD166AB13E13B43E5025832A
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tfRJH8frjN7p0DJBCuUNsMDz_5g.roa
Signing time: Tue 05 Mar 2024 04:57:01 +0000
ROA not before: Tue 05 Mar 2024 04:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a0b:d900::/29 maxlen: 29
2a0c:f643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0c:f8:e1:7b:dd:16:6a:b1:3e:13:b4:3e:50:25:83:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 5 04:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f4491fc7eb8cdee9d032410ae50db0c0f3ff98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:eb:f8:88:49:d5:5f:e0:6b:ff:ec:a3:22:
37:4d:3b:75:96:db:d5:7a:3c:c0:ee:10:ea:42:c3:
51:f0:58:59:e8:ee:8e:67:c6:b8:33:73:89:02:16:
72:ce:ed:6e:51:ea:d2:41:52:70:00:37:1e:0b:88:
3e:78:ba:79:84:67:41:26:be:28:e3:81:ab:96:28:
86:0b:93:59:60:74:46:af:37:c2:61:ee:be:c4:0d:
e0:79:10:95:d3:c9:36:2d:bd:72:c7:4a:dd:45:aa:
a2:80:c4:2c:73:28:63:ea:88:88:25:82:db:1d:69:
78:a7:40:52:e8:9c:b9:6e:9c:bd:9e:f5:79:65:db:
73:fd:07:fd:65:75:fc:39:50:50:1e:29:88:90:5e:
08:bc:5f:4b:09:32:5c:00:8f:0a:0c:ae:15:65:43:
b9:69:3b:fb:31:2d:aa:89:1e:85:46:3a:68:ca:6a:
60:8d:a8:f4:fa:be:20:22:69:a6:a7:6b:ee:f4:3a:
2b:9d:34:f1:8b:d3:0a:f1:66:fa:fb:d5:87:36:a6:
eb:76:48:a0:cd:d0:17:15:94:b7:7e:37:d8:ae:fa:
6d:91:24:3a:b0:0d:26:9c:8a:6c:2a:8a:92:e1:ee:
cb:69:d8:e6:48:7a:21:d4:02:2d:cc:78:99:33:fa:
1a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F4:49:1F:C7:EB:8C:DE:E9:D0:32:41:0A:E5:0D:B0:C0:F3:FF:98
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tfRJH8frjN7p0DJBCuUNsMDz_5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:d900::/29
2a0c:f643::/32
Signature Algorithm: sha256WithRSAEncryption
93:84:13:d2:54:de:8f:a4:ec:c7:93:42:26:44:ba:50:e3:da:
8d:ac:82:03:5d:1f:d2:75:e2:4d:4d:92:df:ac:a7:7a:dc:c8:
db:39:5f:bf:5b:33:14:32:26:0e:9f:dc:12:4a:a7:30:12:dd:
92:af:29:04:dd:3e:93:e8:bc:03:cd:6e:6a:31:9e:26:0e:f2:
dc:4e:76:b7:06:88:de:cb:07:24:eb:b4:f5:37:b1:4b:16:31:
55:7e:a7:24:c3:a8:c2:e1:07:bd:5a:7a:d4:e6:58:a9:eb:e0:
91:ea:72:98:39:78:97:9f:68:68:6f:b1:32:8c:01:41:4f:6b:
a5:05:0c:9d:17:23:d0:16:5f:f0:55:68:fb:40:e9:5d:05:37:
14:c2:d9:9b:97:50:5c:90:42:d1:09:70:f7:04:22:30:15:10:
c0:62:59:71:24:93:78:73:38:fe:eb:33:2a:f1:d1:0f:cb:a3:
9a:7c:42:32:2b:ff:1b:dc:ca:2d:ab:7f:2d:68:02:d8:06:b1:
89:62:e4:bb:b7:25:fe:91:a5:86:3e:6d:5e:f2:59:e6:ee:0f:
d2:76:d4:3e:0f:36:62:6f:08:43:d4:1d:21:f6:79:48:2a:21:
f7:44:f2:6c:df:33:fa:d9:fb:f9:b3:73:09:50:50:85:61:15:
f4:fb:a0:61
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4M+OF73RZqsT4TtD5QJYMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMzA1MDQ1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY0NDkxZmM3ZWI4Y2RlZTlkMDMyNDEwYWU1MGRiMGMwZjNmZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf/r+IhJ1V/ga//soyI3TTt1ltvV
ejzA7hDqQsNR8FhZ6O6OZ8a4M3OJAhZyzu1uUerSQVJwADceC4g+eLp5hGdBJr4o
44GrliiGC5NZYHRGrzfCYe6+xA3geRCV08k2Lb1yx0rdRaqigMQscyhj6oiIJYLb
HWl4p0BS6Jy5bpy9nvV5Zdtz/Qf9ZXX8OVBQHimIkF4IvF9LCTJcAI8KDK4VZUO5
aTv7MS2qiR6FRjpoympgjaj0+r4gImmmp2vu9DornTTxi9MK8Wb6+9WHNqbrdkig
zdAXFZS3fjfYrvptkSQ6sA0mnIpsKoqS4e7LadjmSHoh1AItzHiZM/oaTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLX0SR/H64ze6dAyQQrlDbDA8/+YMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvdGZSSkg4ZnJqTjdwMERKQkN1VU5zTUR6XzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgvZAAMF
ACoM9kMwDQYJKoZIhvcNAQELBQADggEBAJOEE9JU3o+k7MeTQiZEulDj2o2sggNd
H9J14k1Nkt+sp3rcyNs5X79bMxQyJg6f3BJKpzAS3ZKvKQTdPpPovAPNbmoxniYO
8txOdrcGiN7LByTrtPU3sUsWMVV+pyTDqMLhB71aetTmWKnr4JHqcpg5eJefaGhv
sTKMAUFPa6UFDJ0XI9AWX/BVaPtA6V0FNxTC2ZuXUFyQQtEJcPcEIjAVEMBiWXEk
k3hzOP7rMyrx0Q/Lo5p8QjIr/xvcyi2rfy1oAtgGsYli5Lu3Jf6RpYY+bV7yWebu
D9J21D4PNmJvCEPUHSH2eUgqIfdE8mzfM/rZ+/mzcwlQUIVhFfT7oGE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:14 2024 by rpki-client on console-ams.rpki-client.org