Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/3p49hRotJ8q1M29TYdof1hSObN0.roa
File: 3p49hRotJ8q1M29TYdof1hSObN0.roa (raw, json)
Hash identifier: 9+9CKxYPo4hjUj8FvQn3ryFF3QgWWvnFWcm/HVW+mgI=
Subject key identifier: DE:9E:3D:85:1A:2D:27:CA:B5:33:6F:53:61:DA:1F:D6:14:8E:6C:DD
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018BC954270B6089BEEE344A4BD226C3D7E0
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/3p49hRotJ8q1M29TYdof1hSObN0.roa
Signing time: Mon 13 Nov 2023 15:36:57 +0000
ROA not before: Mon 13 Nov 2023 15:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200373
IP address blocks: 2a13:3f85::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f80::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:54:27:0b:60:89:be:ee:34:4a:4b:d2:26:c3:d7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Nov 13 15:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de9e3d851a2d27cab5336f5361da1fd6148e6cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:71:b1:68:fa:bd:c7:5a:51:a9:09:88:55:
45:92:df:90:61:22:5e:1a:4e:5c:a4:26:b7:8c:74:
e1:34:39:6d:59:6b:59:d1:87:11:ae:4a:1c:53:6f:
57:98:c9:ba:44:92:d0:a4:57:a6:79:ac:80:6e:ee:
ec:96:d8:b7:f4:2c:b6:a0:c5:4c:07:d1:22:0d:ce:
f5:06:29:c7:25:82:5a:6d:66:64:a3:d3:08:14:ac:
79:04:4f:f5:44:97:67:0f:6f:c1:1c:74:d1:29:2f:
f9:e9:04:96:42:87:fa:c5:5e:47:79:2e:50:6b:54:
73:8d:eb:7e:72:34:12:67:62:95:0f:48:30:a0:8f:
9c:70:47:b5:a9:0d:92:9f:66:f9:b2:55:04:2b:72:
d0:b5:c4:ea:e7:25:9e:8e:f4:1f:dd:d6:7c:73:60:
ff:a4:fd:68:c9:27:0e:bd:a1:34:33:e5:7f:42:c5:
1e:a2:0b:1f:9c:6c:2b:04:4f:c0:76:85:43:4a:29:
ba:76:56:6b:ee:8b:f6:e3:74:ba:58:51:eb:94:27:
4f:75:79:b9:e4:92:f7:b1:27:3d:14:3e:60:34:54:
9e:6f:33:ea:2a:f5:9d:05:9a:7c:09:71:eb:69:16:
e1:f5:06:d7:58:e9:81:ef:b9:9b:78:cd:9a:2c:0c:
b1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9E:3D:85:1A:2D:27:CA:B5:33:6F:53:61:DA:1F:D6:14:8E:6C:DD
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/3p49hRotJ8q1M29TYdof1hSObN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:5b:b1:26:c4:3f:51:67:06:67:16:35:f5:86:06:7b:0b:54:
44:aa:6e:8d:3c:ad:92:cb:2b:ca:3c:fe:0f:64:c7:ca:68:bf:
7c:39:c4:5d:5a:ed:3f:b8:6c:5d:b4:db:b2:d8:17:cc:77:c1:
f2:7a:53:68:21:8a:c2:fb:21:0e:ef:a8:7a:1a:69:8e:6a:8c:
99:f2:d1:3d:61:13:2a:35:32:fd:32:4d:cc:98:9e:84:c4:d6:
08:dc:43:26:73:5b:46:cf:c5:92:a3:64:10:a5:0b:4a:9e:d8:
a6:02:bf:23:76:66:ff:e4:19:e5:25:59:5f:2e:87:e7:77:1f:
57:bb:b0:1c:1f:6e:ba:61:bf:8f:3f:be:1c:37:3c:3d:1c:7d:
5c:53:7f:b2:2c:b7:e8:b1:a1:77:50:4a:3d:1b:1f:16:e5:77:
b7:88:c2:65:bb:7b:c9:89:d9:85:82:0b:6f:4d:8e:54:50:cc:
1d:77:b9:ab:d8:4f:c3:9a:28:28:1c:1d:14:43:0b:cf:d3:05:
ec:6e:4c:90:63:b1:02:1e:f2:57:d2:ea:fe:ac:e9:fd:b3:28:
0a:e9:d6:0c:a5:ea:8d:23:39:ac:f2:fb:99:38:5e:bc:98:c2:
fe:b3:9d:60:4a:13:d5:69:63:62:50:05:dc:24:0f:4b:a6:4f:
2d:be:a2:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJVCcLYIm+7jRKS9Imw9fgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjMxMTEzMTUzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTllM2Q4NTFhMmQyN2NhYjUzMzZmNTM2MWRhMWZkNjE0OGU2Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphlxsWj6vcdaUakJiFVFkt+QYSJe
Gk5cpCa3jHThNDltWWtZ0YcRrkocU29XmMm6RJLQpFemeayAbu7slti39Cy2oMVM
B9EiDc71BinHJYJabWZko9MIFKx5BE/1RJdnD2/BHHTRKS/56QSWQof6xV5HeS5Q
a1Rzjet+cjQSZ2KVD0gwoI+ccEe1qQ2Sn2b5slUEK3LQtcTq5yWejvQf3dZ8c2D/
pP1oyScOvaE0M+V/QsUeogsfnGwrBE/AdoVDSim6dlZr7ov243S6WFHrlCdPdXm5
5JL3sSc9FD5gNFSebzPqKvWdBZp8CXHraRbh9QbXWOmB77mbeM2aLAyxjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN6ePYUaLSfKtTNvU2HaH9YUjmzdMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvM3A0OWhSb3RKOHExTTI5VFlkb2YxaFNPYk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKhM/gDAO
AwUAKhM/gwMFAyoTP4AwDQYJKoZIhvcNAQELBQADggEBAHhbsSbEP1FnBmcWNfWG
BnsLVESqbo08rZLLK8o8/g9kx8pov3w5xF1a7T+4bF2027LYF8x3wfJ6U2ghisL7
IQ7vqHoaaY5qjJny0T1hEyo1Mv0yTcyYnoTE1gjcQyZzW0bPxZKjZBClC0qe2KYC
vyN2Zv/kGeUlWV8uh+d3H1e7sBwfbrphv48/vhw3PD0cfVxTf7Ist+ixoXdQSj0b
Hxbld7eIwmW7e8mJ2YWCC29NjlRQzB13uavYT8OaKCgcHRRDC8/TBexuTJBjsQIe
8lfS6v6s6f2zKArp1gyl6o0jOazy+5k4XryYwv6znWBKE9VpY2JQBdwkD0umTy2+
ojU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:52 2024 by rpki-client on console-fra.rpki-client.org