Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/yq67u3rjCnxDThyw8iJJyNYcSf8.roa
File: yq67u3rjCnxDThyw8iJJyNYcSf8.roa (raw, json)
Hash identifier: nSEUQPRyH13pXJ2z3ejX2enAoFRbEUIBfMgV+87fOfU=
Subject key identifier: CA:AE:BB:BB:7A:E3:0A:7C:43:4E:1C:B0:F2:22:49:C8:D6:1C:49:FF
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018CC3B6E2BAB7064A16E4BE5D2046B2D3F8
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/yq67u3rjCnxDThyw8iJJyNYcSf8.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215889
IP address blocks: 2a11:a580::/32 maxlen: 32
2a09:a740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Jan 2024 12:36:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e2:ba:b7:06:4a:16:e4:be:5d:20:46:b2:d3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caaebbbb7ae30a7c434e1cb0f22249c8d61c49ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:7d:b4:05:c3:27:b1:e3:79:7a:4c:04:2f:
71:ae:8c:61:5b:cc:ed:3f:1f:6d:1b:e9:12:12:57:
3a:cc:a5:3f:fe:ec:ba:c3:46:83:90:41:96:bc:24:
28:4d:8f:c7:71:72:29:40:61:f1:b1:7a:d6:46:d0:
45:80:22:eb:61:c7:bf:3f:f6:6b:b3:4a:b1:24:d0:
9f:87:c8:7b:c1:83:d8:23:76:82:01:48:71:21:a1:
61:14:36:c1:0f:92:4c:f6:40:c5:8e:38:53:a2:92:
dd:af:6e:56:e5:15:ad:81:20:fa:15:2b:f7:d9:f2:
8f:f3:c8:ce:73:7f:9f:37:b3:79:ac:89:de:4b:49:
0e:59:04:b7:6d:8c:09:59:f5:ce:1f:42:03:84:91:
22:05:0a:a5:66:59:9b:05:2d:6f:be:9a:a8:99:33:
66:d4:1b:e7:c1:ae:82:27:5c:1a:5f:45:24:11:ee:
40:de:18:ff:9f:2e:10:c5:ee:07:90:f3:8e:ac:d8:
87:dd:c5:73:28:72:58:23:99:16:27:a8:82:ca:77:
ac:63:61:70:56:9b:58:7c:f4:ed:a1:55:b9:1a:b2:
4b:c2:15:89:ea:eb:75:1d:3d:24:74:8e:a6:f8:52:
19:aa:6a:eb:fb:d9:01:a0:59:8f:c8:96:31:6f:da:
f6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AE:BB:BB:7A:E3:0A:7C:43:4E:1C:B0:F2:22:49:C8:D6:1C:49:FF
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/yq67u3rjCnxDThyw8iJJyNYcSf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a740::/32
2a11:a580::/32
Signature Algorithm: sha256WithRSAEncryption
34:d1:e9:ab:8d:fd:6b:30:b5:db:b5:5b:c4:22:36:aa:be:88:
20:95:42:c2:4e:68:23:41:7c:12:08:53:c0:0e:4c:df:19:3b:
5f:03:dd:48:a8:eb:d8:58:52:d7:9b:6e:30:5f:28:b6:5d:84:
7c:1b:fe:f9:3e:eb:33:0b:00:d2:3b:1f:99:28:dd:c2:14:9e:
be:92:76:fa:4a:6c:a4:55:90:b9:c0:8d:98:6b:6a:e9:4e:95:
6d:03:91:27:37:e6:d3:1b:67:bf:5c:73:8d:5b:8e:36:65:1e:
a0:4d:1a:1e:dd:56:4b:ed:e4:a9:b5:81:3c:58:4b:9f:d6:20:
38:7f:72:7c:01:35:2c:c6:bb:31:2e:03:9f:f7:b6:04:95:ec:
dc:8c:eb:cc:80:71:71:41:d0:0f:45:83:db:3e:25:93:dc:7e:
cd:94:32:71:ee:65:e9:2a:39:5a:bd:6c:cd:8b:da:f7:03:d3:
4b:63:8a:f3:77:ed:87:da:84:6f:a1:56:87:9c:1f:e1:76:3f:
c7:2d:12:92:d7:c6:94:4f:09:d7:99:94:47:b8:7a:a1:17:87:
74:7a:95:aa:e2:d5:8d:6b:b6:f2:e5:3c:53:1e:f7:1a:90:d3:
3d:71:8b:52:be:eb:d9:bb:c2:df:28:55:f4:d9:1e:17:9d:1b:
56:35:9a:d6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtuK6twZKFuS+XSBGstP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFlYmJiYjdhZTMwYTdjNDM0ZTFjYjBmMjIyNDljOGQ2MWM0OWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBt9tAXDJ7HjeXpMBC9xroxhW8zt
Px9tG+kSElc6zKU//uy6w0aDkEGWvCQoTY/HcXIpQGHxsXrWRtBFgCLrYce/P/Zr
s0qxJNCfh8h7wYPYI3aCAUhxIaFhFDbBD5JM9kDFjjhTopLdr25W5RWtgSD6FSv3
2fKP88jOc3+fN7N5rIneS0kOWQS3bYwJWfXOH0IDhJEiBQqlZlmbBS1vvpqomTNm
1Bvnwa6CJ1waX0UkEe5A3hj/ny4Qxe4HkPOOrNiH3cVzKHJYI5kWJ6iCynesY2Fw
VptYfPTtoVW5GrJLwhWJ6ut1HT0kdI6m+FIZqmrr+9kBoFmPyJYxb9r2JwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMquu7t64wp8Q04csPIiScjWHEn/MB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEveXE2N3UzcmpDbnhEVGh5dzhpSkp5TlljU2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmnQAMF
ACoRpYAwDQYJKoZIhvcNAQELBQADggEBADTR6auN/Wswtdu1W8QiNqq+iCCVQsJO
aCNBfBIIU8AOTN8ZO18D3Uio69hYUtebbjBfKLZdhHwb/vk+6zMLANI7H5ko3cIU
nr6SdvpKbKRVkLnAjZhraulOlW0DkSc35tMbZ79cc41bjjZlHqBNGh7dVkvt5Km1
gTxYS5/WIDh/cnwBNSzGuzEuA5/3tgSV7NyM68yAcXFB0A9Fg9s+JZPcfs2UMnHu
ZekqOVq9bM2L2vcD00tjivN37YfahG+hVoecH+F2P8ctEpLXxpRPCdeZlEe4eqEX
h3R6lari1Y1rtvLlPFMe9xqQ0z1xi1K+69m7wt8oVfTZHhedG1Y1mtY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-fra.rpki-client.org