Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/yZ4Ql7rjrsXz8X7EExW10xq40aE.roa
File: yZ4Ql7rjrsXz8X7EExW10xq40aE.roa (raw, json)
Hash identifier: bUuYAljLsFSfVaM81qo+m8+rWwkGCLXhizUfr1VdeBo=
Subject key identifier: C9:9E:10:97:BA:E3:AE:C5:F3:F1:7E:C4:13:15:B5:D3:1A:B8:D1:A1
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 01872D4AC3252C690A2D530A14F4BA2971B9
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/yZ4Ql7rjrsXz8X7EExW10xq40aE.roa
Signing time: Wed 29 Mar 2023 12:14:46 +0000
ROA not before: Wed 29 Mar 2023 12:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3360
IP address blocks: 2a03:5000:31::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Jun 2023 16:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:4a:c3:25:2c:69:0a:2d:53:0a:14:f4:ba:29:71:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Mar 29 12:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c99e1097bae3aec5f3f17ec41315b5d31ab8d1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:20:a5:55:27:0a:f6:b6:4c:4f:b6:b7:7f:5a:
66:e3:a6:92:84:c5:14:e5:e3:3e:e2:46:ce:06:f6:
c4:dc:3e:34:f6:5b:66:a2:36:3b:8e:55:36:9c:95:
9a:76:48:07:70:11:02:cf:3d:cf:92:39:ef:6e:84:
58:a9:cc:65:01:74:af:e2:e0:3d:3f:2b:7e:e7:08:
38:7f:69:ea:0c:57:50:fa:b7:e7:d7:c1:f2:9a:b8:
26:6e:8f:b7:17:da:4f:23:f4:dc:cf:e5:65:f2:eb:
af:56:d3:b3:56:88:18:d8:c7:20:93:96:00:3a:6f:
56:91:76:dd:77:dc:76:fb:83:43:1c:6e:e2:b7:5e:
dd:3c:81:d4:67:c1:9e:cc:38:5d:17:0c:6d:ec:db:
e9:10:aa:6f:0e:2d:1c:8b:12:5f:58:74:8b:47:cb:
65:75:e7:1d:f1:53:d7:6f:c2:89:d4:6d:99:c1:7f:
93:bb:33:0c:b2:5d:dc:c6:b3:4a:fb:6b:f7:3a:17:
78:57:87:70:63:50:df:d3:4e:68:7a:93:a2:4d:1e:
bb:f7:2f:4c:77:4c:f4:47:42:2e:22:0e:d4:67:5d:
3a:1a:75:b6:64:e8:ba:e3:68:bd:6a:e2:f0:a7:dc:
49:6e:b9:5b:a3:64:fa:ad:4b:14:1a:4a:38:71:c9:
a6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9E:10:97:BA:E3:AE:C5:F3:F1:7E:C4:13:15:B5:D3:1A:B8:D1:A1
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/yZ4Ql7rjrsXz8X7EExW10xq40aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:21::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:31::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c2:13:b4:c7:3a:12:39:2f:35:4f:8a:f8:a0:cd:5a:2e:81:40:
32:df:14:0e:bd:84:12:fc:72:37:59:a8:8d:06:a6:89:d3:89:
c3:81:d9:d6:f4:78:61:7e:dc:60:51:d9:bb:ab:43:57:39:b7:
89:4d:31:47:88:58:cf:3a:c6:7b:f5:73:88:18:65:fd:fe:1a:
28:00:be:e4:16:32:76:97:8a:2b:de:93:da:74:20:e9:c0:bf:
db:b5:c1:87:7b:74:6f:2a:a7:bd:7c:e9:2f:36:0a:9c:3b:07:
1a:53:e9:f3:41:cb:aa:ba:0c:4c:40:34:59:74:89:7b:e2:8c:
8b:57:00:60:6c:30:01:12:1b:92:a3:10:02:4f:8c:79:60:4a:
ca:bc:12:3f:71:63:ed:2c:dd:d8:9b:fc:23:4e:3c:63:c1:9a:
ee:13:6f:57:48:3f:98:c8:f8:0f:1c:37:0c:7e:86:06:c3:e7:
d3:c0:23:bc:71:66:15:11:87:37:90:35:d2:4c:48:84:f8:11:
de:dc:91:4c:60:a1:63:bb:00:bc:9a:85:90:bb:34:4f:70:7d:
8a:1f:f7:df:bd:4f:ba:e2:94:fc:32:f7:09:08:4b:28:6d:0e:
38:61:d4:f6:a3:ab:f7:a0:0f:71:f7:3a:09:43:e3:3e:fc:af:
e0:7b:cf:41
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYctSsMlLGkKLVMKFPS6KXG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjMwMzI5MTIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTllMTA5N2JhZTNhZWM1ZjNmMTdlYzQxMzE1YjVkMzFhYjhkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSClVScK9rZMT7a3f1pm46aShMUU
5eM+4kbOBvbE3D409ltmojY7jlU2nJWadkgHcBECzz3PkjnvboRYqcxlAXSv4uA9
Pyt+5wg4f2nqDFdQ+rfn18Hymrgmbo+3F9pPI/Tcz+Vl8uuvVtOzVogY2Mcgk5YA
Om9WkXbdd9x2+4NDHG7it17dPIHUZ8GezDhdFwxt7NvpEKpvDi0cixJfWHSLR8tl
decd8VPXb8KJ1G2ZwX+TuzMMsl3cxrNK+2v3Ohd4V4dwY1Df005oepOiTR679y9M
d0z0R0IuIg7UZ106GnW2ZOi642i9auLwp9xJbrlbo2T6rUsUGko4ccmmUQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMmeEJe6467F8/F+xBMVtdMauNGhMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEveVo0UWw3cmpyc1h6OFg3RUV4VzEweHE0MGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwAqA1AA
ACEDBwAqA1AAACIwEgMHACoDUAAAMQMHACoDUAAAMjANBgkqhkiG9w0BAQsFAAOC
AQEAwhO0xzoSOS81T4r4oM1aLoFAMt8UDr2EEvxyN1mojQamidOJw4HZ1vR4YX7c
YFHZu6tDVzm3iU0xR4hYzzrGe/VziBhl/f4aKAC+5BYydpeKK96T2nQg6cC/27XB
h3t0byqnvXzpLzYKnDsHGlPp80HLqroMTEA0WXSJe+KMi1cAYGwwARIbkqMQAk+M
eWBKyrwSP3Fj7Szd2Jv8I048Y8Ga7hNvV0g/mMj4Dxw3DH6GBsPn08AjvHFmFRGH
N5A10kxIhPgR3tyRTGChY7sAvJqFkLs0T3B9ih/3371PuuKU/DL3CQhLKG0OOGHU
9qOr96APcfc6CUPjPvyv4HvPQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org