Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/0FiQKzSL7J9ouqKWzDtZqqrF6dM.roa
File: 0FiQKzSL7J9ouqKWzDtZqqrF6dM.roa (raw, json)
Hash identifier: 1Ap71PCCF5yRqlN0hFmF4NOofqqG8MwyTVU8vedU5ko=
Subject key identifier: D0:58:90:2B:34:8B:EC:9F:68:BA:A2:96:CC:3B:59:AA:AA:C5:E9:D3
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018CC726250C67B5F267B6DAD6C76C0A6672
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/0FiQKzSL7J9ouqKWzDtZqqrF6dM.roa
Signing time: Mon 01 Jan 2024 22:30:14 +0000
ROA not before: Mon 01 Jan 2024 22:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56534
IP address blocks: 2a0e:dfc3::/32 maxlen: 32
2a11:5a45::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jan 2024 14:08:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:25:0c:67:b5:f2:67:b6:da:d6:c7:6c:0a:66:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 1 22:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d058902b348bec9f68baa296cc3b59aaaac5e9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:55:2b:18:91:da:83:8b:ef:be:60:ca:4c:
7a:ad:7a:6f:cc:54:a6:cb:fc:f1:d0:c9:f6:d7:85:
a9:ca:85:e2:bd:96:b3:89:01:5c:94:40:dc:6a:f2:
ac:01:ca:60:ee:22:1a:c6:13:33:d6:1f:8c:35:af:
62:23:75:44:b0:9d:ce:6e:6a:57:ba:bc:f6:fa:ac:
c7:47:46:6e:9c:ff:84:92:a9:4f:ea:a9:6e:6a:fe:
b4:f0:52:7a:74:43:86:14:75:03:46:3c:c5:82:b4:
8a:1a:f8:5c:4c:9e:cb:bf:4c:91:34:83:5d:34:2d:
fe:b9:08:a0:f2:9d:64:31:e9:11:f1:52:13:91:60:
da:00:04:ab:f6:d3:e7:19:04:8b:66:21:8b:fd:0e:
fe:98:08:26:c1:9f:4e:78:16:1b:76:14:20:35:e7:
a5:fb:c4:61:6d:dd:fe:2b:1e:6f:77:1f:98:ee:cd:
88:64:56:e3:4b:7a:e7:52:7d:68:3c:3f:31:d3:fa:
ba:a6:dd:6d:09:90:53:b9:b0:24:3b:bf:5b:73:cf:
6e:c9:fb:83:89:42:60:80:32:89:6c:b0:49:5e:ef:
8b:4c:0f:da:ce:13:01:22:4b:b0:5a:42:09:37:5f:
f3:d9:c4:92:d1:04:12:0e:aa:24:1d:d3:9e:85:e3:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:58:90:2B:34:8B:EC:9F:68:BA:A2:96:CC:3B:59:AA:AA:C5:E9:D3
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/0FiQKzSL7J9ouqKWzDtZqqrF6dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc3::/32
2a11:5a45::/32
Signature Algorithm: sha256WithRSAEncryption
0b:e2:f3:d7:66:c0:9f:af:43:07:53:18:34:f4:fb:95:49:e4:
eb:89:78:73:e3:7c:b0:60:6d:68:10:8d:b7:40:75:75:a1:8d:
bb:bd:37:b7:7a:57:fd:99:12:6e:19:f4:0f:47:3c:98:a8:8b:
a6:b1:ec:42:f2:3d:4a:2a:05:16:2d:ce:a3:24:68:a9:7f:bf:
88:13:57:05:02:f8:18:8e:f8:3e:e6:f2:0c:94:1a:b6:8e:fc:
ad:62:13:74:1a:13:a8:8b:98:c4:5a:f9:8d:b8:13:5e:f8:b6:
30:c2:32:8e:51:05:0f:30:1d:20:1b:12:b4:f2:f3:77:46:2b:
2c:1c:b2:2b:15:c7:af:4f:d3:2d:91:3d:c4:f2:a4:3e:72:6c:
22:3f:f2:fb:63:c2:eb:8a:0e:e6:c4:d1:74:2b:b1:5a:cb:f4:
16:35:c4:11:fd:f2:cb:91:7c:3d:a5:a2:b7:5c:9f:8e:6c:6a:
6a:4d:9e:d0:d6:e4:fb:c6:ae:94:c2:ae:83:2f:46:e6:7f:1b:
32:ab:89:3d:44:e3:95:dd:82:25:36:2a:59:31:fd:4f:dd:1b:
34:ba:db:6a:1b:a6:0a:af:4e:ec:f6:47:49:fc:59:8e:eb:9d:
63:5b:67:9f:af:76:2f:33:15:92:bc:d5:00:88:9d:22:62:28:
37:48:10:9e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJiUMZ7XyZ7ba1sdsCmZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTAxMjIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU4OTAyYjM0OGJlYzlmNjhiYWEyOTZjYzNiNTlhYWFhYzVlOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUNVKxiR2oOL775gykx6rXpvzFSm
y/zx0Mn214WpyoXivZaziQFclEDcavKsAcpg7iIaxhMz1h+MNa9iI3VEsJ3ObmpX
urz2+qzHR0ZunP+EkqlP6qluav608FJ6dEOGFHUDRjzFgrSKGvhcTJ7Lv0yRNINd
NC3+uQig8p1kMekR8VITkWDaAASr9tPnGQSLZiGL/Q7+mAgmwZ9OeBYbdhQgNeel
+8Rhbd3+Kx5vdx+Y7s2IZFbjS3rnUn1oPD8x0/q6pt1tCZBTubAkO79bc89uyfuD
iUJggDKJbLBJXu+LTA/azhMBIkuwWkIJN1/z2cSS0QQSDqokHdOehePsDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNBYkCs0i+yfaLqilsw7WaqqxenTMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvMEZpUUt6U0w3SjlvdXFLV3pEdFpxcXJGNmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg7fwwMF
ACoRWkUwDQYJKoZIhvcNAQELBQADggEBAAvi89dmwJ+vQwdTGDT0+5VJ5OuJeHPj
fLBgbWgQjbdAdXWhjbu9N7d6V/2ZEm4Z9A9HPJioi6ax7ELyPUoqBRYtzqMkaKl/
v4gTVwUC+BiO+D7m8gyUGraO/K1iE3QaE6iLmMRa+Y24E174tjDCMo5RBQ8wHSAb
ErTy83dGKywcsisVx69P0y2RPcTypD5ybCI/8vtjwuuKDubE0XQrsVrL9BY1xBH9
8suRfD2lordcn45sampNntDW5PvGrpTCroMvRuZ/GzKriT1E45XdgiU2Klkx/U/d
GzS622obpgqvTuz2R0n8WY7rnWNbZ5+vdi8zFZK81QCInSJiKDdIEJ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org