Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/O_GQpeDcuozgrVHmb1GKn-pGL_0.roa
File: O_GQpeDcuozgrVHmb1GKn-pGL_0.roa (raw, json)
Hash identifier: H5DWntlVAYBQ4Yd9dX7gbj8TrwWnYNiyjCAV+5BsWO0=
Subject key identifier: 3B:F1:90:A5:E0:DC:BA:8C:E0:AD:51:E6:6F:51:8A:9F:EA:46:2F:FD
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F429D167BD9BB56F4ACE0E7F617B848
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/O_GQpeDcuozgrVHmb1GKn-pGL_0.roa
Signing time: Sun 01 Jan 2023 21:35:14 +0000
ROA not before: Sun 01 Jan 2023 21:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34440
IP address blocks: 2a01:488:bb18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9d:16:7b:d9:bb:56:f4:ac:e0:e7:f6:17:b8:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf190a5e0dcba8ce0ad51e66f518a9fea462ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:91:c3:ff:20:94:25:cf:d0:4c:19:3b:31:19:
d8:a4:43:a8:a0:f1:0a:ae:f4:b9:90:14:81:a0:48:
80:67:28:12:62:dc:2f:a1:89:71:af:d1:4d:75:ab:
eb:84:1c:49:24:3e:09:46:16:f2:6a:b6:ae:97:aa:
ae:16:46:f7:63:f1:4b:a6:48:7f:f1:8d:b2:bb:d5:
bc:f4:f6:b8:ce:b5:52:e2:d3:76:41:f7:81:4b:2e:
3c:8c:26:a5:7a:b7:11:27:4b:0d:2f:6a:f8:e9:1a:
da:1b:5f:13:d3:d9:a5:57:77:21:63:07:b8:b7:0e:
80:51:36:c4:6a:10:fa:2d:e6:7d:ee:4a:66:1d:67:
c3:f0:3b:ec:90:16:17:52:2f:98:43:8d:55:6a:a7:
e2:2d:0d:54:2b:ed:09:e1:6d:b5:b7:7c:fc:c6:d1:
15:b2:1c:28:25:32:67:1a:4f:45:82:dc:3f:65:72:
14:ad:b8:b8:cb:e9:59:83:11:dc:c9:43:fc:48:d7:
d2:a2:30:d3:cf:76:f4:da:24:f9:ba:9d:7a:59:11:
25:71:15:97:20:ec:f0:15:f9:5c:04:96:9d:81:c2:
be:7c:36:a3:28:0f:cc:7e:da:2f:8e:b6:4e:c5:66:
91:c8:22:bc:f3:58:55:0c:4e:10:7c:95:6d:49:08:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F1:90:A5:E0:DC:BA:8C:E0:AD:51:E6:6F:51:8A:9F:EA:46:2F:FD
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/O_GQpeDcuozgrVHmb1GKn-pGL_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb18::/48
Signature Algorithm: sha256WithRSAEncryption
04:44:ee:ef:22:ac:ef:c8:f8:c3:e3:0c:9b:fe:af:5c:93:ec:
4a:58:31:e0:7c:5c:b7:fb:03:16:f5:4c:90:7c:e1:40:c1:46:
4e:50:ca:37:c8:92:dc:d3:44:47:b2:6f:a3:a9:10:06:4c:80:
04:48:a4:a8:07:19:91:6b:62:80:54:8a:5b:f8:2e:33:28:d8:
97:cb:0c:16:53:6e:ed:65:7c:fd:3e:84:46:b3:01:6c:a6:71:
3b:4d:70:c0:92:ce:bc:ff:fc:fb:45:90:8a:4e:49:1b:1e:25:
0f:0e:b5:59:e0:ee:c0:17:df:29:38:76:d8:c5:06:d4:7f:ba:
f7:3b:6d:89:18:a5:0d:df:72:e8:73:41:d3:ad:ef:7f:87:1a:
d4:2f:ff:a7:d9:25:b3:31:54:c5:0f:fc:8b:80:7d:e9:92:3e:
46:83:a3:4d:00:73:8c:ec:bf:3a:17:fb:f2:36:36:32:ea:a4:
ef:61:ab:e3:94:ac:1f:a9:42:41:ae:2a:a9:19:cc:92:0e:9e:
7d:e4:f4:a5:11:a6:64:07:e3:40:35:9f:54:7d:79:16:ba:32:
65:1c:dd:15:8b:48:83:0a:0c:61:70:0e:0f:63:ba:fe:b3:3c:
15:71:fa:10:b2:17:54:d3:67:35:e8:1a:49:7f:44:fd:92:e9:
ee:bb:54:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQp0We9m7VvSs4Of2F7hIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYxOTBhNWUwZGNiYThjZTBhZDUxZTY2ZjUxOGE5ZmVhNDYyZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5HD/yCUJc/QTBk7MRnYpEOooPEK
rvS5kBSBoEiAZygSYtwvoYlxr9FNdavrhBxJJD4JRhbyaraul6quFkb3Y/FLpkh/
8Y2yu9W89Pa4zrVS4tN2QfeBSy48jCalercRJ0sNL2r46RraG18T09mlV3chYwe4
tw6AUTbEahD6LeZ97kpmHWfD8DvskBYXUi+YQ41VaqfiLQ1UK+0J4W21t3z8xtEV
shwoJTJnGk9Fgtw/ZXIUrbi4y+lZgxHcyUP8SNfSojDTz3b02iT5up16WRElcRWX
IOzwFflcBJadgcK+fDajKA/MftovjrZOxWaRyCK881hVDE4QfJVtSQjCnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDvxkKXg3LqM4K1R5m9Rip/qRi/9MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvT19HUXBlRGN1b3pnclZIbWIxR0tuLXBHTF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsY
MA0GCSqGSIb3DQEBCwUAA4IBAQAERO7vIqzvyPjD4wyb/q9ck+xKWDHgfFy3+wMW
9UyQfOFAwUZOUMo3yJLc00RHsm+jqRAGTIAESKSoBxmRa2KAVIpb+C4zKNiXywwW
U27tZXz9PoRGswFspnE7TXDAks68//z7RZCKTkkbHiUPDrVZ4O7AF98pOHbYxQbU
f7r3O22JGKUN33Loc0HTre9/hxrUL/+n2SWzMVTFD/yLgH3pkj5Gg6NNAHOM7L86
F/vyNjYy6qTvYavjlKwfqUJBriqpGcySDp595PSlEaZkB+NANZ9UfXkWujJlHN0V
i0iDCgxhcA4PY7r+szwVcfoQshdU02c16BpJf0T9kunuu1QR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org