Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/iSTBq7V3HdAdyWRq2sm9gh5mg4k.roa
File: iSTBq7V3HdAdyWRq2sm9gh5mg4k.roa (raw, json)
Hash identifier: GBZ0BBcHlGdjvsoi64DFbxseFaY8RVL83JPVtw+lQGs=
Subject key identifier: 89:24:C1:AB:B5:77:1D:D0:1D:C9:64:6A:DA:C9:BD:82:1E:66:83:89
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018B70329C3FCC22B218EABF8C490C6B5E77
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/iSTBq7V3HdAdyWRq2sm9gh5mg4k.roa
Signing time: Fri 27 Oct 2023 08:14:06 +0000
ROA not before: Fri 27 Oct 2023 08:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398107
IP address blocks: 2a01:488:bb0d::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:32:9c:3f:cc:22:b2:18:ea:bf:8c:49:0c:6b:5e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Oct 27 08:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8924c1abb5771dd01dc9646adac9bd821e668389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4e:83:22:5b:52:b3:91:74:6f:da:f6:79:57:
7d:13:94:c8:94:32:51:b5:f7:6f:89:c7:01:01:d4:
0c:70:e3:3f:62:d1:0a:4e:18:3c:e8:8e:a5:d1:15:
b8:be:e5:00:f7:88:a8:03:19:25:da:a2:13:5f:24:
08:a5:76:29:dc:a5:17:09:7a:b2:3f:f5:a1:34:f1:
b0:1e:9a:d3:9e:cf:2a:8f:01:ce:40:41:b6:7a:97:
1a:56:41:6c:60:64:cf:ff:03:fc:ad:1d:0c:e4:5d:
cb:09:92:6b:90:d0:ab:af:2e:be:15:13:ae:5a:60:
d8:0b:f6:a9:2b:d3:3e:ad:24:55:7e:d2:4a:b9:37:
e6:d4:82:80:1d:03:5b:13:b8:9e:54:86:ce:75:0d:
1b:4e:14:4d:4f:dc:09:41:46:6b:d5:dc:88:d0:87:
7d:75:20:08:e8:f4:54:f0:55:c0:39:38:8d:9e:ca:
e1:89:01:16:96:9b:06:b5:8c:4f:dc:49:b6:b1:b6:
82:c8:98:e4:ac:8e:e9:52:9e:04:74:e4:99:84:1e:
83:ad:02:96:a6:9b:67:1d:8c:45:c1:40:1a:0b:dd:
b0:96:ff:4a:e4:97:79:ac:ea:b6:8f:c3:ce:c9:7e:
f9:8f:38:ef:2d:a8:2a:85:2e:61:f4:a1:06:ac:6c:
94:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:24:C1:AB:B5:77:1D:D0:1D:C9:64:6A:DA:C9:BD:82:1E:66:83:89
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/iSTBq7V3HdAdyWRq2sm9gh5mg4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb0d::/48
Signature Algorithm: sha256WithRSAEncryption
23:c3:d3:d7:a3:54:59:0c:ed:fa:46:61:d4:a2:b6:6f:1f:5c:
3e:3d:73:5a:72:7e:a5:fe:39:0a:07:0c:7e:03:3a:f8:5d:34:
3f:fc:b8:61:15:23:cc:9e:14:73:06:ba:7a:54:75:8f:96:1d:
4c:dc:d2:0e:89:86:b5:17:09:c7:d8:6f:88:e0:1c:38:0c:e9:
d2:fd:de:72:63:94:ff:7d:33:34:69:9a:fb:b1:c8:42:3e:5d:
d1:18:84:2a:35:85:ea:76:34:e7:0f:a8:17:90:14:29:ed:82:
d9:cb:a1:a0:95:1b:ee:58:ed:ba:fd:3d:e3:b1:91:65:0f:dc:
8e:3b:fd:83:5e:01:72:77:cb:b1:64:09:0c:39:68:61:41:a5:
ca:26:b7:5d:85:18:d4:c3:86:21:98:53:a7:42:0f:1d:9d:c2:
bf:ba:7a:9a:1f:ef:e0:57:78:b6:32:49:5a:03:c7:13:83:62:
cd:90:94:0e:7f:39:d4:3d:3c:ae:34:fa:09:f1:b1:ac:fd:ce:
f1:39:64:73:22:76:23:5d:45:26:b6:dd:d1:a2:d7:c4:8a:88:
d4:47:51:c4:29:d8:c3:b9:16:2e:41:c5:f9:37:15:85:0b:7e:
16:9c:ba:1a:f9:00:f5:b5:79:14:67:73:9f:55:71:92:d5:44:
de:c1:95:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtwMpw/zCKyGOq/jEkMa153MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMxMDI3MDgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI0YzFhYmI1NzcxZGQwMWRjOTY0NmFkYWM5YmQ4MjFlNjY4Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE6DIltSs5F0b9r2eVd9E5TIlDJR
tfdviccBAdQMcOM/YtEKThg86I6l0RW4vuUA94ioAxkl2qITXyQIpXYp3KUXCXqy
P/WhNPGwHprTns8qjwHOQEG2epcaVkFsYGTP/wP8rR0M5F3LCZJrkNCrry6+FROu
WmDYC/apK9M+rSRVftJKuTfm1IKAHQNbE7ieVIbOdQ0bThRNT9wJQUZr1dyI0Id9
dSAI6PRU8FXAOTiNnsrhiQEWlpsGtYxP3Em2sbaCyJjkrI7pUp4EdOSZhB6DrQKW
pptnHYxFwUAaC92wlv9K5Jd5rOq2j8POyX75jzjvLagqhS5h9KEGrGyUzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIkkwau1dx3QHclkatrJvYIeZoOJMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvaVNUQnE3VjNIZEFkeVdScTJzbTlnaDVtZzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsN
MA0GCSqGSIb3DQEBCwUAA4IBAQAjw9PXo1RZDO36RmHUorZvH1w+PXNacn6l/jkK
Bwx+Azr4XTQ//LhhFSPMnhRzBrp6VHWPlh1M3NIOiYa1FwnH2G+I4Bw4DOnS/d5y
Y5T/fTM0aZr7schCPl3RGIQqNYXqdjTnD6gXkBQp7YLZy6GglRvuWO26/T3jsZFl
D9yOO/2DXgFyd8uxZAkMOWhhQaXKJrddhRjUw4YhmFOnQg8dncK/unqaH+/gV3i2
MklaA8cTg2LNkJQOfznUPTyuNPoJ8bGs/c7xOWRzInYjXUUmtt3RotfEiojUR1HE
KdjDuRYuQcX5NxWFC34WnLoa+QD1tXkUZ3OfVXGS1UTewZWG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org