Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ccf93b-8ff9-4eb6-8c34-4aa3c3dd4d6b/1/IKhPqcun-h917Hau3SPQuTeddVY.roa
File: IKhPqcun-h917Hau3SPQuTeddVY.roa (raw, json)
Hash identifier: ECgUzibbB/Rl1t9Bie+18F0Ws9n7vwwmqAIoxc97N0Q=
Subject key identifier: 20:A8:4F:A9:CB:A7:FA:1F:75:EC:76:AE:DD:23:D0:B9:37:9D:75:56
Certificate issuer: /CN=82f08f263c37459b5fd6fc06fd9f0e5f6d622759
Certificate serial: 01857343B4909EDD9EBBD0C56B5F29D351B4
Authority key identifier: 82:F0:8F:26:3C:37:45:9B:5F:D6:FC:06:FD:9F:0E:5F:6D:62:27:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gvCPJjw3RZtf1vwG_Z8OX21iJ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/ccf93b-8ff9-4eb6-8c34-4aa3c3dd4d6b/1/IKhPqcun-h917Hau3SPQuTeddVY.roa
Signing time: Mon 02 Jan 2023 16:14:55 +0000
ROA not before: Mon 02 Jan 2023 16:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204896
IP address blocks: 2001:67c:4e4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:b4:90:9e:dd:9e:bb:d0:c5:6b:5f:29:d3:51:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82f08f263c37459b5fd6fc06fd9f0e5f6d622759
Validity
Not Before: Jan 2 16:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20a84fa9cba7fa1f75ec76aedd23d0b9379d7556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:37:a0:2c:37:9a:a6:43:92:e3:03:f0:cd:
b8:56:fd:a9:8d:06:87:6d:ca:41:18:d7:bb:a2:6d:
37:9f:67:3b:3b:a8:d8:2c:6f:16:67:84:45:52:a6:
2b:5a:b1:0f:6c:dd:15:37:60:1c:ce:41:39:59:db:
39:1d:1e:34:18:2a:f4:e5:c9:9a:c2:40:0e:77:65:
44:37:a8:6c:c9:54:55:a5:d3:78:2a:7c:03:3a:00:
fa:3e:23:1d:7e:26:e8:a5:93:62:f3:22:bc:e5:1e:
c5:aa:d6:33:f9:a8:3f:b8:ad:c1:1c:5d:64:f4:6a:
01:11:13:b3:a1:3a:b0:59:ed:be:25:cb:55:e4:41:
e3:80:df:89:c4:4b:c4:7c:73:77:52:86:26:e8:59:
19:ba:c8:04:3d:3f:a2:c6:f0:01:2e:1a:cb:d6:38:
f9:b2:ff:08:45:8f:51:3d:fa:48:fb:b4:0c:83:49:
69:7d:2a:98:bb:f3:34:88:a3:66:81:21:0b:3c:3f:
ce:f9:52:e4:30:88:88:0a:7e:10:20:7c:bb:b1:b9:
fe:4e:36:5f:5d:84:6b:10:99:55:83:4d:31:20:1b:
95:c5:88:a2:a3:0e:22:91:61:0d:4c:5a:d1:00:de:
7c:89:c6:5b:94:bd:c5:2e:9b:fb:18:3d:be:f9:c3:
de:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A8:4F:A9:CB:A7:FA:1F:75:EC:76:AE:DD:23:D0:B9:37:9D:75:56
X509v3 Authority Key Identifier:
keyid:82:F0:8F:26:3C:37:45:9B:5F:D6:FC:06:FD:9F:0E:5F:6D:62:27:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvCPJjw3RZtf1vwG_Z8OX21iJ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ccf93b-8ff9-4eb6-8c34-4aa3c3dd4d6b/1/IKhPqcun-h917Hau3SPQuTeddVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ccf93b-8ff9-4eb6-8c34-4aa3c3dd4d6b/1/gvCPJjw3RZtf1vwG_Z8OX21iJ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:4e4::/48
Signature Algorithm: sha256WithRSAEncryption
9c:37:d1:7e:bc:5e:54:aa:e0:7f:75:01:80:90:2b:43:d6:0d:
11:9a:70:b5:fa:c3:79:d8:0d:59:74:b0:62:6c:54:7f:59:6c:
a0:0c:b5:33:48:42:f9:a1:ff:8b:16:f4:83:fd:b0:d0:d2:4c:
3a:71:24:9e:47:23:d0:79:2e:c6:bf:d4:5b:2a:4d:b0:14:b2:
7a:2f:49:8e:77:fa:84:24:10:e6:06:8c:f6:ec:9d:2f:ca:1f:
22:ad:d2:93:49:c3:81:85:6e:36:08:f2:16:6a:ad:56:ed:59:
6a:38:99:df:7d:a9:84:80:f3:f3:28:31:15:f8:b3:33:3d:75:
b7:a4:cd:3c:40:37:65:eb:a5:13:4b:c8:31:bd:56:ee:d4:2d:
45:6f:20:49:32:4a:b4:6b:67:e1:6b:cb:9f:af:d5:fd:53:d7:
45:73:df:b3:1e:1b:23:e7:ba:0e:69:5e:5e:2b:f4:8f:cb:64:
ef:0b:b1:38:89:77:9d:60:b6:4f:1d:9d:fc:aa:8c:b8:a3:ce:
00:33:8d:c3:2c:42:5a:db:f2:de:97:8d:c3:81:f3:04:14:7e:
e4:a2:e0:5e:de:c5:d8:ff:d3:bc:47:26:12:dd:b5:c4:6e:cf:
b8:ad:5e:de:0f:02:58:1f:b5:62:cf:2b:5b:07:6a:c6:2b:2e:
99:73:c5:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzQ7SQnt2eu9DFa18p01G0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZjA4ZjI2M2MzNzQ1OWI1ZmQ2ZmMwNmZkOWYwZTVmNmQ2
MjI3NTkwHhcNMjMwMTAyMTYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE4NGZhOWNiYTdmYTFmNzVlYzc2YWVkZDIzZDBiOTM3OWQ3NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVc3oCw3mqZDkuMD8M24Vv2pjQaH
bcpBGNe7om03n2c7O6jYLG8WZ4RFUqYrWrEPbN0VN2AczkE5Wds5HR40GCr05cma
wkAOd2VEN6hsyVRVpdN4KnwDOgD6PiMdfibopZNi8yK85R7FqtYz+ag/uK3BHF1k
9GoBEROzoTqwWe2+JctV5EHjgN+JxEvEfHN3UoYm6FkZusgEPT+ixvABLhrL1jj5
sv8IRY9RPfpI+7QMg0lpfSqYu/M0iKNmgSELPD/O+VLkMIiICn4QIHy7sbn+TjZf
XYRrEJlVg00xIBuVxYiiow4ikWENTFrRAN58icZblL3FLpv7GD2++cPeOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCCoT6nLp/ofdex2rt0j0Lk3nXVWMB8GA1UdIwQY
MBaAFILwjyY8N0WbX9b8Bv2fDl9tYidZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZDUEpqdzNSWnRmMXZ3R19aOE9YMjFpSjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jY2Y5M2ItOGZmOS00ZWI2LThjMzQt
NGFhM2MzZGQ0ZDZiLzEvSUtoUHFjdW4taDkxN0hhdTNTUFF1VGVkZFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jY2Y5M2ItOGZmOS00ZWI2LThjMzQtNGFhM2MzZGQ0ZDZi
LzEvZ3ZDUEpqdzNSWnRmMXZ3R19aOE9YMjFpSjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfATk
MA0GCSqGSIb3DQEBCwUAA4IBAQCcN9F+vF5UquB/dQGAkCtD1g0RmnC1+sN52A1Z
dLBibFR/WWygDLUzSEL5of+LFvSD/bDQ0kw6cSSeRyPQeS7Gv9RbKk2wFLJ6L0mO
d/qEJBDmBoz27J0vyh8irdKTScOBhW42CPIWaq1W7VlqOJnffamEgPPzKDEV+LMz
PXW3pM08QDdl66UTS8gxvVbu1C1FbyBJMkq0a2fha8ufr9X9U9dFc9+zHhsj57oO
aV5eK/SPy2TvC7E4iXedYLZPHZ38qoy4o84AM43DLEJa2/Lel43DgfMEFH7kouBe
3sXY/9O8RyYS3bXEbs+4rV7eDwJYH7VizytbB2rGKy6Zc8Xo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:09 2024 by rpki-client on console-fra.rpki-client.org