Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/pOOLYhqrESuy8TVXpTws_BT1srs.roa
File: pOOLYhqrESuy8TVXpTws_BT1srs.roa (raw, json)
Hash identifier: 04uMjZTrhRxyXB70kONUK0PY+gsYNiSyjgnZfMPKQ3A=
Subject key identifier: A4:E3:8B:62:1A:AB:11:2B:B2:F1:35:57:A5:3C:2C:FC:14:F5:B2:BB
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018FAB277BA287F8F5F1787BC1B5A49B268A
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/pOOLYhqrESuy8TVXpTws_BT1srs.roa
Signing time: Fri 24 May 2024 15:10:42 +0000
ROA not before: Fri 24 May 2024 15:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a0f:6fc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 18:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:27:7b:a2:87:f8:f5:f1:78:7b:c1:b5:a4:9b:26:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: May 24 15:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e38b621aab112bb2f13557a53c2cfc14f5b2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:69:5b:66:74:28:50:80:a1:ac:45:69:8b:e1:
91:34:8b:ec:7b:26:60:49:88:9c:fa:65:88:43:a8:
8f:36:9a:13:46:b8:45:16:21:f2:ca:7c:3f:08:43:
4b:b8:ef:a5:a8:24:98:41:bc:61:18:fa:5f:c5:93:
60:a0:46:15:9a:5e:d3:94:e8:9d:34:a6:22:39:04:
14:fb:02:96:9c:9b:b9:6f:c9:30:9c:84:78:fc:c1:
2f:ca:75:47:ad:09:b3:48:7d:23:58:5c:e8:3c:95:
25:e2:e8:21:52:e3:80:c5:79:f5:9b:a8:01:01:ec:
31:b1:a2:fe:a7:1a:b8:58:18:5c:33:69:57:08:96:
fb:76:9d:27:2b:33:21:46:8e:7e:fa:30:ec:62:28:
9b:37:bf:2f:79:20:ea:42:fe:5c:9e:16:b3:d9:2c:
25:59:dd:06:8e:fe:af:4c:cd:6e:68:8f:9d:64:bc:
04:6c:8b:7b:eb:7a:97:33:e7:ec:72:33:e1:15:d7:
c7:2e:79:14:53:ad:d9:d4:06:0a:f5:42:cb:a7:26:
7c:b9:61:34:00:84:3d:17:87:32:d0:0c:f0:42:c2:
07:eb:07:27:bb:09:1c:b8:c5:e9:1e:07:f5:b0:d7:
5a:39:dc:f6:f5:fd:4e:d7:5d:5d:5d:28:58:54:7b:
2f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E3:8B:62:1A:AB:11:2B:B2:F1:35:57:A5:3C:2C:FC:14:F5:B2:BB
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/pOOLYhqrESuy8TVXpTws_BT1srs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6fc7::/32
Signature Algorithm: sha256WithRSAEncryption
25:0c:b7:98:f1:ac:04:e9:0a:a2:5d:2f:d0:94:b7:d7:b5:0f:
fe:7d:8f:7b:b3:19:97:7c:e7:06:d5:fe:da:50:27:60:ba:a3:
53:0d:52:f0:ed:4b:1e:8a:4f:96:8f:fe:1f:46:b3:ca:68:e3:
1e:cc:a4:da:6e:c8:a8:bd:88:fc:53:6f:91:cc:89:b9:9f:b3:
26:56:9b:d2:3e:cc:83:32:93:54:73:e0:86:7b:3c:6e:0c:6c:
1c:b9:20:41:73:9a:05:26:7c:c4:a1:e6:b8:11:2b:27:8c:a1:
44:a6:89:20:e9:0f:42:27:1b:ac:3e:b9:bf:0f:1f:72:27:63:
61:49:83:75:c5:53:a7:88:12:d5:ca:a1:11:00:05:cf:df:bc:
e7:44:2b:32:da:66:e4:a8:ef:6d:bd:f8:0e:1d:37:4b:d8:55:
15:53:db:2e:db:10:c0:2b:fa:2f:65:f6:40:51:1b:fe:c3:22:
f2:c2:e6:14:40:e9:f6:4d:7c:77:08:d0:a2:62:a5:8b:1a:63:
e4:7a:19:41:13:ea:01:f6:fc:e3:95:89:f0:62:ec:00:80:90:
77:a2:19:c7:34:f3:e1:51:2b:57:d2:82:94:c1:3f:96:d2:c5:
90:e0:8f:57:0f:ae:3e:37:83:f7:68:1b:a0:5b:a7:02:c7:84:
8b:e1:c2:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+rJ3uih/j18Xh7wbWkmyaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwNTI0MTUxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUzOGI2MjFhYWIxMTJiYjJmMTM1NTdhNTNjMmNmYzE0ZjViMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22lbZnQoUIChrEVpi+GRNIvseyZg
SYic+mWIQ6iPNpoTRrhFFiHyynw/CENLuO+lqCSYQbxhGPpfxZNgoEYVml7TlOid
NKYiOQQU+wKWnJu5b8kwnIR4/MEvynVHrQmzSH0jWFzoPJUl4ughUuOAxXn1m6gB
AewxsaL+pxq4WBhcM2lXCJb7dp0nKzMhRo5++jDsYiibN78veSDqQv5cnhaz2Swl
Wd0Gjv6vTM1uaI+dZLwEbIt763qXM+fscjPhFdfHLnkUU63Z1AYK9ULLpyZ8uWE0
AIQ9F4cy0AzwQsIH6wcnuwkcuMXpHgf1sNdaOdz29f1O111dXShYVHsvnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKTji2IaqxErsvE1V6U8LPwU9bK7MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvcE9PTFlocXJFU3V5OFRWWHBUd3NfQlQxc3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9vxzAN
BgkqhkiG9w0BAQsFAAOCAQEAJQy3mPGsBOkKol0v0JS317UP/n2Pe7MZl3znBtX+
2lAnYLqjUw1S8O1LHopPlo/+H0azymjjHsyk2m7IqL2I/FNvkcyJuZ+zJlab0j7M
gzKTVHPghns8bgxsHLkgQXOaBSZ8xKHmuBErJ4yhRKaJIOkPQicbrD65vw8fcidj
YUmDdcVTp4gS1cqhEQAFz9+850QrMtpm5Kjvbb34Dh03S9hVFVPbLtsQwCv6L2X2
QFEb/sMi8sLmFEDp9k18dwjQomKlixpj5HoZQRPqAfb845WJ8GLsAICQd6IZxzTz
4VErV9KClME/ltLFkOCPVw+uPjeD92gboFunAseEi+HCZA==
-----END CERTIFICATE-----
Generated at Mon Jun 10 21:13:37 2024 by rpki-client on console-ams.rpki-client.org