Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/24IqOw9caqO7cUm7fSI7-J6rPR0.roa
File: 24IqOw9caqO7cUm7fSI7-J6rPR0.roa (raw, json)
Hash identifier: 3msLC+e9AceYOMV/7abmcPZF6VJe1VjpU3sVUUOo5Vw=
Subject key identifier: DB:82:2A:3B:0F:5C:6A:A3:BB:71:49:BB:7D:22:3B:F8:9E:AB:3D:1D
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018CC8DECEF05EA569B95C4505A4EE53D7F9
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/24IqOw9caqO7cUm7fSI7-J6rPR0.roa
Signing time: Tue 02 Jan 2024 06:31:34 +0000
ROA not before: Tue 02 Jan 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48749
IP address blocks: 2a05:8883:ffff::/48 maxlen: 48
2a0f:55c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Apr 2024 17:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ce:f0:5e:a5:69:b9:5c:45:05:a4:ee:53:d7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db822a3b0f5c6aa3bb7149bb7d223bf89eab3d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:84:b4:d9:e1:8a:64:3d:dd:48:47:3c:ba:
05:9d:dd:a8:3d:28:dc:29:49:80:92:58:4b:1a:aa:
33:1e:aa:a5:1d:e6:72:eb:3a:64:68:cc:4a:06:38:
10:a5:b2:7a:79:5d:4d:ad:73:d5:ab:b2:84:0c:f5:
db:f2:fa:54:bb:a4:5b:9f:da:fb:29:67:6f:60:c0:
93:d3:09:1e:29:28:50:75:b2:d5:8c:8b:b3:fc:d3:
5c:3e:81:3c:4a:25:40:26:17:d8:5c:5e:8b:c4:19:
e3:51:95:52:48:df:b4:e0:ca:dd:af:bc:a0:0e:ec:
74:f7:69:2d:ba:99:af:b1:6c:ee:7c:b4:c7:88:f6:
f5:35:43:d7:dc:b8:1e:35:6c:07:5b:de:88:86:f5:
f1:72:cb:2a:f7:c3:21:9c:aa:ef:a2:45:4b:a0:0e:
a9:3c:2b:5d:a6:e3:4d:2f:1b:13:c8:0d:b7:ec:3b:
f6:86:bf:1e:c3:2c:ee:1d:08:89:21:65:99:c0:c4:
41:19:10:08:7a:79:ef:54:86:5a:d5:05:b2:b9:18:
c3:53:7d:41:5e:f3:98:ee:71:8e:d5:a5:c8:17:b8:
fe:80:2b:c2:e7:5d:dc:2d:86:50:c8:65:b0:2c:81:
47:ae:ff:bf:c7:b7:02:62:e6:97:16:1a:86:f2:15:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:82:2A:3B:0F:5C:6A:A3:BB:71:49:BB:7D:22:3B:F8:9E:AB:3D:1D
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/24IqOw9caqO7cUm7fSI7-J6rPR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:8883:ffff::/48
2a0f:55c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
1b:10:52:ae:db:6f:c2:e0:dc:20:65:f8:e9:c0:9d:36:1e:d2:
d4:69:75:ec:a8:27:31:76:16:89:e6:6b:09:25:9e:ba:11:a9:
3a:a9:d5:dd:d7:07:98:70:27:97:9d:71:fd:da:84:15:9d:cd:
9a:1e:42:54:97:01:86:ec:ad:f1:75:f0:dc:8e:b2:e5:ee:c9:
f0:36:04:ac:3e:0a:b5:a7:40:b5:f9:1b:a7:43:27:6c:44:f9:
4b:7c:ce:a8:64:e5:2c:a4:2b:bf:d8:14:04:39:11:82:d8:c1:
de:69:2c:51:3e:4d:ae:2a:57:cf:53:71:14:c0:0a:b9:48:f9:
e5:b4:96:83:b2:a9:e9:5c:c9:f0:68:2d:87:67:f8:3f:a3:36:
8d:0c:50:2d:35:fb:f6:7c:b6:86:67:a9:19:77:f7:9c:99:81:
20:d1:d1:8a:d4:41:b9:c7:90:ea:db:a2:d4:24:64:92:f7:ae:
11:a7:d2:06:ad:b3:a5:63:66:fa:e9:30:8b:38:1e:3b:c5:cf:
7b:44:56:c4:db:06:8d:3c:f3:b8:5c:ce:14:16:16:76:cc:66:
95:da:5c:de:a0:a2:12:3a:af:66:ee:30:30:b8:d3:4d:13:6e:
38:2d:dd:6c:4e:85:0a:d6:05:d1:10:89:37:a2:a6:bf:9b:5c:
aa:95:40:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3s7wXqVpuVxFBaTuU9f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwMTAyMDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgyMmEzYjBmNWM2YWEzYmI3MTQ5YmI3ZDIyM2JmODllYWIzZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkeEtNnhimQ93UhHPLoFnd2oPSjc
KUmAklhLGqozHqqlHeZy6zpkaMxKBjgQpbJ6eV1NrXPVq7KEDPXb8vpUu6Rbn9r7
KWdvYMCT0wkeKShQdbLVjIuz/NNcPoE8SiVAJhfYXF6LxBnjUZVSSN+04Mrdr7yg
Dux092ktupmvsWzufLTHiPb1NUPX3LgeNWwHW96IhvXxcssq98MhnKrvokVLoA6p
PCtdpuNNLxsTyA237Dv2hr8ewyzuHQiJIWWZwMRBGRAIennvVIZa1QWyuRjDU31B
XvOY7nGO1aXIF7j+gCvC513cLYZQyGWwLIFHrv+/x7cCYuaXFhqG8hXLiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNuCKjsPXGqju3FJu30iO/ieqz0dMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvMjRJcU93OWNhcU83Y1VtN2ZTSTctSjZyUFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWIg///
AwcAKg9Vx///MA0GCSqGSIb3DQEBCwUAA4IBAQAbEFKu22/C4NwgZfjpwJ02HtLU
aXXsqCcxdhaJ5msJJZ66Eak6qdXd1weYcCeXnXH92oQVnc2aHkJUlwGG7K3xdfDc
jrLl7snwNgSsPgq1p0C1+RunQydsRPlLfM6oZOUspCu/2BQEORGC2MHeaSxRPk2u
KlfPU3EUwAq5SPnltJaDsqnpXMnwaC2HZ/g/ozaNDFAtNfv2fLaGZ6kZd/ecmYEg
0dGK1EG5x5Dq26LUJGSS964Rp9IGrbOlY2b66TCLOB47xc97RFbE2waNPPO4XM4U
FhZ2zGaV2lzeoKISOq9m7jAwuNNNE244Ld1sToUK1gXREIk3oqa/m1yqlUCH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:24 2024 by rpki-client on console-fra.rpki-client.org