Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/uzOwhw9oCOcaXGHontVx60yCf7s.roa
File: uzOwhw9oCOcaXGHontVx60yCf7s.roa (raw, json)
Hash identifier: rvGtf2bgxMw0RZ0ogfpJv/clKDnJhLhU30hp2Q5wdxo=
Subject key identifier: BB:33:B0:87:0F:68:08:E7:1A:5C:61:E8:9E:D5:71:EB:4C:82:7F:BB
Certificate issuer: /CN=f69a0a5d1e8d54248e87667e9883c902f175e2e7
Certificate serial: 01856E81EB89BB61A601C18F6A479113FF89
Authority key identifier: F6:9A:0A:5D:1E:8D:54:24:8E:87:66:7E:98:83:C9:02:F1:75:E2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9poKXR6NVCSOh2Z-mIPJAvF14uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/uzOwhw9oCOcaXGHontVx60yCf7s.roa
Signing time: Sun 01 Jan 2023 18:04:46 +0000
ROA not before: Sun 01 Jan 2023 18:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.67.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:eb:89:bb:61:a6:01:c1:8f:6a:47:91:13:ff:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69a0a5d1e8d54248e87667e9883c902f175e2e7
Validity
Not Before: Jan 1 18:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb33b0870f6808e71a5c61e89ed571eb4c827fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:76:57:6c:f0:42:55:0a:d2:b8:c5:08:f0:
d7:4a:12:e1:d0:8c:17:15:cb:04:68:3a:11:27:73:
13:03:c1:ab:7e:3f:db:76:3b:4d:31:c8:2b:6f:99:
55:39:a0:67:66:e7:67:95:f9:95:2d:cf:33:09:aa:
cf:8e:be:e5:5e:af:50:31:54:f7:b9:e0:0a:8c:b6:
ae:97:d5:8e:df:c6:60:22:e8:82:6b:b6:ec:58:28:
ee:dc:28:51:0e:17:c6:ad:f7:2f:71:0d:76:e9:c5:
07:c0:a2:06:cc:5a:7e:5b:c1:4f:45:83:3e:6d:1d:
43:e0:f6:73:41:8e:18:0e:73:a2:19:e3:00:30:a9:
e7:dd:db:f7:b4:32:28:ec:c3:71:55:2c:74:a7:0e:
6b:37:96:75:2d:e6:14:24:81:62:ef:0c:60:68:51:
c9:6c:f6:c2:4d:06:3c:12:dd:97:98:cc:3f:4e:b2:
2d:f1:4f:c7:b8:98:4d:6c:80:da:c3:68:9b:ce:5e:
66:e4:30:41:29:0d:05:12:a6:6a:9b:55:9a:d8:7a:
b5:0b:1a:8b:8d:39:13:de:2a:34:f7:82:d5:42:25:
76:49:7b:dc:3f:89:7e:f7:51:0f:19:b9:01:ed:1a:
dd:8f:22:72:5f:09:7b:22:e0:6d:f7:14:3e:a9:dc:
99:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:33:B0:87:0F:68:08:E7:1A:5C:61:E8:9E:D5:71:EB:4C:82:7F:BB
X509v3 Authority Key Identifier:
keyid:F6:9A:0A:5D:1E:8D:54:24:8E:87:66:7E:98:83:C9:02:F1:75:E2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9poKXR6NVCSOh2Z-mIPJAvF14uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/uzOwhw9oCOcaXGHontVx60yCf7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/9poKXR6NVCSOh2Z-mIPJAvF14uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.67.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:92:62:2c:8c:ae:88:52:7c:1e:d0:b4:ff:39:b2:bc:3d:6e:
bb:f5:3e:66:65:21:74:5d:53:bb:bf:0d:38:03:f7:8a:f8:2c:
65:cc:48:8d:6f:d9:79:2b:41:6e:19:03:ca:1a:06:db:d1:89:
9d:20:6d:35:a9:5f:59:67:12:45:15:27:d6:16:55:31:3b:21:
fe:83:3a:39:19:7a:3e:70:9b:bc:5f:68:c7:70:76:76:fa:96:
ae:71:fb:71:19:61:75:99:b6:6a:49:02:96:c6:aa:03:ca:37:
bb:de:cb:3e:ac:4d:f7:f0:f4:c5:01:35:b8:7d:43:35:f5:92:
db:af:0f:b1:e6:6a:41:c2:ff:0f:bd:8d:89:f8:13:49:96:b9:
6f:bb:d8:ba:5e:97:12:20:86:d6:a1:ad:92:f7:f8:9c:50:8d:
d4:72:22:6a:2b:4c:48:07:6e:cb:43:07:ff:9b:75:34:1c:5f:
31:73:77:14:0d:0a:2f:d8:25:e1:7c:d6:99:f9:ed:fb:3f:7e:
3d:4d:7d:eb:0f:d5:77:83:db:93:2c:b5:a0:dd:e9:b3:0c:0b:
5c:35:c8:77:b0:9f:52:5e:46:1e:8e:80:f4:f6:5e:d9:72:a5:
8d:6d:87:fc:ad:21:bc:66:4e:fb:24:73:e9:80:dc:7f:b3:5a:
22:32:e6:66
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVugeuJu2GmAcGPakeRE/+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWEwYTVkMWU4ZDU0MjQ4ZTg3NjY3ZTk4ODNjOTAyZjE3
NWUyZTcwHhcNMjMwMTAxMTgwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjMzYjA4NzBmNjgwOGU3MWE1YzYxZTg5ZWQ1NzFlYjRjODI3ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprZ2V2zwQlUK0rjFCPDXShLh0IwX
FcsEaDoRJ3MTA8Grfj/bdjtNMcgrb5lVOaBnZudnlfmVLc8zCarPjr7lXq9QMVT3
ueAKjLaul9WO38ZgIuiCa7bsWCju3ChRDhfGrfcvcQ126cUHwKIGzFp+W8FPRYM+
bR1D4PZzQY4YDnOiGeMAMKnn3dv3tDIo7MNxVSx0pw5rN5Z1LeYUJIFi7wxgaFHJ
bPbCTQY8Et2XmMw/TrIt8U/HuJhNbIDaw2ibzl5m5DBBKQ0FEqZqm1Wa2Hq1CxqL
jTkT3io094LVQiV2SXvcP4l+91EPGbkB7RrdjyJyXwl7IuBt9xQ+qdyZhwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLszsIcPaAjnGlxh6J7VcetMgn+7MB8GA1UdIwQY
MBaAFPaaCl0ejVQkjodmfpiDyQLxdeLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXBvS1hSNk5WQ1NPaDJaLW1JUEpBdkYxNHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85NDQwYTQtMGI0Mi00YTU4LTkwMGEt
ZTk5ZjIyNzcyNjI0LzEvdXpPd2h3OW9DT2NhWEdIb250Vng2MHlDZjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85NDQwYTQtMGI0Mi00YTU4LTkwMGEtZTk5ZjIyNzcyNjI0
LzEvOXBvS1hSNk5WQ1NPaDJaLW1JUEpBdkYxNHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjUMwDQYJ
KoZIhvcNAQELBQADggEBAGmSYiyMrohSfB7QtP85srw9brv1PmZlIXRdU7u/DTgD
94r4LGXMSI1v2XkrQW4ZA8oaBtvRiZ0gbTWpX1lnEkUVJ9YWVTE7If6DOjkZej5w
m7xfaMdwdnb6lq5x+3EZYXWZtmpJApbGqgPKN7veyz6sTffw9MUBNbh9QzX1ktuv
D7HmakHC/w+9jYn4E0mWuW+72LpelxIghtahrZL3+JxQjdRyImorTEgHbstDB/+b
dTQcXzFzdxQNCi/YJeF81pn57fs/fj1NfesP1XeD25MstaDd6bMMC1w1yHewn1Je
Rh6OgPT2XtlypY1th/ytIbxmTvskc+mA3H+zWiIy5mY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:32 2024 by rpki-client on console-ams.rpki-client.org