Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/IPih-SeK-bnIKvwJMPKuq2301qg.roa
File: IPih-SeK-bnIKvwJMPKuq2301qg.roa (raw, json)
Hash identifier: lq0VafVEGa7zy6siM4kD3bidI3Lg41AA/t7tZrYrjz8=
Subject key identifier: 20:F8:A1:F9:27:8A:F9:B9:C8:2A:FC:09:30:F2:AE:AB:6D:F4:D6:A8
Certificate issuer: /CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Certificate serial: 01856CF86C96CC38CB416A25DA7D1F78C0C2
Authority key identifier: 42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/IPih-SeK-bnIKvwJMPKuq2301qg.roa
Signing time: Sun 01 Jan 2023 10:54:58 +0000
ROA not before: Sun 01 Jan 2023 10:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a02:f181:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:6c:96:cc:38:cb:41:6a:25:da:7d:1f:78:c0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Validity
Not Before: Jan 1 10:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20f8a1f9278af9b9c82afc0930f2aeab6df4d6a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:9b:b1:e1:77:0b:7f:a2:9a:c8:95:08:0c:
ca:2f:c7:17:1f:65:b5:94:90:97:fd:c7:26:54:84:
87:76:66:5a:81:b4:a2:98:b6:bf:a4:01:e7:d6:4d:
65:cb:c9:f0:bb:19:62:ee:ec:5e:5d:4c:60:95:8b:
ea:d0:1b:75:1b:ea:84:d2:23:6d:84:00:2e:4b:ba:
22:0d:70:fd:73:69:d0:83:ee:e4:1a:14:f4:29:82:
2d:e3:4b:e0:f8:e0:3f:c8:23:7a:1b:65:b3:17:cf:
a6:a1:2a:a4:22:c4:1e:55:56:71:3d:11:3c:99:5d:
cb:95:f6:0a:c4:f1:af:fa:12:b2:ce:72:98:e9:c0:
a1:80:95:c0:2c:6a:b2:8f:92:0e:e3:1a:1d:50:07:
64:87:cf:ec:a7:70:00:8b:55:51:60:40:75:ff:a8:
f1:6d:39:0a:a4:c8:26:f2:13:73:5e:f2:d8:d4:af:
64:25:98:e7:63:9b:85:69:38:fa:a4:53:e7:4d:8e:
27:17:81:64:e0:2e:c1:7e:52:73:c6:1a:db:a8:5a:
2e:d1:14:24:2f:ca:c9:be:62:15:d8:95:8d:4d:17:
6e:29:a5:ff:19:33:26:b8:fc:7a:b3:fc:75:b3:5c:
bf:c1:08:51:8a:3e:4f:32:6e:6d:ca:c1:10:c8:c6:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F8:A1:F9:27:8A:F9:B9:C8:2A:FC:09:30:F2:AE:AB:6D:F4:D6:A8
X509v3 Authority Key Identifier:
keyid:42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/IPih-SeK-bnIKvwJMPKuq2301qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f181:1000::/48
Signature Algorithm: sha256WithRSAEncryption
04:e1:81:9c:07:71:74:84:a6:95:ea:ce:ed:d7:fc:5a:e6:76:
ec:b8:25:88:f4:aa:dd:60:96:13:58:91:6a:aa:26:0f:fe:d9:
81:1e:9a:b8:64:03:56:0d:2e:84:08:41:cc:54:e0:34:1e:47:
cd:ec:e5:b2:5f:50:32:e1:6d:8c:e1:b3:22:13:b3:77:aa:3b:
2f:c1:fb:3e:44:14:ca:fa:32:5e:4b:7b:bb:44:b7:24:2f:ea:
cb:97:90:a5:62:95:42:a2:d7:e2:94:89:58:d9:9f:90:2a:28:
11:d4:fc:c1:ae:b6:e9:02:c5:cb:fe:ea:20:43:0a:73:85:40:
05:0c:85:54:d0:8c:df:f1:02:c8:6d:2c:a9:9b:ef:35:d4:ac:
e7:f0:58:fa:85:1a:97:96:69:0b:17:92:0b:eb:60:81:2b:78:
a3:a0:1a:44:46:3c:6b:25:13:8a:f1:f7:84:75:6c:fd:16:23:
65:ce:b9:da:2b:cb:a9:46:86:50:63:61:e8:a8:8f:33:eb:1e:
5e:f8:44:69:1e:3d:97:9e:9d:30:5e:d4:26:2f:64:83:e7:5a:
1f:0f:a9:10:cb:ba:ba:16:a2:67:80:d6:28:1b:a0:fd:f3:b2:
d8:f9:3c:98:74:86:67:bd:6f:ac:a6:b7:66:fd:5c:01:13:e6:
cc:9f:27:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs+GyWzDjLQWol2n0feMDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2NlNTcxOWNhYTY4MWFkYmQ0OTNhOGQ5YTM4YTY3NWQ2
YmQ2MzkwHhcNMjMwMTAxMTA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY4YTFmOTI3OGFmOWI5YzgyYWZjMDkzMGYyYWVhYjZkZjRkNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9abseF3C3+imsiVCAzKL8cXH2W1
lJCX/ccmVISHdmZagbSimLa/pAHn1k1ly8nwuxli7uxeXUxglYvq0Bt1G+qE0iNt
hAAuS7oiDXD9c2nQg+7kGhT0KYIt40vg+OA/yCN6G2WzF8+moSqkIsQeVVZxPRE8
mV3LlfYKxPGv+hKyznKY6cChgJXALGqyj5IO4xodUAdkh8/sp3AAi1VRYEB1/6jx
bTkKpMgm8hNzXvLY1K9kJZjnY5uFaTj6pFPnTY4nF4Fk4C7BflJzxhrbqFou0RQk
L8rJvmIV2JWNTRduKaX/GTMmuPx6s/x1s1y/wQhRij5PMm5tysEQyMZtNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCD4ofknivm5yCr8CTDyrqtt9NaoMB8GA1UdIwQY
MBaAFEJ85XGcqmga29STqNmjimdda9Y5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTkt
MDkxYzJkMzAzZmU4LzEvSVBpaC1TZUstYm5JS3Z3Sk1QS3VxMjMwMXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTktMDkxYzJkMzAzZmU4
LzEvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLxgRAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAE4YGcB3F0hKaV6s7t1/xa5nbsuCWI9KrdYJYT
WJFqqiYP/tmBHpq4ZANWDS6ECEHMVOA0HkfN7OWyX1Ay4W2M4bMiE7N3qjsvwfs+
RBTK+jJeS3u7RLckL+rLl5ClYpVCotfilIlY2Z+QKigR1PzBrrbpAsXL/uogQwpz
hUAFDIVU0Izf8QLIbSypm+811Kzn8Fj6hRqXlmkLF5IL62CBK3ijoBpERjxrJROK
8feEdWz9FiNlzrnaK8upRoZQY2HoqI8z6x5e+ERpHj2Xnp0wXtQmL2SD51ofD6kQ
y7q6FqJngNYoG6D987LY+TyYdIZnvW+sprdm/VwBE+bMnyfN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:14 2024 by rpki-client on console-ams.rpki-client.org