Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/iKIXSrkvZNH5Mi56AWJGzVizK6s.roa
File: iKIXSrkvZNH5Mi56AWJGzVizK6s.roa (raw, json)
Hash identifier: 4cNi62NBeA+tJ1DdBYRIZ6t1NhcTG3EHXubW7S6Ma/U=
Subject key identifier: 88:A2:17:4A:B9:2F:64:D1:F9:32:2E:7A:01:62:46:CD:58:B3:2B:AB
Certificate issuer: /CN=ca9c980eaa16141b5c4815c6389ca25b3f2ed77c
Certificate serial: 01856CE5FAF6FBABA5C30CFBDE4EE43A0AF1
Authority key identifier: CA:9C:98:0E:AA:16:14:1B:5C:48:15:C6:38:9C:A2:5B:3F:2E:D7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypyYDqoWFBtcSBXGOJyiWz8u13w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/iKIXSrkvZNH5Mi56AWJGzVizK6s.roa
Signing time: Sun 01 Jan 2023 10:34:49 +0000
ROA not before: Sun 01 Jan 2023 10:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202329
IP address blocks: 2001:678:6e0::/48 maxlen: 48
2001:678:6e3::/48 maxlen: 48
2001:678:6e0::/45 maxlen: 45
2001:678:6e2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:fa:f6:fb:ab:a5:c3:0c:fb:de:4e:e4:3a:0a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9c980eaa16141b5c4815c6389ca25b3f2ed77c
Validity
Not Before: Jan 1 10:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a2174ab92f64d1f9322e7a016246cd58b32bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:be:31:8c:af:9b:09:df:26:cb:fc:75:b2:92:
6f:a8:d2:2e:23:fb:95:24:f5:1d:b2:88:72:b0:ec:
07:0e:32:64:78:1b:7f:2f:85:f3:28:85:86:ad:58:
5c:e0:12:86:27:5d:99:40:ca:d6:a7:2b:1e:ec:c1:
af:b9:86:48:d3:3d:fe:e3:98:bc:0a:e8:6d:28:3c:
5c:ff:d2:97:ae:93:e1:92:ca:fd:00:b1:27:1d:41:
0c:7f:3f:54:26:54:ea:d8:79:1c:41:bb:a6:50:e1:
b8:dc:ad:b2:77:ad:db:64:c4:4c:eb:bc:7a:19:41:
8b:47:b0:dc:7d:47:f6:61:e8:9b:02:4f:52:09:2b:
38:2f:e0:53:00:46:b2:55:10:bb:07:34:d3:01:b1:
0a:56:49:e9:14:e8:27:35:b7:7a:8f:a7:48:12:9a:
f3:85:c6:92:ad:a7:1e:17:2a:11:df:ed:74:19:1a:
90:cf:4d:dd:c6:0a:45:96:2d:46:3b:0f:a0:ee:51:
7f:a7:94:6a:d2:94:64:96:ac:e3:7d:a1:92:fc:dc:
c6:45:99:5b:92:46:28:d7:f7:9b:26:06:36:12:44:
0e:e3:d9:ad:af:13:ba:76:bb:62:7a:57:c8:95:5d:
52:ea:4d:f9:ca:95:d3:ae:e5:19:c8:53:0e:1c:20:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:17:4A:B9:2F:64:D1:F9:32:2E:7A:01:62:46:CD:58:B3:2B:AB
X509v3 Authority Key Identifier:
keyid:CA:9C:98:0E:AA:16:14:1B:5C:48:15:C6:38:9C:A2:5B:3F:2E:D7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypyYDqoWFBtcSBXGOJyiWz8u13w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/iKIXSrkvZNH5Mi56AWJGzVizK6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c981c-657c-45be-bff6-be5e050b00f0/1/ypyYDqoWFBtcSBXGOJyiWz8u13w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:6e0::/45
Signature Algorithm: sha256WithRSAEncryption
16:4d:c0:33:00:bf:9b:f1:6f:ce:24:a3:ba:f8:65:bb:b0:a1:
65:f6:c4:70:ec:ab:6d:a0:4b:2f:01:ce:ec:29:83:3c:89:60:
2f:78:03:32:25:62:41:8c:85:f1:b6:04:ab:ac:8b:a2:47:c9:
e5:92:78:c8:bd:1b:84:eb:51:58:4f:f4:a5:b0:5c:76:82:e5:
cf:c4:97:98:ec:53:d2:1e:e4:65:a8:96:a9:36:6c:9c:71:e0:
ad:97:6d:26:be:44:ad:60:d0:2c:f9:dc:11:82:9d:ed:8b:4d:
c8:9b:f0:97:3e:2e:7e:10:1f:74:06:a9:f8:86:74:ac:2f:88:
0e:69:6f:90:d6:12:43:1b:84:69:98:7f:68:6d:4e:f8:93:7f:
a3:0a:2e:2c:4b:99:29:77:af:b5:5f:f3:ee:0e:c0:2f:ae:07:
fc:62:29:29:9b:f3:a1:ff:3c:c6:06:37:ed:19:3f:2c:60:81:
5f:a0:de:f3:fc:de:f9:96:f6:38:01:d6:21:02:d0:d4:a9:f0:
e2:a9:82:8a:78:c9:4d:52:e6:7d:6d:2d:be:81:2c:c7:13:ab:
93:08:d6:a0:c8:12:35:96:bd:3d:fe:76:f6:92:fc:cd:10:f5:
e5:fe:f9:26:65:38:73:bd:d2:b6:66:1a:e7:ff:63:e5:da:83:
b7:e2:10:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs5fr2+6ulwwz73k7kOgrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWM5ODBlYWExNjE0MWI1YzQ4MTVjNjM4OWNhMjViM2Yy
ZWQ3N2MwHhcNMjMwMTAxMTAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGEyMTc0YWI5MmY2NGQxZjkzMjJlN2EwMTYyNDZjZDU4YjMyYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL4xjK+bCd8my/x1spJvqNIuI/uV
JPUdsohysOwHDjJkeBt/L4XzKIWGrVhc4BKGJ12ZQMrWpyse7MGvuYZI0z3+45i8
CuhtKDxc/9KXrpPhksr9ALEnHUEMfz9UJlTq2HkcQbumUOG43K2yd63bZMRM67x6
GUGLR7DcfUf2YeibAk9SCSs4L+BTAEayVRC7BzTTAbEKVknpFOgnNbd6j6dIEprz
hcaSraceFyoR3+10GRqQz03dxgpFli1GOw+g7lF/p5Rq0pRklqzjfaGS/NzGRZlb
kkYo1/ebJgY2EkQO49mtrxO6drtielfIlV1S6k35ypXTruUZyFMOHCDtNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIiiF0q5L2TR+TIuegFiRs1YsyurMB8GA1UdIwQY
MBaAFMqcmA6qFhQbXEgVxjicols/Ltd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB5WURxb1dGQnRjU0JYR09KeWlXejh1MTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81Yzk4MWMtNjU3Yy00NWJlLWJmZjYt
YmU1ZTA1MGIwMGYwLzEvaUtJWFNya3ZaTkg1TWk1NkFXSkd6Vml6SzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81Yzk4MWMtNjU3Yy00NWJlLWJmZjYtYmU1ZTA1MGIwMGYw
LzEveXB5WURxb1dGQnRjU0JYR09KeWlXejh1MTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDIAEGeAbg
MA0GCSqGSIb3DQEBCwUAA4IBAQAWTcAzAL+b8W/OJKO6+GW7sKFl9sRw7KttoEsv
Ac7sKYM8iWAveAMyJWJBjIXxtgSrrIuiR8nlknjIvRuE61FYT/SlsFx2guXPxJeY
7FPSHuRlqJapNmycceCtl20mvkStYNAs+dwRgp3ti03Im/CXPi5+EB90Bqn4hnSs
L4gOaW+Q1hJDG4RpmH9obU74k3+jCi4sS5kpd6+1X/PuDsAvrgf8Yikpm/Oh/zzG
BjftGT8sYIFfoN7z/N75lvY4AdYhAtDUqfDiqYKKeMlNUuZ9bS2+gSzHE6uTCNag
yBI1lr09/nb2kvzNEPXl/vkmZThzvdK2Zhrn/2Pl2oO34hAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org