Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/Oj8e2M0RyzFkI_mFuYD9yeixtVw.roa
File: Oj8e2M0RyzFkI_mFuYD9yeixtVw.roa (raw, json)
Hash identifier: PTu5VSfXGAG8Eb1S5rTS6DbDQMdfQlPkVh/98ZBZSj8=
Subject key identifier: 3A:3F:1E:D8:CD:11:CB:31:64:23:F9:85:B9:80:FD:C9:E8:B1:B5:5C
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 0185B9F8B1D63E8C7429CF9BCC93594829EC
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/Oj8e2M0RyzFkI_mFuYD9yeixtVw.roa
Signing time: Mon 16 Jan 2023 09:46:01 +0000
ROA not before: Mon 16 Jan 2023 09:46:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a04:30c0::/32 maxlen: 32
2a06:2600::/32 maxlen: 32
2a02:166a::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:f8:b1:d6:3e:8c:74:29:cf:9b:cc:93:59:48:29:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 16 09:46:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3f1ed8cd11cb316423f985b980fdc9e8b1b55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:94:c7:1b:82:66:ab:3c:47:f6:55:c4:1b:
d5:41:d6:ea:db:46:30:c0:89:92:78:44:c9:7b:5e:
e6:5f:86:ed:ac:ca:12:d5:db:47:f4:2f:d1:62:62:
03:b4:94:ec:7a:8a:b6:44:db:a6:52:d3:fa:fe:5d:
30:63:48:c5:08:f3:68:75:a5:b0:0b:0a:58:2e:4c:
dc:81:6e:ad:b7:56:7b:2a:21:4d:a7:9b:14:77:93:
99:47:2e:ea:8c:96:1c:a8:23:22:a4:c7:74:cd:9a:
9c:28:fb:0f:9d:5f:bf:ad:41:ae:6a:92:4a:95:93:
f3:f6:46:4b:54:74:c1:38:6b:c8:ef:7d:06:e3:52:
a7:2d:f0:51:d6:cb:5c:ba:2d:b7:b6:03:df:6d:e0:
de:7e:f6:77:90:fe:e3:f0:6b:8e:0c:b0:09:9b:cb:
43:1a:d7:f7:6a:78:b7:3a:7c:f9:f0:f7:f5:ea:94:
4e:a4:2f:ca:71:4d:f0:ce:fe:de:c2:e6:26:43:de:
05:33:83:14:b2:7e:5d:12:ab:78:d8:49:ed:00:6f:
ac:0a:3a:3d:64:37:57:b7:66:d7:bf:bc:d8:5a:0e:
da:b6:26:66:10:5f:67:d9:b3:6a:04:7e:a8:84:b4:
dd:96:f5:82:a5:53:3c:90:e7:9a:48:35:e5:2c:4a:
1e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3F:1E:D8:CD:11:CB:31:64:23:F9:85:B9:80:FD:C9:E8:B1:B5:5C
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/Oj8e2M0RyzFkI_mFuYD9yeixtVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:166a::/32
2a04:30c0::/32
2a06:2600::/32
Signature Algorithm: sha256WithRSAEncryption
8b:1f:5a:ee:ba:e3:4d:2e:f9:cd:a7:ac:f1:94:2a:84:a4:46:
3e:92:a2:b5:8e:87:c7:7f:73:52:5d:52:6f:56:1d:ec:56:a6:
10:d9:c5:9d:84:36:a7:de:a5:90:4a:02:77:8c:73:80:b8:09:
01:bd:0a:04:07:d6:2e:de:3e:2e:fd:33:52:75:6b:0c:ca:48:
02:f3:6b:0f:e5:47:7e:d6:0f:cf:5a:1b:d0:27:76:11:28:ff:
05:9b:5e:a2:11:bf:bd:3f:2d:fe:03:66:ee:8e:80:6b:e2:c1:
8d:68:fa:93:2e:a1:c0:70:a1:47:3c:2a:9b:03:76:f5:cd:90:
47:7d:8f:e1:68:d8:37:2a:09:57:b9:6e:0e:a9:49:cc:ce:d4:
34:40:d5:40:d1:29:95:8f:31:cd:48:11:19:1a:f6:71:f0:4d:
1b:1f:ce:64:ce:6d:23:c6:e1:10:ef:a7:d8:2f:e5:49:57:65:
7f:de:a3:bc:42:ef:53:df:bc:b4:94:8b:c1:7e:e0:86:52:01:
f8:d6:cb:6f:3b:9f:25:29:d5:e9:3f:9f:fd:9f:4e:bc:68:57:
74:81:49:05:29:58:d7:7a:96:9d:54:78:06:65:86:40:8e:f8:
da:f3:f3:b1:79:2d:ac:ab:bc:16:36:13:f9:b5:ef:02:c9:58:
a1:e3:0d:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYW5+LHWPox0Kc+bzJNZSCnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjMwMTE2MDk0NjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTNmMWVkOGNkMTFjYjMxNjQyM2Y5ODViOTgwZmRjOWU4YjFiNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssWUxxuCZqs8R/ZVxBvVQdbq20Yw
wImSeETJe17mX4btrMoS1dtH9C/RYmIDtJTseoq2RNumUtP6/l0wY0jFCPNodaWw
CwpYLkzcgW6tt1Z7KiFNp5sUd5OZRy7qjJYcqCMipMd0zZqcKPsPnV+/rUGuapJK
lZPz9kZLVHTBOGvI730G41KnLfBR1stcui23tgPfbeDefvZ3kP7j8GuODLAJm8tD
Gtf3ani3Onz58Pf16pROpC/KcU3wzv7ewuYmQ94FM4MUsn5dEqt42EntAG+sCjo9
ZDdXt2bXv7zYWg7atiZmEF9n2bNqBH6ohLTdlvWCpVM8kOeaSDXlLEoePwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDo/HtjNEcsxZCP5hbmA/cnosbVcMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvT2o4ZTJNMFJ5ekZrSV9tRnVZRDl5ZWl4dFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgIWagMF
ACoEMMADBQAqBiYAMA0GCSqGSIb3DQEBCwUAA4IBAQCLH1ruuuNNLvnNp6zxlCqE
pEY+kqK1jofHf3NSXVJvVh3sVqYQ2cWdhDan3qWQSgJ3jHOAuAkBvQoEB9Yu3j4u
/TNSdWsMykgC82sP5Ud+1g/PWhvQJ3YRKP8Fm16iEb+9Py3+A2bujoBr4sGNaPqT
LqHAcKFHPCqbA3b1zZBHfY/haNg3KglXuW4OqUnMztQ0QNVA0SmVjzHNSBEZGvZx
8E0bH85kzm0jxuEQ76fYL+VJV2V/3qO8Qu9T37y0lIvBfuCGUgH41stvO58lKdXp
P5/9n068aFd0gUkFKVjXepadVHgGZYZAjvja8/OxeS2sq7wWNhP5te8CyVih4w3J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org