Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ofJ89AKAhRssBTRniYWkpLiTYd4.roa
File: ofJ89AKAhRssBTRniYWkpLiTYd4.roa (raw, json)
Hash identifier: 0tynuPAast21NnvDxBaqKT2g2fAqxuW65gOPIy761uo=
Subject key identifier: A1:F2:7C:F4:02:80:85:1B:2C:05:34:67:89:85:A4:A4:B8:93:61:DE
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F90B21DC9C9FAEB9E4E666805409
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ofJ89AKAhRssBTRniYWkpLiTYd4.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398646
IP address blocks: 2a0c:9a40:808b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 09:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f9:0b:21:dc:9c:9f:ae:b9:e4:e6:66:80:54:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1f27cf40280851b2c0534678985a4a4b89361de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:48:e0:37:a0:ea:49:22:8c:85:a6:d0:28:
2a:ad:a1:64:fe:82:c2:b5:6e:19:97:5d:d8:2c:c2:
0a:05:56:8b:e3:41:52:4e:7d:2a:3d:19:e6:6e:77:
eb:b1:42:d8:33:ed:55:0c:9d:d0:32:d5:d9:85:d7:
a5:66:55:64:3d:28:76:9e:c9:36:6f:a8:3d:49:d4:
34:79:04:a2:db:7e:06:0f:21:7e:16:bb:b6:43:15:
93:49:e8:10:ef:c3:f7:a4:c3:8e:8d:ac:9c:42:33:
c8:c3:2d:43:cb:98:dc:de:8c:5d:aa:86:40:2d:f2:
94:df:52:f8:af:a3:93:cd:53:d5:7c:30:fc:ae:53:
a7:83:d0:5f:7b:8b:7e:3b:15:51:82:94:4b:c6:7b:
c6:33:13:ea:6c:cb:e1:9e:b3:8c:8c:28:50:07:7f:
08:53:ce:21:e2:59:44:92:6f:c9:fb:ca:42:c0:b5:
c6:c3:f2:62:84:52:42:c4:62:4d:c3:08:8d:7c:dd:
7f:e2:c7:2e:4f:37:02:a0:e9:09:68:82:8d:59:b5:
3a:6e:cb:85:6e:a1:f5:0c:a5:19:4d:d4:1a:d8:ab:
82:1c:cf:e2:f3:55:94:32:fb:54:f5:90:91:46:2f:
8e:bd:d4:8e:b5:b0:a6:4f:c3:85:1a:56:cf:3a:f8:
05:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F2:7C:F4:02:80:85:1B:2C:05:34:67:89:85:A4:A4:B8:93:61:DE
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ofJ89AKAhRssBTRniYWkpLiTYd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:808b::/48
Signature Algorithm: sha256WithRSAEncryption
78:bb:79:08:ae:86:6b:20:c9:f0:bc:7f:a9:31:e6:86:44:97:
59:5b:17:74:75:33:da:e1:10:7d:be:4a:36:7a:5d:da:01:0e:
d8:59:86:ce:63:c4:c3:79:b9:be:77:83:75:9f:d8:d0:68:35:
74:17:4e:cc:52:3d:23:73:8e:b9:09:05:f6:1b:bf:27:ce:7b:
5f:9e:39:95:96:95:60:8e:68:b9:1c:4d:56:5b:7a:9d:70:dd:
c9:d0:5c:4f:94:3e:6d:30:57:21:95:2d:96:03:0d:a6:9b:f0:
07:86:c8:1c:e8:ba:0f:4b:b3:09:94:66:01:46:5f:69:3d:1a:
99:4f:34:3c:84:23:84:4e:00:a8:c4:a3:33:0b:b6:1c:81:78:
89:62:59:49:21:a8:60:45:48:91:b5:6a:b6:d9:1d:d4:25:a2:
31:d0:48:17:0e:76:64:b6:10:51:29:d7:0b:48:f3:09:d1:85:
1b:9a:f7:2e:93:dc:34:74:a1:81:a0:2c:42:5c:e1:17:ba:3a:
34:d2:0f:6d:47:1c:92:2e:21:4c:b6:d5:9d:0a:5b:36:0a:fd:
9b:c9:78:40:0b:a1:f9:b7:40:a0:63:73:f4:ca:25:4b:e7:12:
e0:7f:f7:f0:e2:a9:a0:0c:da:be:13:b6:84:76:30:d9:f9:eb:
70:cf:3f:ad
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPkLIdycn6655OZmgFQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYyN2NmNDAyODA4NTFiMmMwNTM0Njc4OTg1YTRhNGI4OTM2MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknBI4Deg6kkijIWm0CgqraFk/oLC
tW4Zl13YLMIKBVaL40FSTn0qPRnmbnfrsULYM+1VDJ3QMtXZhdelZlVkPSh2nsk2
b6g9SdQ0eQSi234GDyF+Fru2QxWTSegQ78P3pMOOjaycQjPIwy1Dy5jc3oxdqoZA
LfKU31L4r6OTzVPVfDD8rlOng9Bfe4t+OxVRgpRLxnvGMxPqbMvhnrOMjChQB38I
U84h4llEkm/J+8pCwLXGw/JihFJCxGJNwwiNfN1/4scuTzcCoOkJaIKNWbU6bsuF
bqH1DKUZTdQa2KuCHM/i81WUMvtU9ZCRRi+OvdSOtbCmT8OFGlbPOvgFpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKHyfPQCgIUbLAU0Z4mFpKS4k2HeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvb2ZKODlBS0FoUnNzQlRSbmlZV2twTGlUWWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICL
MA0GCSqGSIb3DQEBCwUAA4IBAQB4u3kIroZrIMnwvH+pMeaGRJdZWxd0dTPa4RB9
vko2el3aAQ7YWYbOY8TDebm+d4N1n9jQaDV0F07MUj0jc465CQX2G78nzntfnjmV
lpVgjmi5HE1WW3qdcN3J0FxPlD5tMFchlS2WAw2mm/AHhsgc6LoPS7MJlGYBRl9p
PRqZTzQ8hCOETgCoxKMzC7YcgXiJYllJIahgRUiRtWq22R3UJaIx0EgXDnZkthBR
KdcLSPMJ0YUbmvcuk9w0dKGBoCxCXOEXujo00g9tRxySLiFMttWdCls2Cv2byXhA
C6H5t0CgY3P0yiVL5xLgf/fw4qmgDNq+E7aEdjDZ+etwzz+t
-----END CERTIFICATE-----
Generated at Thu Jan 18 12:37:41 2024 by rpki-client on console-ams.rpki-client.org