Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/OnuO9NPOyQl3-MpvMB4Say5ATiI.roa
File: OnuO9NPOyQl3-MpvMB4Say5ATiI.roa (raw, json)
Hash identifier: nfM6QPTLtfnVmf2/TjcqKReDLKpKI78yDCVq6ZA4Dhc=
Subject key identifier: 3A:7B:8E:F4:D3:CE:C9:09:77:F8:CA:6F:30:1E:12:6B:2E:40:4E:22
Certificate issuer: /CN=c8c1dcf4c023467db3bf2eef3dd15b2efeeb2bd7
Certificate serial: 018CC26D4A582F8B50C6132857534721B816
Authority key identifier: C8:C1:DC:F4:C0:23:46:7D:B3:BF:2E:EF:3D:D1:5B:2E:FE:EB:2B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMHc9MAjRn2zvy7vPdFbLv7rK9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/OnuO9NPOyQl3-MpvMB4Say5ATiI.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203728
IP address blocks: 2001:678:90c::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Feb 2024 18:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4a:58:2f:8b:50:c6:13:28:57:53:47:21:b8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c1dcf4c023467db3bf2eef3dd15b2efeeb2bd7
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7b8ef4d3cec90977f8ca6f301e126b2e404e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:93:4c:92:7b:c3:27:53:5b:02:ce:88:3a:e3:
af:b7:40:31:52:ac:a5:de:ab:c8:1e:df:72:7a:e1:
e6:29:87:49:82:1d:f6:32:99:4d:49:c8:24:7b:3f:
4d:ef:53:9a:00:0e:97:2c:22:87:c4:8c:07:bb:d3:
32:e1:ce:bf:36:73:ba:e3:35:b8:fa:0d:a3:03:71:
60:96:10:26:5e:13:52:40:8c:53:23:b1:0b:c2:1e:
67:1d:c1:73:63:9e:d3:8e:63:24:8b:b5:d5:4c:53:
bf:3f:a9:28:9e:0c:08:e8:56:9f:49:39:b1:20:9e:
31:f2:fd:73:ef:dc:9b:67:4d:9f:ec:99:4c:de:7b:
b7:d1:47:9a:6f:06:35:b6:66:3c:67:92:60:61:2e:
50:89:57:c0:71:b0:b7:57:bb:f9:3a:12:31:cd:db:
6e:6d:7a:44:f4:6c:af:f2:5d:46:a7:e5:79:f8:85:
1d:45:1c:4d:1b:95:a3:a1:27:9c:2d:e3:85:f6:85:
a0:50:dd:ed:d5:9e:15:ef:eb:2e:b1:a5:7b:75:fd:
e9:5c:36:55:66:a3:ea:bf:5e:24:40:10:18:e7:6d:
10:bd:0a:c3:3b:0e:bb:e4:1c:2d:16:82:65:82:a6:
26:2f:fc:1e:db:70:4b:29:40:e5:b4:16:05:2b:af:
ae:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7B:8E:F4:D3:CE:C9:09:77:F8:CA:6F:30:1E:12:6B:2E:40:4E:22
X509v3 Authority Key Identifier:
keyid:C8:C1:DC:F4:C0:23:46:7D:B3:BF:2E:EF:3D:D1:5B:2E:FE:EB:2B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMHc9MAjRn2zvy7vPdFbLv7rK9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/OnuO9NPOyQl3-MpvMB4Say5ATiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ffd4-2382-4ca2-8603-44d92de438c9/1/yMHc9MAjRn2zvy7vPdFbLv7rK9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:90c::/48
Signature Algorithm: sha256WithRSAEncryption
6b:d5:6b:47:04:81:be:b6:b2:b2:3f:f7:4c:16:5e:44:1e:2b:
c7:5c:3a:8b:b3:6f:fd:9b:71:75:cf:7e:f3:f4:d3:08:c5:1a:
22:ed:24:aa:0a:22:30:44:0d:10:99:19:83:1d:5e:91:2b:b6:
26:de:18:fa:eb:c3:cf:2a:01:b8:43:ef:16:62:41:1c:31:c8:
40:4e:95:95:01:83:7d:a8:53:90:0b:18:ec:2b:fb:61:97:c4:
a8:dc:ae:59:70:c1:e6:56:05:fd:ed:37:07:b8:27:b6:97:80:
d2:00:5d:85:41:ae:cb:b0:64:d0:11:5f:12:51:93:f3:b9:04:
34:31:24:d1:0e:8e:9e:f3:0f:a5:b7:d9:3a:30:87:55:cc:1a:
4c:aa:b1:91:a9:88:24:5e:3b:0e:18:3e:a1:4e:3f:f2:0c:25:
ac:08:38:5e:c3:bc:e8:0f:c8:71:95:a0:39:94:fe:b2:80:1b:
eb:47:e9:37:73:7f:2f:aa:b3:2f:9c:f5:d4:5e:06:95:19:bf:
c5:ae:41:5e:dc:a4:3a:d0:c0:4a:0b:cb:d1:dd:d9:de:aa:97:
49:9e:ae:a8:88:8d:e6:32:41:12:47:0d:c4:9d:6c:f5:15:9f:
37:e5:35:91:46:f3:bb:c0:50:5a:33:1c:9d:33:06:09:a3:31:
a9:4e:92:0f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbUpYL4tQxhMoV1NHIbgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YzFkY2Y0YzAyMzQ2N2RiM2JmMmVlZjNkZDE1YjJlZmVl
YjJiZDcwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdiOGVmNGQzY2VjOTA5NzdmOGNhNmYzMDFlMTI2YjJlNDA0ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpNMknvDJ1NbAs6IOuOvt0AxUqyl
3qvIHt9yeuHmKYdJgh32MplNScgkez9N71OaAA6XLCKHxIwHu9My4c6/NnO64zW4
+g2jA3FglhAmXhNSQIxTI7ELwh5nHcFzY57TjmMki7XVTFO/P6kongwI6FafSTmx
IJ4x8v1z79ybZ02f7JlM3nu30UeabwY1tmY8Z5JgYS5QiVfAcbC3V7v5OhIxzdtu
bXpE9Gyv8l1Gp+V5+IUdRRxNG5WjoSecLeOF9oWgUN3t1Z4V7+susaV7df3pXDZV
ZqPqv14kQBAY520QvQrDOw675BwtFoJlgqYmL/we23BLKUDltBYFK6+uCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDp7jvTTzskJd/jKbzAeEmsuQE4iMB8GA1UdIwQY
MBaAFMjB3PTAI0Z9s78u7z3RWy7+6yvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU1IYzlNQWpSbjJ6dnk3dlBkRmJMdjdySzljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmZmZDQtMjM4Mi00Y2EyLTg2MDMt
NDRkOTJkZTQzOGM5LzEvT251TzlOUE95UWwzLU1wdk1CNFNheTVBVGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmZmZDQtMjM4Mi00Y2EyLTg2MDMtNDRkOTJkZTQzOGM5
LzEveU1IYzlNQWpSbjJ6dnk3dlBkRmJMdjdySzljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAkM
MA0GCSqGSIb3DQEBCwUAA4IBAQBr1WtHBIG+trKyP/dMFl5EHivHXDqLs2/9m3F1
z37z9NMIxRoi7SSqCiIwRA0QmRmDHV6RK7Ym3hj668PPKgG4Q+8WYkEcMchATpWV
AYN9qFOQCxjsK/thl8So3K5ZcMHmVgX97TcHuCe2l4DSAF2FQa7LsGTQEV8SUZPz
uQQ0MSTRDo6e8w+lt9k6MIdVzBpMqrGRqYgkXjsOGD6hTj/yDCWsCDhew7zoD8hx
laA5lP6ygBvrR+k3c38vqrMvnPXUXgaVGb/FrkFe3KQ60MBKC8vR3dneqpdJnq6o
iI3mMkESRw3EnWz1FZ835TWRRvO7wFBaMxydMwYJozGpTpIP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:00 2024 by rpki-client on console-fra.rpki-client.org