Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0iDAE802F7jFTq3Y5YfdZp6f-zA.roa
File: 0iDAE802F7jFTq3Y5YfdZp6f-zA.roa (raw, json)
Hash identifier: 7T/7n5SF4D30ZQRPgAy18SJa203v+IQXLfD8GQ52NI8=
Subject key identifier: D2:20:C0:13:CD:36:17:B8:C5:4E:AD:D8:E5:87:DD:66:9E:9F:FB:30
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018587A16DF62C65535D6E494C5BFC5C97C9
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0iDAE802F7jFTq3Y5YfdZp6f-zA.roa
Signing time: Fri 06 Jan 2023 15:09:41 +0000
ROA not before: Fri 06 Jan 2023 15:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150698
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0b:3c40:38::/48 maxlen: 48
2a0b:3c40:56::/48 maxlen: 48
2a0e:a942::/32 maxlen: 36
2a0b:3c40:19::/48 maxlen: 64
Validation: Failed, certificate revoked on Mon 09 Jan 2023 12:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:87:a1:6d:f6:2c:65:53:5d:6e:49:4c:5b:fc:5c:97:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 6 15:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d220c013cd3617b8c54eadd8e587dd669e9ffb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:be:68:c0:37:8d:e9:7f:69:95:87:d9:9b:53:
2f:50:c9:6a:cd:19:63:62:71:a5:fd:be:c0:5d:dd:
c5:87:d9:a4:67:6b:f2:ea:9e:50:03:14:ca:fa:44:
94:52:12:95:2a:af:9d:6a:bf:3d:27:cf:1d:49:1f:
0a:5d:4b:14:f7:13:ef:1a:d0:2f:0f:13:5c:a3:fd:
3a:cd:c8:b6:96:3b:06:7d:35:88:33:2d:11:ae:c4:
be:38:89:d7:4d:e0:fe:69:95:74:12:d7:44:71:40:
ca:b8:47:6d:b8:35:93:db:de:dc:0c:cc:6e:1d:56:
d0:b7:a5:83:0b:a6:c8:2e:ad:7b:52:3c:4f:42:a8:
bc:43:0f:95:5d:51:83:45:20:6a:fd:f1:f1:94:69:
c7:76:33:f9:a7:bb:bd:94:f4:11:23:2a:42:fb:b8:
64:80:3f:17:22:f2:e3:92:e5:65:f4:14:51:a8:73:
6e:5b:af:be:10:0f:8e:a9:d6:78:a5:3a:7e:f5:c7:
dc:95:bf:f3:e0:99:1d:8c:68:47:7b:9d:84:52:cd:
0e:52:b6:ae:00:cd:0e:ac:0c:c7:e4:1a:4d:7b:c0:
fb:f8:13:c1:3d:24:eb:75:b9:24:0d:9f:63:43:28:
81:0f:66:3e:24:53:27:22:7e:8f:23:1e:bb:58:bb:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:C0:13:CD:36:17:B8:C5:4E:AD:D8:E5:87:DD:66:9E:9F:FB:30
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0iDAE802F7jFTq3Y5YfdZp6f-zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:19::/48
2a0b:3c40:38::/48
2a0b:3c40:56::/48
2a0c:fe01::/32
2a0e:a942::/32
Signature Algorithm: sha256WithRSAEncryption
5a:1e:83:a4:12:b5:cc:45:aa:43:87:44:8b:8f:fb:7a:9c:66:
ea:49:d0:f7:4b:ff:5d:1f:e1:e0:c0:6f:ee:12:16:38:eb:30:
ce:99:3a:cd:22:c5:41:62:aa:f7:2a:80:93:19:1d:8d:97:68:
91:43:b3:b5:75:b1:ce:40:3d:3f:34:e0:3f:24:d0:63:b9:48:
e8:fd:ab:ca:c9:72:88:38:25:99:14:db:5d:4f:e2:d5:7a:ec:
15:e6:dc:c1:b8:9a:af:4e:63:6a:ac:28:83:37:b1:f3:80:08:
22:f2:62:53:f2:c9:6a:96:95:6f:2b:2b:a9:75:0e:31:06:cc:
28:6b:cf:3e:0d:fe:e1:8b:90:69:69:61:1b:a2:97:51:3e:44:
11:06:3c:e7:ea:ce:d7:1f:bb:42:bd:81:97:c1:76:22:c3:37:
c9:3c:6f:7f:a1:1a:17:24:53:85:61:fb:4b:82:49:c6:03:de:
bb:66:51:65:12:74:5f:bf:6c:39:ef:bd:f6:7f:6b:4a:4e:01:
35:63:12:40:d3:b5:91:d6:c3:a7:c1:32:5f:ad:cd:63:51:41:
a0:50:17:06:50:3d:90:b5:95:e5:5a:59:a8:7b:1c:d0:ee:73:
38:8d:9b:6c:ec:12:8b:e2:04:4c:61:9f:66:b2:1d:ca:2b:99:
51:68:e3:7a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYWHoW32LGVTXW5JTFv8XJfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTA2MTUwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIwYzAxM2NkMzYxN2I4YzU0ZWFkZDhlNTg3ZGQ2NjllOWZmYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL5owDeN6X9plYfZm1MvUMlqzRlj
YnGl/b7AXd3Fh9mkZ2vy6p5QAxTK+kSUUhKVKq+dar89J88dSR8KXUsU9xPvGtAv
DxNco/06zci2ljsGfTWIMy0RrsS+OInXTeD+aZV0EtdEcUDKuEdtuDWT297cDMxu
HVbQt6WDC6bILq17UjxPQqi8Qw+VXVGDRSBq/fHxlGnHdjP5p7u9lPQRIypC+7hk
gD8XIvLjkuVl9BRRqHNuW6++EA+OqdZ4pTp+9cfclb/z4JkdjGhHe52EUs0OUrau
AM0OrAzH5BpNe8D7+BPBPSTrdbkkDZ9jQyiBD2Y+JFMnIn6PIx67WLuuPQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNIgwBPNNhe4xU6t2OWH3Waen/swMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMGlEQUU4MDJGN2pGVHEzWTVZZmRacDZmLXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgs8QAAZ
AwcAKgs8QAA4AwcAKgs8QABWAwUAKgz+AQMFACoOqUIwDQYJKoZIhvcNAQELBQAD
ggEBAFoeg6QStcxFqkOHRIuP+3qcZupJ0PdL/10f4eDAb+4SFjjrMM6ZOs0ixUFi
qvcqgJMZHY2XaJFDs7V1sc5APT804D8k0GO5SOj9q8rJcog4JZkU211P4tV67BXm
3MG4mq9OY2qsKIM3sfOACCLyYlPyyWqWlW8rK6l1DjEGzChrzz4N/uGLkGlpYRui
l1E+RBEGPOfqztcfu0K9gZfBdiLDN8k8b3+hGhckU4Vh+0uCScYD3rtmUWUSdF+/
bDnvvfZ/a0pOATVjEkDTtZHWw6fBMl+tzWNRQaBQFwZQPZC1leVaWah7HNDucziN
m2zsEoviBExhn2ayHcormVFo43o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org