Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3BhYG5TIufJvdZGct9szT7zGHis.roa
File: 3BhYG5TIufJvdZGct9szT7zGHis.roa (raw, json)
Hash identifier: SCjPwXjZTae1UNtB2loI7xAOkrXdNxYIOo3/tBdPI64=
Subject key identifier: DC:18:58:1B:94:C8:B9:F2:6F:75:91:9C:B7:DB:33:4F:BC:C6:1E:2B
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC5011B280DBC95A91B27FE11EA8DA1E8
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3BhYG5TIufJvdZGct9szT7zGHis.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200250
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 11:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1b:28:0d:bc:95:a9:1b:27:fe:11:ea:8d:a1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc18581b94c8b9f26f75919cb7db334fbcc61e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:16:bb:35:9f:6d:30:51:17:17:73:eb:1d:
a4:14:69:19:4f:a5:04:35:b7:6b:92:b9:f9:be:1e:
e9:3e:c9:e2:54:13:7b:a2:5a:ab:7b:30:f9:c5:7e:
eb:19:dc:f2:31:62:1e:09:b2:8a:35:c1:ec:72:4a:
d2:e2:36:8d:ef:e3:20:77:9d:33:32:b0:15:14:c1:
c3:53:5a:6f:2b:9d:67:81:49:47:8f:b3:6a:1f:37:
e7:a1:1c:56:19:be:08:ff:18:c3:85:77:f1:35:ba:
28:ae:8c:b2:90:90:82:4e:b7:c5:72:52:51:35:53:
14:99:ba:6d:ba:fb:20:9f:22:77:7d:03:dd:62:05:
d4:98:d7:40:54:36:95:db:88:af:7b:ea:79:8a:94:
cb:c9:42:ab:64:7b:3a:74:82:88:d1:37:6b:01:98:
76:ec:29:61:4a:bd:a6:ce:7b:24:91:30:5a:10:c0:
5b:31:b5:f4:7c:2b:37:17:04:0a:45:ca:2f:67:7e:
9a:ee:2b:12:b6:c0:85:ca:81:86:1d:0d:8d:e3:38:
ce:08:fe:3e:ba:4b:55:cc:18:bd:c5:da:d4:ad:c0:
13:cc:99:0c:b0:95:40:df:1a:c8:32:fd:ce:c9:aa:
fa:a4:76:94:02:7f:e1:2a:88:33:91:4e:fd:a5:77:
65:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:18:58:1B:94:C8:B9:F2:6F:75:91:9C:B7:DB:33:4F:BC:C6:1E:2B
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3BhYG5TIufJvdZGct9szT7zGHis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
Signature Algorithm: sha256WithRSAEncryption
71:7a:2e:9c:08:20:df:dd:b0:83:1f:27:35:9d:7a:b2:f4:26:
d1:92:ec:00:c5:9f:12:e3:c2:15:d3:b1:5a:3e:15:9e:60:22:
6e:3b:b6:48:b0:50:a4:27:03:e2:a5:a7:e9:b7:32:5a:24:9c:
fa:7d:55:de:46:4d:7c:24:c5:5e:15:58:dd:2d:ec:f6:6c:8c:
df:b6:9c:e2:c3:03:b3:a7:82:2c:0e:3f:07:5e:53:d5:66:2c:
a9:1a:d0:e4:5b:3f:e6:fc:8c:7e:25:d0:5e:b1:a3:2c:52:43:
4a:17:89:24:fd:f3:56:51:46:32:d8:56:5e:00:c8:4d:38:9b:
14:cc:f5:7e:e6:0c:4a:21:cf:42:8d:f2:0a:32:03:96:ce:ca:
9a:4f:75:e8:6d:a8:8f:4e:ca:5d:e7:5d:29:9a:c5:d5:c8:be:
67:c5:43:75:40:26:3d:dc:fb:f0:0a:ea:73:9f:bd:f6:ad:7e:
b3:a3:54:92:1c:65:a3:cf:b9:6c:02:7e:c0:a9:3f:c6:9f:8e:
ca:f0:79:6a:c4:eb:5c:15:7f:ea:e0:3e:66:c8:92:bf:22:11:
97:c7:d6:c4:40:53:6d:71:32:3f:8c:67:d8:72:fc:8b:ea:cd:
d6:d6:a1:ef:5f:0f:2c:cd:87:86:52:84:67:05:27:2c:a8:4d:
34:f9:74:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFARsoDbyVqRsn/hHqjaHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzE4NTgxYjk0YzhiOWYyNmY3NTkxOWNiN2RiMzM0ZmJjYzYxZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFoWuzWfbTBRFxdz6x2kFGkZT6UE
Nbdrkrn5vh7pPsniVBN7olqrezD5xX7rGdzyMWIeCbKKNcHsckrS4jaN7+Mgd50z
MrAVFMHDU1pvK51ngUlHj7NqHzfnoRxWGb4I/xjDhXfxNbooroyykJCCTrfFclJR
NVMUmbptuvsgnyJ3fQPdYgXUmNdAVDaV24ive+p5ipTLyUKrZHs6dIKI0TdrAZh2
7ClhSr2mznskkTBaEMBbMbX0fCs3FwQKRcovZ36a7isStsCFyoGGHQ2N4zjOCP4+
uktVzBi9xdrUrcATzJkMsJVA3xrIMv3Oyar6pHaUAn/hKogzkU79pXdlMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNwYWBuUyLnyb3WRnLfbM0+8xh4rMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvM0JoWUc1VEl1Zkp2ZFpHY3Q5c3pUN3pHSGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgz+AQMF
ACoOqUIwDQYJKoZIhvcNAQELBQADggEBAHF6LpwIIN/dsIMfJzWderL0JtGS7ADF
nxLjwhXTsVo+FZ5gIm47tkiwUKQnA+Klp+m3MloknPp9Vd5GTXwkxV4VWN0t7PZs
jN+2nOLDA7OngiwOPwdeU9VmLKka0ORbP+b8jH4l0F6xoyxSQ0oXiST981ZRRjLY
Vl4AyE04mxTM9X7mDEohz0KN8goyA5bOyppPdehtqI9Oyl3nXSmaxdXIvmfFQ3VA
Jj3c+/AK6nOfvfatfrOjVJIcZaPPuWwCfsCpP8afjsrweWrE61wVf+rgPmbIkr8i
EZfH1sRAU21xMj+MZ9hy/IvqzdbWoe9fDyzNh4ZShGcFJyyoTTT5dOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org