Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/MaqT3RkF9mf_0V_S5iRkXusFc0E.roa
File: MaqT3RkF9mf_0V_S5iRkXusFc0E.roa (raw, json)
Hash identifier: tkDrUpxf3tFRNxJDYg04oOoLjgx5iCVNSIBDjH/MJNk=
Subject key identifier: 31:AA:93:DD:19:05:F6:67:FF:D1:5F:D2:E6:24:64:5E:EB:05:73:41
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01857893FAC2F1B539C79D65BB49C142B5D3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/MaqT3RkF9mf_0V_S5iRkXusFc0E.roa
Signing time: Tue 03 Jan 2023 17:00:41 +0000
ROA not before: Tue 03 Jan 2023 17:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150698
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0b:3c40:38::/48 maxlen: 48
2a0b:3c40:56::/48 maxlen: 48
2a0e:a942::/32 maxlen: 36
2a0b:3c40:19::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Jan 2023 15:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:93:fa:c2:f1:b5:39:c7:9d:65:bb:49:c1:42:b5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 3 17:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31aa93dd1905f667ffd15fd2e624645eeb057341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:38:ef:e4:d1:e3:d8:ac:47:99:ac:ab:c2:62:
58:f4:38:55:9e:20:2f:dc:c9:94:9e:99:20:7f:65:
d3:e9:8e:7f:c1:03:f4:0b:11:43:e8:d7:f1:38:e7:
b5:8e:4e:35:66:92:45:40:fc:13:ef:d8:25:46:ea:
52:ca:51:84:ec:59:03:18:96:78:35:60:4e:5b:f7:
eb:4d:fd:5d:06:86:4c:3f:9b:5e:11:f6:fe:4e:f1:
69:6c:21:3c:17:92:a8:ee:40:d4:f7:55:4a:8f:4d:
b7:78:d8:dc:5d:29:db:0a:8a:f7:c6:87:ed:45:95:
28:3d:25:01:d0:10:41:64:36:0a:47:d8:33:67:fd:
db:2d:21:90:2b:49:bb:f7:bd:d7:2b:49:0b:d8:e5:
19:2e:c2:43:86:a8:ef:de:77:9a:80:84:af:cb:50:
e2:76:fc:65:c4:e4:de:50:22:23:42:ed:9b:2d:bf:
f0:65:be:d1:99:02:58:e1:f8:ce:c2:f6:a8:24:38:
19:8d:d4:70:5b:b6:16:b1:30:ce:5b:0f:91:ce:20:
87:12:9f:5f:24:0c:02:8a:6c:aa:8a:24:57:de:42:
92:fd:fe:41:de:50:f5:0c:bb:7c:5b:b5:13:01:88:
6f:a5:a7:f1:79:f6:e0:66:b0:2f:22:68:54:18:14:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AA:93:DD:19:05:F6:67:FF:D1:5F:D2:E6:24:64:5E:EB:05:73:41
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/MaqT3RkF9mf_0V_S5iRkXusFc0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:19::/48
2a0b:3c40:38::/48
2a0b:3c40:56::/48
2a0c:fe01::/32
2a0e:a942::/32
Signature Algorithm: sha256WithRSAEncryption
0e:be:07:46:4e:03:e2:54:c5:32:36:a1:c5:ea:03:7c:95:76:
fa:bc:c0:e2:d2:7d:45:a6:ad:c7:95:97:d2:3e:22:dc:39:57:
8a:89:22:bb:79:4a:1a:64:9f:66:1c:7c:50:67:ce:a6:1d:21:
53:5c:90:57:65:91:8a:f5:a0:67:c0:e6:bc:1b:e8:ca:50:6d:
19:58:c3:65:b9:c6:38:83:c9:1f:af:79:84:0d:39:ea:78:b9:
45:4f:bd:58:51:8d:78:46:9d:08:61:41:16:5f:f5:3a:5b:e4:
32:6f:04:ad:fa:7f:af:d5:0f:c0:17:5c:79:b9:7c:34:78:d8:
ad:fe:ab:6b:46:23:0f:60:0d:ed:4e:83:09:2f:11:56:ac:a4:
28:9e:ee:bc:35:41:cd:b2:d5:da:8c:24:21:be:6d:48:7f:87:
67:4b:38:22:4d:41:50:2c:3d:17:4f:79:76:34:cb:d5:67:e4:
25:ce:a4:e5:e7:df:b8:58:0e:f6:12:73:77:51:9f:cb:65:ae:
45:40:1d:a5:85:a4:60:f5:b6:c1:43:22:74:3d:5b:53:4a:53:
fc:e6:ac:e5:db:3f:1b:9a:bf:ef:18:3b:e3:40:94:4d:3e:91:
f5:78:ed:a9:bb:a2:f0:56:75:e8:4e:a1:e9:a6:92:10:b1:8e:
f7:49:2c:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYV4k/rC8bU5x51lu0nBQrXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAzMTcwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFhOTNkZDE5MDVmNjY3ZmZkMTVmZDJlNjI0NjQ1ZWViMDU3MzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizjv5NHj2KxHmayrwmJY9DhVniAv
3MmUnpkgf2XT6Y5/wQP0CxFD6NfxOOe1jk41ZpJFQPwT79glRupSylGE7FkDGJZ4
NWBOW/frTf1dBoZMP5teEfb+TvFpbCE8F5Ko7kDU91VKj023eNjcXSnbCor3xoft
RZUoPSUB0BBBZDYKR9gzZ/3bLSGQK0m7973XK0kL2OUZLsJDhqjv3neagISvy1Di
dvxlxOTeUCIjQu2bLb/wZb7RmQJY4fjOwvaoJDgZjdRwW7YWsTDOWw+RziCHEp9f
JAwCimyqiiRX3kKS/f5B3lD1DLt8W7UTAYhvpafxefbgZrAvImhUGBQtbwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDGqk90ZBfZn/9Ff0uYkZF7rBXNBMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvTWFxVDNSa0Y5bWZfMFZfUzVpUmtYdXNGYzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgs8QAAZ
AwcAKgs8QAA4AwcAKgs8QABWAwUAKgz+AQMFACoOqUIwDQYJKoZIhvcNAQELBQAD
ggEBAA6+B0ZOA+JUxTI2ocXqA3yVdvq8wOLSfUWmrceVl9I+Itw5V4qJIrt5Shpk
n2YcfFBnzqYdIVNckFdlkYr1oGfA5rwb6MpQbRlYw2W5xjiDyR+veYQNOep4uUVP
vVhRjXhGnQhhQRZf9Tpb5DJvBK36f6/VD8AXXHm5fDR42K3+q2tGIw9gDe1Ogwkv
EVaspCie7rw1Qc2y1dqMJCG+bUh/h2dLOCJNQVAsPRdPeXY0y9Vn5CXOpOXn37hY
DvYSc3dRn8tlrkVAHaWFpGD1tsFDInQ9W1NKU/zmrOXbPxuav+8YO+NAlE0+kfV4
7am7ovBWdehOoemmkhCxjvdJLAs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org