Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/S_H_1qJefYULm6kLgRFN0RZOoYQ.roa
File: S_H_1qJefYULm6kLgRFN0RZOoYQ.roa (raw, json)
Hash identifier: bJ0T37hULjl0y9uTXzjVNKdbWGz8XfbHlNhq0K90vWE=
Subject key identifier: 4B:F1:FF:D6:A2:5E:7D:85:0B:9B:A9:0B:81:11:4D:D1:16:4E:A1:84
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018D69AE238EDBC00150B5D86CB82AA2458D
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/S_H_1qJefYULm6kLgRFN0RZOoYQ.roa
Signing time: Fri 02 Feb 2024 11:57:16 +0000
ROA not before: Fri 02 Feb 2024 11:57:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200250
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0e:cbc3::/32 maxlen: 33
Validation: Failed, certificate revoked on Fri 02 Feb 2024 12:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:ae:23:8e:db:c0:01:50:b5:d8:6c:b8:2a:a2:45:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 2 11:57:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bf1ffd6a25e7d850b9ba90b81114dd1164ea184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3d:69:7d:53:94:38:60:30:79:5b:4c:00:e3:
f7:36:65:ba:79:08:ef:59:4f:69:32:9c:ef:ec:34:
af:73:09:a0:92:88:da:8a:98:83:26:a3:a8:ad:0e:
94:f7:9c:29:c4:8f:03:d1:8d:27:2c:27:aa:ce:4f:
ee:2b:0e:c9:9f:5b:ce:82:33:f6:a1:55:c5:64:e5:
24:28:2b:3d:04:fd:86:ff:8d:d3:d4:05:c5:5c:2a:
bf:32:a4:2b:54:95:88:a0:b4:25:ca:37:24:ed:11:
79:c6:3b:74:6b:38:3d:be:a3:be:68:d4:44:49:3d:
c1:63:ed:cd:f5:5f:48:c2:db:db:8f:5f:90:d0:fc:
bb:bc:b6:f6:b1:d4:21:ba:62:c5:e7:6a:5f:f7:63:
20:64:14:b4:bf:65:a5:f7:29:04:08:6d:7d:b6:4d:
29:84:4f:e2:9b:dd:a9:3b:58:d5:c1:40:d8:2f:d8:
d3:83:5e:b4:01:4b:02:41:a7:52:7d:96:07:14:17:
d6:7e:21:2d:51:db:bb:9f:66:dc:4f:1b:14:7d:06:
b3:70:01:f1:fb:96:a8:6b:44:e7:ae:37:f4:a3:bb:
27:f9:b2:c6:06:9e:25:50:32:d3:45:10:2a:f8:c7:
e0:8f:77:b3:26:f9:2a:a6:27:fd:f9:54:09:80:dd:
da:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F1:FF:D6:A2:5E:7D:85:0B:9B:A9:0B:81:11:4D:D1:16:4E:A1:84
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/S_H_1qJefYULm6kLgRFN0RZOoYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
2a0e:cbc3::/32
Signature Algorithm: sha256WithRSAEncryption
0a:2b:3a:2a:93:f7:bb:bd:c3:f1:35:09:17:58:f2:f2:18:d6:
c4:b9:dc:e4:a5:45:5a:05:3d:42:8d:ba:39:70:fe:85:78:95:
bc:30:b2:67:a8:00:d0:5d:32:d0:77:57:3e:1e:94:32:9b:dc:
2e:8f:53:3f:a4:7c:28:82:c0:65:8f:b3:f5:49:33:52:c7:d9:
0c:85:c1:a0:45:4f:42:1a:47:4d:85:39:11:0e:94:16:4a:2b:
d5:d1:b2:f1:5e:4a:bb:37:c4:6e:37:83:e9:c5:24:34:85:49:
b3:3f:14:0e:0d:67:92:f3:45:a1:29:68:d3:89:2a:47:05:dd:
f1:c8:a1:7e:2c:8f:5c:69:0c:d6:02:a2:5d:b4:2d:05:ac:7a:
f8:72:12:1c:3a:03:ba:84:d0:85:f7:5c:af:28:15:97:24:9f:
67:55:3e:39:b8:97:7d:32:89:71:94:3c:17:90:b5:fb:f2:16:
cd:0b:1c:a6:8f:c4:f7:68:6f:84:a1:ba:19:87:92:45:98:2a:
e6:9e:89:24:85:f8:e7:6a:d6:e4:5a:53:81:96:88:23:7a:84:
65:5a:c5:fb:be:ba:65:42:dc:ad:b3:0b:fa:63:5f:45:a0:f4:
09:02:e5:81:8d:31:a0:de:09:44:aa:6d:88:8d:d2:2c:c6:fe:
72:30:29:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1priOO28ABULXYbLgqokWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMjAyMTE1NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYxZmZkNmEyNWU3ZDg1MGI5YmE5MGI4MTExNGRkMTE2NGVhMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT1pfVOUOGAweVtMAOP3NmW6eQjv
WU9pMpzv7DSvcwmgkojaipiDJqOorQ6U95wpxI8D0Y0nLCeqzk/uKw7Jn1vOgjP2
oVXFZOUkKCs9BP2G/43T1AXFXCq/MqQrVJWIoLQlyjck7RF5xjt0azg9vqO+aNRE
ST3BY+3N9V9Iwtvbj1+Q0Py7vLb2sdQhumLF52pf92MgZBS0v2Wl9ykECG19tk0p
hE/im92pO1jVwUDYL9jTg160AUsCQadSfZYHFBfWfiEtUdu7n2bcTxsUfQazcAHx
+5aoa0Tnrjf0o7sn+bLGBp4lUDLTRRAq+Mfgj3ezJvkqpif9+VQJgN3aQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEvx/9aiXn2FC5upC4ERTdEWTqGEMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvU19IXzFxSmVmWVVMbTZrTGdSRk4wUlpPb1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgz+AQMF
ACoOqUIDBQAqDsvDMA0GCSqGSIb3DQEBCwUAA4IBAQAKKzoqk/e7vcPxNQkXWPLy
GNbEudzkpUVaBT1Cjbo5cP6FeJW8MLJnqADQXTLQd1c+HpQym9wuj1M/pHwogsBl
j7P1STNSx9kMhcGgRU9CGkdNhTkRDpQWSivV0bLxXkq7N8RuN4PpxSQ0hUmzPxQO
DWeS80WhKWjTiSpHBd3xyKF+LI9caQzWAqJdtC0FrHr4chIcOgO6hNCF91yvKBWX
JJ9nVT45uJd9MolxlDwXkLX78hbNCxymj8T3aG+EoboZh5JFmCrmnokkhfjnatbk
WlOBlogjeoRlWsX7vrplQtytswv6Y19FoPQJAuWBjTGg3glEqm2IjdIsxv5yMClt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org