Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/aDDiO8PMM_Cb7t4Tg3Cb3jQocE8.roa
File: aDDiO8PMM_Cb7t4Tg3Cb3jQocE8.roa (raw, json)
Hash identifier: ibLHs7Z99kyZwPGiMl/ySrDwbphsAtMw8XBA3E+xtOM=
Subject key identifier: 68:30:E2:3B:C3:CC:33:F0:9B:EE:DE:13:83:70:9B:DE:34:28:70:4F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C3AAA187C05ABB9497AC0116E741DE1D7
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/aDDiO8PMM_Cb7t4Tg3Cb3jQocE8.roa
Signing time: Tue 05 Dec 2023 15:47:55 +0000
ROA not before: Tue 05 Dec 2023 15:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 2a0c:9e02::/32 maxlen: 40
2a0b:3c41:2::/48 maxlen: 48
2a0e:eb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:aa:18:7c:05:ab:b9:49:7a:c0:11:6e:74:1d:e1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 5 15:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6830e23bc3cc33f09beede1383709bde3428704f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7e:b9:21:57:7e:6c:d4:64:b7:fb:3c:46:5f:
04:22:6b:f1:ca:42:59:42:2f:92:2e:a7:8c:08:0f:
37:85:3e:1b:72:e1:ca:9a:84:9d:8f:a1:aa:b0:36:
4c:d6:0a:cc:77:fa:f3:18:d5:25:f3:50:3e:6b:8e:
26:b1:42:a1:2e:6e:01:a7:e0:14:b3:45:e8:2e:c4:
9c:c5:d6:13:40:b5:01:79:5a:e7:df:90:93:8b:b3:
81:e7:94:74:08:f3:31:22:e0:ce:27:4e:7c:be:db:
75:06:a9:09:3a:25:5e:78:55:20:a0:09:cd:e4:ea:
5f:63:92:7b:1f:c4:99:94:c2:02:8e:64:b9:43:f8:
44:54:9b:c7:02:54:56:90:e1:ef:78:d3:5d:19:94:
18:57:9d:e5:c7:74:24:87:e7:6a:2c:39:55:3e:7c:
33:67:d4:41:6b:4f:87:74:86:d4:72:23:7c:03:4f:
18:56:63:f4:1d:23:6a:ce:e2:e3:05:da:12:4f:ad:
b0:74:8d:b5:e0:80:e0:80:e1:79:f1:57:17:df:69:
1a:53:a7:b1:f3:78:b9:01:a9:0a:ed:d9:64:ef:2d:
de:af:5b:d6:92:aa:d2:99:28:85:93:61:63:40:49:
b3:fb:33:8c:b0:bc:b3:9a:50:86:6c:61:6e:b8:bb:
0b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:30:E2:3B:C3:CC:33:F0:9B:EE:DE:13:83:70:9B:DE:34:28:70:4F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/aDDiO8PMM_Cb7t4Tg3Cb3jQocE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c41:2::/48
2a0c:9e02::/32
2a0e:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
25:8b:72:60:b1:71:b3:6f:e3:51:88:f5:be:ac:c6:5a:99:e9:
c2:44:f1:09:80:31:08:a4:ae:2a:2a:ff:ca:99:bc:fb:50:f4:
f5:e7:af:27:45:bf:20:84:d5:7c:28:49:01:d1:a2:68:08:0a:
ee:44:a2:e6:bb:0e:25:9a:2b:4b:8d:b7:f1:32:d4:ed:48:9c:
36:f4:61:a9:1c:4f:3b:9c:b7:9f:a3:8c:11:fd:25:f3:c3:c6:
1c:47:ec:d4:c5:bf:e2:2d:1d:0f:8d:8a:6e:e8:53:3d:82:9f:
91:75:f0:5f:7b:86:63:c1:34:7d:cd:cb:b8:dd:3f:6d:3a:51:
1d:0d:a6:4a:7e:3a:cc:4f:7f:ad:33:5c:91:c8:52:76:27:09:
94:f0:1a:ae:a9:7b:e4:20:56:6a:33:53:6c:68:46:ef:e1:7c:
51:13:6d:b3:aa:e9:cd:d2:28:d7:72:a1:35:89:c9:d8:b4:93:
5b:bd:6f:39:26:c4:e0:5a:49:b3:49:5c:90:0e:ed:91:e7:a9:
6e:d4:17:18:25:c7:a3:18:45:75:bd:b0:e8:7f:18:df:fb:0a:
31:a5:a0:a0:2d:4a:ba:cc:17:88:31:d3:f4:98:17:fb:10:e3:
fb:24:38:8a:b7:22:14:83:e2:2f:61:e5:b4:6b:c6:e6:62:5c:
85:5c:d5:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw6qhh8Bau5SXrAEW50HeHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjA1MTU0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODMwZTIzYmMzY2MzM2YwOWJlZWRlMTM4MzcwOWJkZTM0Mjg3MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn65IVd+bNRkt/s8Rl8EImvxykJZ
Qi+SLqeMCA83hT4bcuHKmoSdj6GqsDZM1grMd/rzGNUl81A+a44msUKhLm4Bp+AU
s0XoLsScxdYTQLUBeVrn35CTi7OB55R0CPMxIuDOJ058vtt1BqkJOiVeeFUgoAnN
5OpfY5J7H8SZlMICjmS5Q/hEVJvHAlRWkOHveNNdGZQYV53lx3Qkh+dqLDlVPnwz
Z9RBa0+HdIbUciN8A08YVmP0HSNqzuLjBdoST62wdI214IDggOF58VcX32kaU6ex
83i5AakK7dlk7y3er1vWkqrSmSiFk2FjQEmz+zOMsLyzmlCGbGFuuLsLOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGgw4jvDzDPwm+7eE4Nwm940KHBPMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvYUREaU84UE1NX0NiN3Q0VGczQ2IzalFvY0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgs8QQAC
AwUAKgyeAgMFACoO60AwDQYJKoZIhvcNAQELBQADggEBACWLcmCxcbNv41GI9b6s
xlqZ6cJE8QmAMQikrioq/8qZvPtQ9PXnrydFvyCE1XwoSQHRomgICu5Eoua7DiWa
K0uNt/Ey1O1InDb0YakcTzuct5+jjBH9JfPDxhxH7NTFv+ItHQ+Nim7oUz2Cn5F1
8F97hmPBNH3Ny7jdP206UR0Npkp+OsxPf60zXJHIUnYnCZTwGq6pe+QgVmozU2xo
Ru/hfFETbbOq6c3SKNdyoTWJydi0k1u9bzkmxOBaSbNJXJAO7ZHnqW7UFxglx6MY
RXW9sOh/GN/7CjGloKAtSrrMF4gx0/SYF/sQ4/skOIq3IhSD4i9h5bRrxuZiXIVc
1ZY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org