Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/f9jV7R8ON364OtG-TWjPtTy03VY.roa
File: f9jV7R8ON364OtG-TWjPtTy03VY.roa (raw, json)
Hash identifier: b5wOM/2vPA7DnfwZX1fXVJAriUcvp3yVfYO7bK7PL4E=
Subject key identifier: 7F:D8:D5:ED:1F:0E:37:7E:B8:3A:D1:BE:4D:68:CF:B5:3C:B4:DD:56
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C3A8EA1374D595510C49A6C1D515AFCEF
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/f9jV7R8ON364OtG-TWjPtTy03VY.roa
Signing time: Tue 05 Dec 2023 15:17:55 +0000
ROA not before: Tue 05 Dec 2023 15:17:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0c:9e06::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0b:3c40:10::/48 maxlen: 48
2a0e:a946::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:8e:a1:37:4d:59:55:10:c4:9a:6c:1d:51:5a:fc:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 5 15:17:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fd8d5ed1f0e377eb83ad1be4d68cfb53cb4dd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a9:2d:de:ae:dd:a0:db:8f:60:2e:59:ca:b6:
7c:18:9b:14:2d:af:92:14:0a:2f:02:a2:58:d4:96:
b7:7c:52:1c:ae:c1:cd:48:8e:c9:29:c4:d9:15:97:
53:d1:4d:8a:58:a3:ca:48:8e:e4:9f:63:54:8e:23:
07:c6:3d:d5:e0:1a:9f:f2:0d:24:75:3c:23:a7:65:
c7:8c:7c:9d:9d:d0:16:bb:10:41:5b:81:f3:04:f0:
7e:48:85:8c:22:0b:2f:cc:01:5d:fb:59:d1:d9:5c:
88:e1:89:58:62:8e:64:2b:e5:2a:79:65:73:c8:c2:
f1:12:44:1e:8d:ec:0b:04:ad:1b:d4:37:53:89:d0:
43:1b:f0:e8:71:22:8d:8c:64:30:28:27:0f:1a:32:
bc:a2:23:9d:23:5f:09:8b:c0:27:54:05:87:8f:e4:
03:8f:4f:92:40:31:a4:a1:0e:62:82:18:6d:5a:cc:
2c:20:db:f1:86:52:70:30:5b:f1:14:52:fb:4a:07:
55:68:ee:5d:11:13:f1:c5:ab:05:d0:08:96:fa:39:
fd:cc:1f:15:46:ca:5f:59:ec:03:64:35:75:5e:3d:
ce:03:47:0d:63:c0:f0:4b:77:71:27:8f:ab:3f:84:
83:89:c5:cd:45:20:30:5f:4e:8a:89:f6:14:c5:67:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D8:D5:ED:1F:0E:37:7E:B8:3A:D1:BE:4D:68:CF:B5:3C:B4:DD:56
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/f9jV7R8ON364OtG-TWjPtTy03VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:10::/48
2a0c:9e06::/32
2a0e:a944::/30
Signature Algorithm: sha256WithRSAEncryption
1e:f9:62:1a:06:66:fb:71:dc:ec:fd:32:d3:40:29:5f:57:6d:
c4:3f:19:58:0a:bf:13:0b:c3:3d:8a:b6:94:69:87:8e:c1:34:
f4:8d:7e:1f:e0:f9:e4:c1:9d:2c:27:f0:3f:d6:d4:55:e4:a6:
f7:46:16:81:76:2f:52:c6:41:ca:b7:a8:3c:13:d4:98:91:f9:
e4:e6:5a:1e:76:20:f4:f3:a2:c7:b9:3f:29:08:45:b9:cb:e7:
6d:e7:de:fa:75:b8:98:0b:b5:26:9d:28:44:2a:4d:e7:58:bf:
6d:57:4d:28:7c:4f:ae:fc:08:62:86:08:6f:bf:db:e5:19:45:
d5:ec:fd:ff:78:34:bd:ed:dd:2d:e2:7f:de:ce:fe:f4:10:cb:
eb:50:95:52:72:6f:22:65:32:82:ef:85:d9:46:70:7d:89:fa:
e0:67:c7:45:f1:03:22:b7:77:19:a6:6d:80:30:19:bf:2f:4a:
b2:11:10:89:42:77:45:61:aa:06:43:87:61:82:91:f2:8c:8f:
d2:e0:58:8e:92:f8:5d:81:e2:bf:9f:2e:fc:be:f7:53:81:08:
7f:85:3b:be:1e:3a:4f:51:30:7a:d6:b2:77:5c:c3:85:c0:c4:
c4:d0:56:62:e8:19:3c:5c:52:40:19:e6:6d:af:da:c9:d0:68:
20:a0:8e:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw6jqE3TVlVEMSabB1RWvzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjA1MTUxNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ4ZDVlZDFmMGUzNzdlYjgzYWQxYmU0ZDY4Y2ZiNTNjYjRkZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlakt3q7doNuPYC5ZyrZ8GJsULa+S
FAovAqJY1Ja3fFIcrsHNSI7JKcTZFZdT0U2KWKPKSI7kn2NUjiMHxj3V4Bqf8g0k
dTwjp2XHjHydndAWuxBBW4HzBPB+SIWMIgsvzAFd+1nR2VyI4YlYYo5kK+UqeWVz
yMLxEkQejewLBK0b1DdTidBDG/DocSKNjGQwKCcPGjK8oiOdI18Ji8AnVAWHj+QD
j0+SQDGkoQ5ighhtWswsINvxhlJwMFvxFFL7SgdVaO5dERPxxasF0AiW+jn9zB8V
RspfWewDZDV1Xj3OA0cNY8DwS3dxJ4+rP4SDicXNRSAwX06KifYUxWcQQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH/Y1e0fDjd+uDrRvk1oz7U8tN1WMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZjlqVjdSOE9OMzY0T3RHLVRXalB0VHkwM1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgs8QAAQ
AwUAKgyeBgMFAioOqUQwDQYJKoZIhvcNAQELBQADggEBAB75YhoGZvtx3Oz9MtNA
KV9XbcQ/GVgKvxMLwz2KtpRph47BNPSNfh/g+eTBnSwn8D/W1FXkpvdGFoF2L1LG
Qcq3qDwT1JiR+eTmWh52IPTzose5PykIRbnL523n3vp1uJgLtSadKEQqTedYv21X
TSh8T678CGKGCG+/2+UZRdXs/f94NL3t3S3if97O/vQQy+tQlVJybyJlMoLvhdlG
cH2J+uBnx0XxAyK3dxmmbYAwGb8vSrIREIlCd0VhqgZDh2GCkfKMj9LgWI6S+F2B
4r+fLvy+91OBCH+FO74eOk9RMHrWsndcw4XAxMTQVmLoGTxcUkAZ5m2v2snQaCCg
js0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org