Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kSkREPsD5ZdaPt7Sc8hju7kG9X4.roa
File: kSkREPsD5ZdaPt7Sc8hju7kG9X4.roa (raw, json)
Hash identifier: Vs2q3weOePGqKBnhvTDaTtkr0KKvRF+o9+PZDXx++OQ=
Subject key identifier: 91:29:11:10:FB:03:E5:97:5A:3E:DE:D2:73:C8:63:BB:B9:06:F5:7E
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C3A8F8BA5CFDFE1CC32C81BC3BC70B637
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kSkREPsD5ZdaPt7Sc8hju7kG9X4.roa
Signing time: Tue 05 Dec 2023 15:18:55 +0000
ROA not before: Tue 05 Dec 2023 15:18:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 2a0c:fe07::/32 maxlen: 32
2a0e:cbc2::/32 maxlen: 32
2a0c:fe06::/32 maxlen: 32
2a0e:cbc1::/32 maxlen: 32
2a0e:cbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:8f:8b:a5:cf:df:e1:cc:32:c8:1b:c3:bc:70:b6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 5 15:18:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91291110fb03e5975a3eded273c863bbb906f57e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e5:8b:70:1e:b9:c6:68:7a:51:5a:57:44:c6:
e0:02:60:88:2c:65:7f:cb:ba:87:ef:c0:96:fa:04:
7a:f1:5d:fb:3e:be:51:bd:b6:ff:07:bb:89:b2:2f:
fb:e1:d8:f5:ca:df:a3:59:9a:d2:99:b1:22:59:cd:
23:75:05:d0:2c:22:50:0f:6b:0b:44:7b:90:85:d1:
87:5b:51:b0:44:b5:bf:d8:0a:fe:df:61:0c:db:63:
05:0d:45:f7:75:be:5a:ca:b8:6f:b3:04:da:f5:98:
e4:b8:10:10:57:50:24:d8:31:d0:25:26:ba:cb:90:
7a:82:5a:5b:32:19:2b:5d:b1:3a:e7:24:0f:f4:eb:
80:b0:c6:91:f0:58:ee:81:50:a7:22:6f:ba:dc:78:
c8:99:19:f1:03:c2:b7:84:42:da:b0:68:d8:bf:41:
89:d5:3a:fb:98:93:9f:e7:52:0f:7d:a6:7b:10:45:
f1:a3:bf:47:63:0d:c8:68:f7:71:08:70:62:b2:86:
c1:ec:72:9f:44:aa:af:c5:f3:8d:66:b6:58:9a:14:
a3:93:7d:18:09:9d:d0:4e:c5:72:93:b9:ba:9a:78:
83:62:01:7e:52:95:b6:d5:28:c0:dc:27:68:12:1e:
70:52:90:57:fa:95:78:e8:08:0a:1e:40:b5:c0:51:
66:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:29:11:10:FB:03:E5:97:5A:3E:DE:D2:73:C8:63:BB:B9:06:F5:7E
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/kSkREPsD5ZdaPt7Sc8hju7kG9X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fe06::/31
2a0e:cbc0::-2a0e:cbc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:dd:88:1b:f0:9d:b0:c0:a0:41:b2:ff:a7:cf:ac:99:82:74:
bc:e1:9e:ef:67:f9:9b:a1:f0:51:f4:e4:9c:24:f0:d7:a3:fe:
ae:d4:d4:29:74:e4:bf:f4:39:77:8b:7e:f8:aa:29:3e:b1:c2:
e0:ac:ba:8b:83:26:69:d7:d3:5a:83:a6:a5:a0:c5:20:9a:a5:
4e:af:d0:e5:cb:69:e0:15:c9:59:67:79:30:ec:de:4e:cb:91:
ff:76:d0:56:47:29:31:a4:7e:b5:b5:2f:dc:b9:27:a0:79:d3:
2b:3a:47:26:e0:d5:98:2b:cd:cd:a1:19:de:25:1d:bc:c6:c0:
df:f9:b5:73:d4:ec:16:97:8d:72:73:af:ef:58:ae:77:11:9f:
50:58:b8:5e:df:59:49:32:93:9b:07:b5:48:42:65:32:27:82:
e2:d0:e5:c9:3c:39:ef:81:ee:b4:1c:3d:25:db:5f:2a:c8:76:
5c:4e:50:8f:a6:0d:b5:78:a1:b4:d9:c7:7c:99:9c:31:13:74:
e2:43:c8:c9:48:42:34:d8:f2:51:e1:4d:3d:bd:6f:17:9c:8b:
8d:f1:65:60:da:c7:60:6f:a2:d0:b1:f5:f8:9b:8c:10:fe:c7:
f3:81:c1:d7:75:c6:45:a3:87:94:86:30:38:a3:41:a5:2d:7a:
57:6c:50:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw6j4ulz9/hzDLIG8O8cLY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjA1MTUxODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTI5MTExMGZiMDNlNTk3NWEzZWRlZDI3M2M4NjNiYmI5MDZmNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuWLcB65xmh6UVpXRMbgAmCILGV/
y7qH78CW+gR68V37Pr5Rvbb/B7uJsi/74dj1yt+jWZrSmbEiWc0jdQXQLCJQD2sL
RHuQhdGHW1GwRLW/2Ar+32EM22MFDUX3db5ayrhvswTa9ZjkuBAQV1Ak2DHQJSa6
y5B6glpbMhkrXbE65yQP9OuAsMaR8FjugVCnIm+63HjImRnxA8K3hELasGjYv0GJ
1Tr7mJOf51IPfaZ7EEXxo79HYw3IaPdxCHBisobB7HKfRKqvxfONZrZYmhSjk30Y
CZ3QTsVyk7m6mniDYgF+UpW21SjA3CdoEh5wUpBX+pV46AgKHkC1wFFmjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEpERD7A+WXWj7e0nPIY7u5BvV+MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEva1NrUkVQc0Q1WmRhUHQ3U2M4aGp1N2tHOVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUBKgz+BjAO
AwUGKg7LwAMFACoOy8IwDQYJKoZIhvcNAQELBQADggEBAJDdiBvwnbDAoEGy/6fP
rJmCdLzhnu9n+Zuh8FH05Jwk8Nej/q7U1Cl05L/0OXeLfviqKT6xwuCsuouDJmnX
01qDpqWgxSCapU6v0OXLaeAVyVlneTDs3k7Lkf920FZHKTGkfrW1L9y5J6B50ys6
Rybg1Zgrzc2hGd4lHbzGwN/5tXPU7BaXjXJzr+9YrncRn1BYuF7fWUkyk5sHtUhC
ZTInguLQ5ck8Oe+B7rQcPSXbXyrIdlxOUI+mDbV4obTZx3yZnDETdOJDyMlIQjTY
8lHhTT29bxeci43xZWDax2BvotCx9fibjBD+x/OBwdd1xkWjh5SGMDijQaUtelds
UDw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org