Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/srvIO8uI8sswTaQSAvEX0uu0kqM.roa
File: srvIO8uI8sswTaQSAvEX0uu0kqM.roa (raw, json)
Hash identifier: HWX7qY0tX8oh3zI4IoDfD8r073JP00X4hqABe9ck4pA=
Subject key identifier: B2:BB:C8:3B:CB:88:F2:CB:30:4D:A4:12:02:F1:17:D2:EB:B4:92:A3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018D69C6DB6D6FC15E792C35A8378B821662
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/srvIO8uI8sswTaQSAvEX0uu0kqM.roa
Signing time: Fri 02 Feb 2024 12:24:16 +0000
ROA not before: Fri 02 Feb 2024 12:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200250
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0e:cbc3::/33 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 May 2024 13:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:c6:db:6d:6f:c1:5e:79:2c:35:a8:37:8b:82:16:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 2 12:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2bbc83bcb88f2cb304da41202f117d2ebb492a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0e:43:66:33:4c:9f:71:d5:2f:81:da:10:30:
5b:be:86:1f:c5:8d:40:40:39:ac:70:30:34:d0:b5:
d9:dd:9f:0a:4f:7f:e5:89:5c:81:26:27:ca:18:57:
88:e6:b4:07:cc:af:dc:88:ef:fc:e8:89:3b:c1:ec:
d4:20:d1:6a:4b:a0:77:6d:f5:d3:87:e8:c4:14:f5:
6d:63:12:77:b7:21:79:75:70:af:30:6e:01:8e:5f:
10:00:a1:ee:ac:b8:a3:ee:69:c5:69:9a:ef:77:69:
d5:3c:a9:ab:9c:8a:ae:7c:14:14:67:65:da:ee:7d:
50:b9:ec:01:21:ee:97:49:70:1a:43:4e:d7:3c:91:
c7:9b:85:13:5f:cc:b8:d9:ea:6a:ce:84:b2:bc:3d:
1e:12:2e:e3:09:71:ff:22:08:8a:6d:60:fa:f1:fd:
b9:41:4f:82:1f:d1:96:24:ee:91:c7:fa:e4:35:5b:
ce:e1:1b:75:bc:fb:a2:d6:4e:f0:57:6d:eb:c5:e6:
58:31:ba:79:d9:ab:7c:90:d6:48:a6:d9:73:c3:59:
eb:82:6c:c1:32:c5:01:bc:59:60:27:e3:86:c0:97:
f9:df:e3:9d:9d:d5:3f:84:9e:c9:c1:a5:4e:f0:af:
cb:1f:08:ab:24:e6:12:d8:da:e6:e4:22:01:59:8b:
33:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BB:C8:3B:CB:88:F2:CB:30:4D:A4:12:02:F1:17:D2:EB:B4:92:A3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/srvIO8uI8sswTaQSAvEX0uu0kqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
2a0e:cbc3::/33
Signature Algorithm: sha256WithRSAEncryption
19:05:4b:d0:70:8e:49:b7:6b:26:9f:cb:22:b1:86:86:32:81:
64:ff:23:d6:22:dd:00:c8:a3:a4:9e:f3:af:89:4b:2b:d8:42:
3d:7c:5e:0e:06:55:63:98:17:0b:02:dd:81:46:fb:ca:8f:62:
6d:f3:e6:be:3a:74:1b:b7:63:b3:97:45:78:ae:91:fb:07:92:
b2:56:f6:6d:f4:8c:01:97:25:62:5b:7c:25:fe:81:61:67:ee:
83:2e:10:56:61:c9:68:2c:0d:a8:7d:3c:ed:82:b7:c3:bf:29:
2a:8d:0d:90:26:3e:04:ee:f9:e0:aa:28:f6:eb:f4:6c:18:d9:
7d:a7:01:16:19:a9:28:41:89:e5:95:21:43:8a:5e:ab:ee:d5:
e0:3b:09:bf:2a:42:50:4c:fe:59:b2:b6:cc:51:1b:cb:86:ef:
2d:7c:43:fe:36:93:f7:06:55:6d:40:c1:64:8f:a0:c3:f7:37:
3b:2b:6b:7e:d5:b8:3f:92:b2:9f:34:8d:88:33:bd:36:70:48:
25:5c:26:0f:8f:cf:68:de:e1:c4:15:1a:d9:df:66:ff:16:5e:
96:17:42:84:8b:d1:29:11:34:71:d5:94:2b:10:a3:c9:29:7d:
74:5b:bf:06:5c:b9:36:ed:60:1b:cd:64:79:60:6e:fa:f9:df:
5a:31:d2:c9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY1pxtttb8FeeSw1qDeLghZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMjAyMTIyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmJiYzgzYmNiODhmMmNiMzA0ZGE0MTIwMmYxMTdkMmViYjQ5MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw5DZjNMn3HVL4HaEDBbvoYfxY1A
QDmscDA00LXZ3Z8KT3/liVyBJifKGFeI5rQHzK/ciO/86Ik7wezUINFqS6B3bfXT
h+jEFPVtYxJ3tyF5dXCvMG4Bjl8QAKHurLij7mnFaZrvd2nVPKmrnIqufBQUZ2Xa
7n1QuewBIe6XSXAaQ07XPJHHm4UTX8y42epqzoSyvD0eEi7jCXH/IgiKbWD68f25
QU+CH9GWJO6Rx/rkNVvO4Rt1vPui1k7wV23rxeZYMbp52at8kNZIptlzw1nrgmzB
MsUBvFlgJ+OGwJf53+OdndU/hJ7JwaVO8K/LHwirJOYS2Nrm5CIBWYszQQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLK7yDvLiPLLME2kEgLxF9LrtJKjMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvc3J2SU84dUk4c3N3VGFRU0F2RVgwdXUwa3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAAjAWAwUAKgz+AQMF
ACoOqUIDBgcqDsvDADANBgkqhkiG9w0BAQsFAAOCAQEAGQVL0HCOSbdrJp/LIrGG
hjKBZP8j1iLdAMijpJ7zr4lLK9hCPXxeDgZVY5gXCwLdgUb7yo9ibfPmvjp0G7dj
s5dFeK6R+weSslb2bfSMAZclYlt8Jf6BYWfugy4QVmHJaCwNqH087YK3w78pKo0N
kCY+BO754Koo9uv0bBjZfacBFhmpKEGJ5ZUhQ4peq+7V4DsJvypCUEz+WbK2zFEb
y4bvLXxD/jaT9wZVbUDBZI+gw/c3OytrftW4P5KynzSNiDO9NnBIJVwmD4/PaN7h
xBUa2d9m/xZelhdChIvRKRE0cdWUKxCjySl9dFu/Bly5Nu1gG81keWBu+vnfWjHS
yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org