Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1--Mok2T8p7aDxXfELlG0pERDhvY.roa
File: 1--Mok2T8p7aDxXfELlG0pERDhvY.roa (raw, json)
Hash identifier: TrrN9x8O0vxCd7solfW3TDo6AG5zeXufIRxJ9/irXYA=
Subject key identifier: FB:E3:28:93:64:FC:A7:B6:83:C5:77:C4:2E:51:B4:A4:44:43:86:F6
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018B86BC67479BEF66F1D073E5F955B80B9C
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1--Mok2T8p7aDxXfELlG0pERDhvY.roa
Signing time: Tue 31 Oct 2023 17:16:15 +0000
ROA not before: Tue 31 Oct 2023 17:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 2a14:3200::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 16:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:bc:67:47:9b:ef:66:f1:d0:73:e5:f9:55:b8:0b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Oct 31 17:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbe3289364fca7b683c577c42e51b4a4444386f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:37:6b:01:be:1e:1c:3e:69:ed:09:20:de:
2a:5b:91:fd:d0:04:c9:a2:3e:ac:4e:4f:33:a2:f3:
5d:13:1f:f0:53:97:b8:9b:13:62:de:68:eb:b7:cb:
66:d9:3c:36:9a:fc:8d:d9:a5:f8:b6:e3:5a:30:10:
43:93:85:b3:1c:f7:9b:b9:74:7d:0c:69:a1:b9:27:
fc:3b:97:5e:e7:4e:d0:de:d5:80:58:50:88:3b:f3:
f1:34:5b:a8:52:c7:a4:93:f2:21:a3:07:13:68:e4:
7b:eb:bb:06:da:23:9b:a2:9c:8a:53:e3:5f:ca:3b:
cd:df:d3:0d:df:dd:61:36:8e:43:ef:74:eb:03:77:
10:92:7a:70:fd:c6:9c:e9:72:1e:28:e5:8d:16:e2:
f0:cc:09:b0:85:a3:cc:14:b8:45:69:1a:c8:39:15:
34:b2:ff:89:7c:ea:ce:10:f4:64:7b:2f:b0:64:ce:
69:05:39:2c:9c:1d:c7:5e:f8:31:53:ac:8c:ec:bb:
d5:a6:70:90:5e:82:9a:f2:b9:41:d4:12:48:e5:43:
13:fa:bf:76:5c:cc:43:a5:32:be:82:16:84:19:3c:
a5:31:6a:98:f8:8c:df:2f:32:f2:21:da:74:e1:0a:
18:aa:f1:09:c6:59:20:92:45:ad:14:2e:d6:0d:5d:
81:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E3:28:93:64:FC:A7:B6:83:C5:77:C4:2E:51:B4:A4:44:43:86:F6
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/1--Mok2T8p7aDxXfELlG0pERDhvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
34:7d:d4:55:00:d2:79:f9:6d:45:70:eb:44:5f:d2:f6:58:01:
c7:7b:51:47:f0:70:03:26:2c:81:2e:d0:f6:dd:f3:76:ac:ce:
be:28:93:08:b0:e9:c2:3e:fc:08:25:de:ab:0a:19:5b:71:d3:
e6:cf:ae:85:2b:68:4f:df:40:19:9b:b5:6b:97:08:ba:2b:a9:
b6:17:be:f8:4c:4e:d6:74:7a:78:4b:2b:8b:1c:22:00:04:3a:
86:0d:20:6a:f6:b6:d2:3f:ec:5e:c2:61:3f:2f:d1:10:e5:46:
70:8a:61:d4:db:61:1d:ef:2e:dd:ed:5e:5e:37:a3:9a:39:75:
cf:54:8e:6d:32:a4:68:2c:ab:11:57:ac:bc:4d:5e:7a:08:8f:
50:51:64:96:41:d2:14:c1:41:0d:9c:e4:04:af:09:11:db:bc:
80:1f:52:cd:59:14:a0:60:07:eb:71:8c:70:d4:1e:dc:54:e1:
59:50:b7:96:1d:99:61:a1:02:10:c3:bd:23:18:f8:0b:89:e8:
a4:3a:ff:56:a4:b9:b1:ef:33:6e:e1:8c:c8:32:c8:f2:28:c7:
33:b3:0a:43:b4:8c:9f:74:03:41:b8:c2:e1:3a:a5:b1:97:02:
f5:5d:18:c8:cb:58:d0:e5:f8:96:40:8e:46:0f:86:b3:5d:33:
04:6b:0f:a2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYuGvGdHm+9m8dBz5flVuAucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjMxMDMxMTcxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUzMjg5MzY0ZmNhN2I2ODNjNTc3YzQyZTUxYjRhNDQ0NDM4NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAs3awG+Hhw+ae0JIN4qW5H90ATJ
oj6sTk8zovNdEx/wU5e4mxNi3mjrt8tm2Tw2mvyN2aX4tuNaMBBDk4WzHPebuXR9
DGmhuSf8O5de507Q3tWAWFCIO/PxNFuoUsekk/IhowcTaOR767sG2iObopyKU+Nf
yjvN39MN391hNo5D73TrA3cQknpw/cac6XIeKOWNFuLwzAmwhaPMFLhFaRrIORU0
sv+JfOrOEPRkey+wZM5pBTksnB3HXvgxU6yM7LvVpnCQXoKa8rlB1BJI5UMT+r92
XMxDpTK+ghaEGTylMWqY+IzfLzLyIdp04QoYqvEJxlkgkkWtFC7WDV2BTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPvjKJNk/Ke2g8V3xC5RtKREQ4b2MB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvMS0tTW9rMlQ4cDdhRHhYZkVMbEcwcEVSRGh2WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvNTNmYjM0LTI1ZGItNDY4NC05ODRmLTNiNDQ1ZjI5ZjVi
Ny8xL2Zma0VxeFFHYkhxZjVocFNIVlNTb09VcFpjby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoUMgAw
DQYJKoZIhvcNAQELBQADggEBADR91FUA0nn5bUVw60Rf0vZYAcd7UUfwcAMmLIEu
0Pbd83aszr4okwiw6cI+/Agl3qsKGVtx0+bProUraE/fQBmbtWuXCLorqbYXvvhM
TtZ0enhLK4scIgAEOoYNIGr2ttI/7F7CYT8v0RDlRnCKYdTbYR3vLt3tXl43o5o5
dc9Ujm0ypGgsqxFXrLxNXnoIj1BRZJZB0hTBQQ2c5ASvCRHbvIAfUs1ZFKBgB+tx
jHDUHtxU4VlQt5YdmWGhAhDDvSMY+AuJ6KQ6/1akubHvM27hjMgyyPIoxzOzCkO0
jJ90A0G4wuE6pbGXAvVdGMjLWNDl+JZAjkYPhrNdMwRrD6I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:03 2024 by rpki-client on console-ams.rpki-client.org