Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/vJ3MGvwvCdXTPJuw-FpfbYvViWQ.roa
File: vJ3MGvwvCdXTPJuw-FpfbYvViWQ.roa (raw, json)
Hash identifier: 3cNVZc8l+SqH6ffKfv2kewilQCN3uG6LcH18+6wfgpM=
Subject key identifier: BC:9D:CC:1A:FC:2F:09:D5:D3:3C:9B:B0:F8:5A:5F:6D:8B:D5:89:64
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018DAE0249A38728E4C17BA64FAB9B991B45
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/vJ3MGvwvCdXTPJuw-FpfbYvViWQ.roa
Signing time: Thu 15 Feb 2024 18:23:21 +0000
ROA not before: Thu 15 Feb 2024 18:23:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:e000::/29 maxlen: 32
2a11:dcc0::/29 maxlen: 29
2a12:6b80::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 18 Feb 2024 13:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:02:49:a3:87:28:e4:c1:7b:a6:4f:ab:9b:99:1b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 15 18:23:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc9dcc1afc2f09d5d33c9bb0f85a5f6d8bd58964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:30:b8:44:0a:9d:b4:24:ee:88:2a:d5:60:
de:3b:42:94:3e:14:55:70:bc:5e:1c:47:e6:42:f8:
54:a8:fd:81:64:55:85:7a:0e:63:1a:9c:b2:0a:c4:
75:8e:ad:24:80:a6:07:2d:5e:85:3e:4f:3e:66:e9:
79:83:9f:73:99:ae:f2:96:f0:6d:4d:ca:39:81:36:
f7:cb:1b:70:93:53:53:32:7a:f3:e5:5a:2a:85:fd:
75:46:5a:61:29:5a:63:15:de:2e:43:ad:54:e1:95:
a9:2b:55:e9:84:8c:88:3e:3d:c3:5f:91:44:88:92:
e5:25:b7:10:d7:58:09:74:a1:2f:4d:7c:29:9a:e4:
7a:bd:51:b7:fe:d7:64:47:e2:e2:61:5e:2b:4f:37:
6e:5f:41:28:87:71:1f:25:f0:2e:79:83:87:1d:aa:
83:d4:e6:fb:42:d7:ab:8f:92:47:5d:fe:59:b3:6e:
1c:4c:9a:3c:de:9c:40:ab:23:69:52:68:18:ea:9c:
8b:c6:69:54:a2:8e:01:cb:62:d2:75:03:49:35:cd:
5b:80:e6:53:b3:c7:09:5b:8d:fe:a1:ff:68:fa:8d:
45:ec:0d:1f:30:c9:b2:2b:d3:0d:15:f5:85:cf:55:
a3:a7:da:d5:e3:35:50:9e:03:c6:25:f2:8d:27:0d:
62:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9D:CC:1A:FC:2F:09:D5:D3:3C:9B:B0:F8:5A:5F:6D:8B:D5:89:64
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/vJ3MGvwvCdXTPJuw-FpfbYvViWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a11:dcc0::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
1d:44:aa:d3:69:3b:c3:15:9f:d4:6e:7e:91:e2:7c:d3:9b:c8:
e1:d9:b7:01:0d:66:b7:e2:d4:00:f6:69:c6:74:29:69:6e:89:
fc:84:84:37:47:c9:18:5e:6a:19:2f:d6:f1:54:29:71:5d:fc:
e9:d2:6d:c0:e2:18:9c:e0:9d:44:fc:a5:6e:bd:98:e0:a8:74:
ea:67:39:25:14:a8:f1:2c:fb:73:d2:87:86:20:36:5b:a8:ca:
b9:72:23:df:1b:0b:44:21:e5:fd:23:cb:93:b9:ff:7d:30:05:
7a:03:4e:ba:6d:5d:1e:b6:fa:40:5a:59:60:e8:e2:96:91:72:
81:bb:4f:50:72:72:3f:2f:95:e4:dc:5a:3d:6b:64:69:76:9d:
76:c9:34:4b:83:05:37:e8:bd:f6:d5:b7:3e:b2:0b:f7:41:13:
3c:97:f0:fb:11:e3:e8:7f:64:62:18:7a:6e:a7:1f:e6:88:b0:
f6:4f:f0:fc:79:54:4c:74:8c:a1:c1:f2:b0:ff:55:78:be:91:
df:c6:79:8e:ea:c9:79:d8:84:38:5f:e9:68:ae:ce:f4:ae:d4:
bd:e0:67:bb:af:35:46:1b:69:b4:de:62:d6:4f:35:b5:e4:39:
d4:29:e6:ee:38:b4:29:67:9f:98:02:92:43:e5:e9:75:23:7b:
71:6e:1e:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2uAkmjhyjkwXumT6ubmRtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjE1MTgyMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzlkY2MxYWZjMmYwOWQ1ZDMzYzliYjBmODVhNWY2ZDhiZDU4OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyYwuEQKnbQk7ogq1WDeO0KUPhRV
cLxeHEfmQvhUqP2BZFWFeg5jGpyyCsR1jq0kgKYHLV6FPk8+Zul5g59zma7ylvBt
Tco5gTb3yxtwk1NTMnrz5Voqhf11RlphKVpjFd4uQ61U4ZWpK1XphIyIPj3DX5FE
iJLlJbcQ11gJdKEvTXwpmuR6vVG3/tdkR+LiYV4rTzduX0Eoh3EfJfAueYOHHaqD
1Ob7Qterj5JHXf5Zs24cTJo83pxAqyNpUmgY6pyLxmlUoo4By2LSdQNJNc1bgOZT
s8cJW43+of9o+o1F7A0fMMmyK9MNFfWFz1Wjp9rV4zVQngPGJfKNJw1iTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLydzBr8LwnV0zybsPhaX22L1YlkMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvdkozTUd2d3ZDZFhUUEp1dy1GcGZiWXZWaVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg/gAAMF
AyoR3MADBQMqEmuAMA0GCSqGSIb3DQEBCwUAA4IBAQAdRKrTaTvDFZ/Ubn6R4nzT
m8jh2bcBDWa34tQA9mnGdClpbon8hIQ3R8kYXmoZL9bxVClxXfzp0m3A4hic4J1E
/KVuvZjgqHTqZzklFKjxLPtz0oeGIDZbqMq5ciPfGwtEIeX9I8uTuf99MAV6A066
bV0etvpAWllg6OKWkXKBu09QcnI/L5Xk3Fo9a2Rpdp12yTRLgwU36L321bc+sgv3
QRM8l/D7EePof2RiGHpupx/miLD2T/D8eVRMdIyhwfKw/1V4vpHfxnmO6sl52IQ4
X+lors70rtS94Ge7rzVGG2m03mLWTzW15DnUKebuOLQpZ5+YApJD5el1I3txbh7X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org