Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/oe43r45TM6q2w13XRf-V0Bg1Wm0.roa
File: oe43r45TM6q2w13XRf-V0Bg1Wm0.roa (raw, json)
Hash identifier: zVMN7oHK+HfkOYo9pRS5atXKyBRekCJkJO8l6+4vmjE=
Subject key identifier: A1:EE:37:AF:8E:53:33:AA:B6:C3:5D:D7:45:FF:95:D0:18:35:5A:6D
Certificate issuer: /CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Certificate serial: 018AB6A984AB4B8D145DA383B8D4A0820223
Authority key identifier: F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/oe43r45TM6q2w13XRf-V0Bg1Wm0.roa
Signing time: Thu 21 Sep 2023 07:34:37 +0000
ROA not before: Thu 21 Sep 2023 07:34:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49800
IP address blocks: 2a03:6947:200::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:a9:84:ab:4b:8d:14:5d:a3:83:b8:d4:a0:82:02:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Validity
Not Before: Sep 21 07:34:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1ee37af8e5333aab6c35dd745ff95d018355a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c0:fa:fe:f5:ed:4f:db:0f:61:0f:08:ee:72:
24:a5:ab:b3:37:3c:1d:0f:a7:33:07:cd:99:41:45:
50:e4:b4:18:d7:a0:27:23:fc:41:34:9c:1f:e5:e8:
4a:e1:81:79:5f:e9:ac:52:8f:c2:36:2f:40:0a:5a:
d1:ce:0c:3a:f2:84:8c:76:fa:48:2d:fa:7d:ec:0a:
fe:f8:e3:82:0b:96:7d:f8:f6:01:ba:39:1c:57:48:
6a:03:be:fb:4e:18:2d:a1:9c:70:ef:9d:e6:55:8a:
21:2a:82:77:28:8e:2f:a0:07:75:3d:b6:ba:71:d4:
08:ea:56:10:94:93:c1:eb:9f:6d:c8:c0:22:f9:ef:
98:78:7b:8f:d9:70:3c:fe:67:4c:08:ce:8a:20:5c:
73:1a:53:08:3e:17:f7:bd:f7:e2:29:c3:1a:7f:ee:
fc:d7:46:6a:18:cd:5a:95:bc:18:d0:9a:2b:b2:ec:
7f:d3:24:22:4c:21:35:0f:9f:ec:48:af:75:69:8b:
3b:22:02:47:ad:4c:b8:e1:f1:9a:cb:21:ba:db:96:
78:bd:13:27:c2:02:97:62:e6:61:4d:8f:51:f9:63:
7f:96:cc:09:44:34:9c:12:86:ea:a6:bb:b7:2e:29:
8f:4e:54:50:21:93:68:59:54:ae:ad:3d:10:34:32:
2f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EE:37:AF:8E:53:33:AA:B6:C3:5D:D7:45:FF:95:D0:18:35:5A:6D
X509v3 Authority Key Identifier:
keyid:F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/oe43r45TM6q2w13XRf-V0Bg1Wm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/87kHgdu-vbjsQrr2ZIgFnqWGaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6947:200::/40
Signature Algorithm: sha256WithRSAEncryption
78:01:6b:e2:db:09:62:9e:14:0e:9e:a2:11:05:19:7d:a7:85:
ad:d5:e4:6c:8b:11:ea:16:e0:81:94:08:a2:f6:b2:44:a5:2e:
02:a3:7a:57:2a:74:21:0a:a2:05:0a:f6:37:47:be:ec:64:85:
3e:b4:61:41:1d:b8:40:60:d1:27:10:b7:5d:41:cb:9c:e9:89:
e4:fe:b7:0a:84:c8:6e:33:72:09:8a:ad:96:33:58:9a:d1:45:
5b:db:d7:18:0c:5c:3f:00:d0:ca:00:15:82:1a:b7:d2:79:34:
94:13:41:c2:78:1a:e8:45:3b:d8:02:e5:77:88:74:a1:d2:b0:
05:38:96:07:c1:c9:6b:9c:80:6e:6f:7f:83:0b:c5:6b:41:83:
73:fd:62:24:9f:36:16:ce:1d:4c:4f:97:5b:f9:35:37:74:24:
a1:a0:90:01:7a:3f:78:b7:f0:68:96:ff:a4:62:43:bc:0e:34:
4e:d0:e5:d5:d7:50:a7:e4:5f:3e:ce:98:bd:c0:34:f0:53:d6:
08:db:24:ef:bd:43:0c:44:47:0c:e0:6a:18:23:4a:da:fb:c8:
4f:d4:d8:76:fe:f6:f0:72:9f:c3:01:3a:c0:7d:46:55:9e:72:
16:99:63:22:3c:cc:f0:95:20:50:44:63:53:3a:c8:80:f7:76:
c6:27:3b:b9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYq2qYSrS40UXaODuNSgggIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjkwNzgxZGJiZWJkYjhlYzQyYmFmNjY0ODgwNTllYTU4
NjZhYWMwHhcNMjMwOTIxMDczNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWVlMzdhZjhlNTMzM2FhYjZjMzVkZDc0NWZmOTVkMDE4MzU1YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcD6/vXtT9sPYQ8I7nIkpauzNzwd
D6czB82ZQUVQ5LQY16AnI/xBNJwf5ehK4YF5X+msUo/CNi9AClrRzgw68oSMdvpI
Lfp97Ar++OOCC5Z9+PYBujkcV0hqA777ThgtoZxw753mVYohKoJ3KI4voAd1Pba6
cdQI6lYQlJPB659tyMAi+e+YeHuP2XA8/mdMCM6KIFxzGlMIPhf3vffiKcMaf+78
10ZqGM1albwY0Jorsux/0yQiTCE1D5/sSK91aYs7IgJHrUy44fGayyG625Z4vRMn
wgKXYuZhTY9R+WN/lswJRDScEobqpru3LimPTlRQIZNoWVSurT0QNDIvLwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKHuN6+OUzOqtsNd10X/ldAYNVptMB8GA1UdIwQY
MBaAFPO5B4Hbvr247EK69mSIBZ6lhmqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAt
M2VmNWViN2M4NTk4LzEvb2U0M3I0NVRNNnEydzEzWFJmLVYwQmcxV20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAtM2VmNWViN2M4NTk4
LzEvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgNpRwIw
DQYJKoZIhvcNAQELBQADggEBAHgBa+LbCWKeFA6eohEFGX2nha3V5GyLEeoW4IGU
CKL2skSlLgKjelcqdCEKogUK9jdHvuxkhT60YUEduEBg0ScQt11By5zpieT+twqE
yG4zcgmKrZYzWJrRRVvb1xgMXD8A0MoAFYIat9J5NJQTQcJ4GuhFO9gC5XeIdKHS
sAU4lgfByWucgG5vf4MLxWtBg3P9YiSfNhbOHUxPl1v5NTd0JKGgkAF6P3i38GiW
/6RiQ7wONE7Q5dXXUKfkXz7OmL3ANPBT1gjbJO+9QwxERwzgahgjStr7yE/U2Hb+
9vByn8MBOsB9RlWechaZYyI8zPCVIFBEY1M6yID3dsYnO7k=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:31 2024 by rpki-client on console-ams.rpki-client.org