Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rcXIMqDaGL5vXYt589nSbfykBQU.roa
File: rcXIMqDaGL5vXYt589nSbfykBQU.roa (raw, json)
Hash identifier: mX+jZbA1I5CSPsjI+OYDC+1uSj/tWUn3czjulQqUg58=
Subject key identifier: AD:C5:C8:32:A0:DA:18:BE:6F:5D:8B:79:F3:D9:D2:6D:FC:A4:05:05
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE61721940AB20F8EAE7504FB8B3478
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rcXIMqDaGL5vXYt589nSbfykBQU.roa
Signing time: Sun 01 Jan 2023 10:34:56 +0000
ROA not before: Sun 01 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40970
IP address blocks: 2a0d:98c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:17:21:94:0a:b2:0f:8e:ae:75:04:fb:8b:34:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adc5c832a0da18be6f5d8b79f3d9d26dfca40505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:51:93:fd:47:15:32:bf:76:ac:e7:37:67:53:
31:6f:c1:ec:49:40:0c:f9:97:09:72:70:88:bb:55:
bc:b1:fa:c4:70:b7:d8:cd:d5:19:c7:7c:64:8b:c9:
49:1c:e8:9c:d9:6e:6a:98:9c:42:5d:d3:5d:68:6b:
e6:b6:17:de:b6:0a:bd:af:ab:3f:63:ec:95:61:24:
93:22:81:27:4f:91:9f:f6:ee:70:60:8d:75:cf:b1:
12:48:3b:72:f0:c0:22:71:d3:3a:d3:d9:ec:e0:d5:
95:96:f9:ad:a8:7c:b3:e6:0a:31:cc:60:7a:2e:67:
7f:fb:f4:c5:a2:f2:16:68:61:f7:6a:a4:37:03:bf:
c6:1f:ba:71:8f:ad:8b:ec:bf:61:7e:ac:9f:a9:f5:
25:1f:4c:a3:ae:d5:43:99:25:67:38:d6:6c:a5:76:
93:66:2d:72:a9:74:11:c1:03:5d:fb:d6:de:78:a3:
88:23:1e:45:e9:03:0e:4d:a4:23:91:8f:d5:bf:22:
54:af:9a:6e:6b:eb:96:c9:8f:fc:50:74:f8:a6:2f:
df:53:a2:ad:60:26:af:b8:14:bf:7f:93:5d:75:4e:
33:a1:16:da:fd:e5:45:63:37:62:7b:65:d7:1f:b6:
3f:b3:da:75:02:ae:26:16:57:4b:09:9b:cb:c9:f7:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C5:C8:32:A0:DA:18:BE:6F:5D:8B:79:F3:D9:D2:6D:FC:A4:05:05
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rcXIMqDaGL5vXYt589nSbfykBQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:23:5a:44:b2:83:05:a3:19:50:4b:ec:bf:bf:bb:17:e6:93:
6e:c9:3e:36:09:f7:c6:60:19:53:f3:5b:5f:94:3d:a7:e4:83:
8e:73:83:33:8d:3c:37:cd:26:11:29:cb:70:2d:a4:8a:20:5f:
cd:4d:aa:c5:ea:cf:9a:25:37:67:6d:a1:41:b2:88:3f:6f:23:
9b:6b:7d:38:5b:2e:a3:c2:2d:0f:b9:e7:28:02:d5:6a:8c:08:
6c:4e:1b:76:91:72:7a:a5:55:1e:3e:ba:a7:46:89:bc:51:35:
c4:09:5f:1c:07:f1:69:92:ea:c6:0d:ec:47:e2:df:a0:d5:51:
27:49:61:81:fd:a2:a1:fe:6c:c6:ba:70:d4:f0:cf:da:70:1d:
56:5c:15:48:d6:5c:a2:27:f5:54:1b:f4:4b:d0:dd:6a:3c:32:
09:fd:8d:a7:53:b6:2f:81:fa:71:52:c0:cf:ee:ef:18:5d:2d:
c9:95:41:3d:a0:99:d8:3c:94:98:97:5f:da:58:35:0f:92:23:
31:65:9f:12:2a:e3:ed:d7:7b:7a:43:55:49:00:2f:55:95:2c:
be:67:97:38:2d:11:93:b1:0e:a7:07:51:c1:cb:0e:b3:cc:78:
3e:a0:ad:88:c3:ad:09:e1:fd:ec:70:0f:ec:87:37:24:cb:a0:
ec:3c:c6:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVs5hchlAqyD46udQT7izR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM1YzgzMmEwZGExOGJlNmY1ZDhiNzlmM2Q5ZDI2ZGZjYTQwNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVGT/UcVMr92rOc3Z1Mxb8HsSUAM
+ZcJcnCIu1W8sfrEcLfYzdUZx3xki8lJHOic2W5qmJxCXdNdaGvmthfetgq9r6s/
Y+yVYSSTIoEnT5Gf9u5wYI11z7ESSDty8MAicdM609ns4NWVlvmtqHyz5goxzGB6
Lmd/+/TFovIWaGH3aqQ3A7/GH7pxj62L7L9hfqyfqfUlH0yjrtVDmSVnONZspXaT
Zi1yqXQRwQNd+9beeKOIIx5F6QMOTaQjkY/VvyJUr5pua+uWyY/8UHT4pi/fU6Kt
YCavuBS/f5NddU4zoRba/eVFYzdie2XXH7Y/s9p1Aq4mFldLCZvLyfdjDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK3FyDKg2hi+b12LefPZ0m38pAUFMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvcmNYSU1xRGFHTDV2WFl0NTg5blNiZnlrQlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2YwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmiNaRLKDBaMZUEvsv7+7F+aTbsk+Ngn3xmAZU/Nb
X5Q9p+SDjnODM408N80mESnLcC2kiiBfzU2qxerPmiU3Z22hQbKIP28jm2t9OFsu
o8ItD7nnKALVaowIbE4bdpFyeqVVHj66p0aJvFE1xAlfHAfxaZLqxg3sR+LfoNVR
J0lhgf2iof5sxrpw1PDP2nAdVlwVSNZcoif1VBv0S9DdajwyCf2Np1O2L4H6cVLA
z+7vGF0tyZVBPaCZ2DyUmJdf2lg1D5IjMWWfEirj7dd7ekNVSQAvVZUsvmeXOC0R
k7EOpwdRwcsOs8x4PqCtiMOtCeH97HAP7Ic3JMug7DzG7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org