Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/aoULBeghFdCKr8NElvktVAQHeWk.roa
File: aoULBeghFdCKr8NElvktVAQHeWk.roa (raw, json)
Hash identifier: LdcK+J+5y2v7pGAEy57Lkc83XZj31KTcTR9UpyCix74=
Subject key identifier: 6A:85:0B:05:E8:21:15:D0:8A:AF:C3:44:96:F9:2D:54:04:07:79:69
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01860986289ECC52179EFDCD936F718E2110
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/aoULBeghFdCKr8NElvktVAQHeWk.roa
Signing time: Tue 31 Jan 2023 20:30:32 +0000
ROA not before: Tue 31 Jan 2023 20:30:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a12:ef45::/32 maxlen: 32
2a12:ef42::/32 maxlen: 32
2a12:ef40::/29 maxlen: 48
2a12:ef46::/32 maxlen: 32
2a12:ef41::/32 maxlen: 32
2a12:ef43::/32 maxlen: 32
2a12:ef44::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Feb 2023 19:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:09:86:28:9e:cc:52:17:9e:fd:cd:93:6f:71:8e:21:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 31 20:30:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a850b05e82115d08aafc34496f92d5404077969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:e0:28:7b:a9:19:ff:18:3c:5d:2b:55:53:
8d:d5:1a:cf:f9:8d:51:0d:e1:db:b9:96:c3:96:68:
12:5f:b7:02:43:9f:22:e4:9f:72:e9:2a:5b:bb:64:
a6:ab:fc:13:4a:67:7c:b7:38:3f:2a:f5:96:8f:b6:
ee:36:8f:2d:25:ec:59:d6:44:4f:27:83:db:f3:47:
d5:f2:c7:42:04:95:88:2d:db:3f:a6:42:df:cd:cd:
e7:75:66:f1:97:f6:90:55:74:21:9d:d3:6a:1f:38:
c0:82:85:8c:73:a7:1c:59:54:ff:68:d0:f8:93:41:
c8:29:8e:b9:2c:24:45:5a:f7:a5:2a:6e:be:a8:95:
70:14:78:64:36:d0:cc:f8:e3:de:80:f0:5a:0d:ca:
e7:3b:31:df:32:90:d6:c1:49:91:0e:0d:49:74:92:
fc:c2:23:c1:8f:b7:1b:c1:d5:92:5d:bc:cb:14:e8:
22:e9:38:3f:be:5c:ae:52:59:34:e6:d2:c9:ff:93:
3c:91:d7:2d:81:ab:38:df:a0:02:75:d7:4b:54:44:
0f:3a:db:cb:2e:f6:4f:31:a4:8e:90:84:aa:2d:08:
ef:e0:83:4b:db:24:a4:89:2c:df:a8:6e:43:0f:0e:
c7:ed:4e:3d:3c:db:24:19:26:7b:36:8d:97:2b:a9:
b7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:85:0B:05:E8:21:15:D0:8A:AF:C3:44:96:F9:2D:54:04:07:79:69
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/aoULBeghFdCKr8NElvktVAQHeWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
6f:d2:3a:42:d4:dd:ae:fd:f1:f8:ce:02:9a:4d:fa:fe:34:4b:
10:11:9e:26:17:d9:8d:97:1d:1a:e8:44:8b:d9:db:85:81:26:
24:1c:9b:35:32:22:08:ff:75:97:4a:05:3d:a0:87:63:eb:53:
de:b6:04:10:41:86:f3:f9:6c:a2:f5:0a:45:c7:47:36:d2:e6:
07:03:52:9a:11:94:dc:0e:16:c5:1e:e6:c0:cd:13:97:a7:91:
df:4c:92:f9:2b:6d:02:8c:23:61:49:67:f5:01:ee:2a:ac:25:
06:33:87:df:e0:86:1a:23:f7:73:25:d5:32:17:3e:45:6e:f0:
7c:1d:90:d5:6e:66:c2:60:45:73:85:46:02:b4:29:7a:e9:f4:
d7:95:49:ea:7e:38:e2:19:1c:b8:b5:4b:22:cb:54:c6:be:42:
84:52:b4:18:70:55:4f:08:a1:5c:47:1e:6b:58:dd:80:1b:f5:
e1:03:3f:ff:e7:ca:c2:d2:9e:51:81:63:38:ca:da:5a:c2:13:
65:af:a5:5a:dc:19:54:2e:7e:5e:92:f5:f5:a0:8b:e9:19:0a:
d6:d4:c1:eb:dc:13:06:44:ab:b1:ae:88:2d:2a:ec:48:9f:e5:
3b:15:87:a6:87:5e:59:d0:7c:f8:4b:da:cd:50:47:0e:06:81:
be:9a:3e:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYJhiiezFIXnv3Nk29xjiEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMTMxMjAzMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg1MGIwNWU4MjExNWQwOGFhZmMzNDQ5NmY5MmQ1NDA0MDc3OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok/gKHupGf8YPF0rVVON1RrP+Y1R
DeHbuZbDlmgSX7cCQ58i5J9y6Spbu2Smq/wTSmd8tzg/KvWWj7buNo8tJexZ1kRP
J4Pb80fV8sdCBJWILds/pkLfzc3ndWbxl/aQVXQhndNqHzjAgoWMc6ccWVT/aND4
k0HIKY65LCRFWvelKm6+qJVwFHhkNtDM+OPegPBaDcrnOzHfMpDWwUmRDg1JdJL8
wiPBj7cbwdWSXbzLFOgi6Tg/vlyuUlk05tLJ/5M8kdctgas436ACdddLVEQPOtvL
LvZPMaSOkISqLQjv4INL2ySkiSzfqG5DDw7H7U49PNskGSZ7No2XK6m3jQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGqFCwXoIRXQiq/DRJb5LVQEB3lpMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvYW9VTEJlZ2hGZENLcjhORWx2a3RWQVFIZVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLvQDAN
BgkqhkiG9w0BAQsFAAOCAQEAb9I6QtTdrv3x+M4Cmk36/jRLEBGeJhfZjZcdGuhE
i9nbhYEmJBybNTIiCP91l0oFPaCHY+tT3rYEEEGG8/lsovUKRcdHNtLmBwNSmhGU
3A4WxR7mwM0Tl6eR30yS+SttAowjYUln9QHuKqwlBjOH3+CGGiP3cyXVMhc+RW7w
fB2Q1W5mwmBFc4VGArQpeun015VJ6n444hkcuLVLIstUxr5ChFK0GHBVTwihXEce
a1jdgBv14QM//+fKwtKeUYFjOMraWsITZa+lWtwZVC5+XpL19aCL6RkK1tTB69wT
BkSrsa6ILSrsSJ/lOxWHpodeWdB8+EvazVBHDgaBvpo+ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org