Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/iUcvLCE3bJPixRFZFU1Zh8wFlvQ.roa
File: iUcvLCE3bJPixRFZFU1Zh8wFlvQ.roa (raw, json)
Hash identifier: Se5kqNmtrJdxiOzZUdTN76tmjwTZTlIQciBcb+1nE+c=
Subject key identifier: 89:47:2F:2C:21:37:6C:93:E2:C5:11:59:15:4D:59:87:CC:05:96:F4
Certificate issuer: /CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Certificate serial: 018BA69C804258208DA0F8A45CF4F4337039
Authority key identifier: C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/iUcvLCE3bJPixRFZFU1Zh8wFlvQ.roa
Signing time: Mon 06 Nov 2023 21:49:16 +0000
ROA not before: Mon 06 Nov 2023 21:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147183
IP address blocks: 2a0c:4a01:c40::/44 maxlen: 44
2a0c:4a01:c30::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:9c:80:42:58:20:8d:a0:f8:a4:5c:f4:f4:33:70:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Validity
Not Before: Nov 6 21:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89472f2c21376c93e2c51159154d5987cc0596f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1d:45:44:7d:61:05:de:25:ab:c1:ba:da:c6:
7c:21:90:73:bf:98:93:14:7b:e2:04:ab:73:af:56:
f0:0a:ca:d6:c5:f6:b4:d0:2e:6e:51:02:d9:49:2a:
46:7d:a0:f8:76:7b:3f:d3:1c:ba:21:9e:9a:9f:69:
e5:d3:af:89:92:76:6c:ea:16:73:5c:d5:69:3c:f1:
2f:cf:c0:1c:33:d8:c4:ee:36:4e:a9:14:bc:c1:49:
99:90:c9:75:34:e3:73:10:d1:fd:44:ed:2f:e3:d1:
ee:3c:bc:5a:c6:d8:5f:68:ad:ad:d8:3b:6c:9e:5b:
09:35:4c:6b:8e:8f:2d:14:ad:8b:e4:e5:03:14:a8:
42:69:c0:c0:13:d0:b6:56:b3:16:6a:19:d4:00:7e:
cd:8e:a2:2d:a7:1f:98:e4:e1:13:e5:d0:73:a1:e4:
c6:ab:f7:20:c6:ae:d5:69:93:d5:d0:2b:8d:5e:e1:
25:3d:7f:a1:5b:e2:2b:be:67:d4:52:fb:76:09:9b:
1a:ba:83:6d:ee:49:51:41:6c:f7:65:80:a8:a7:cd:
2f:da:36:ab:ab:f3:9a:0f:77:d5:4d:c1:e9:4e:0e:
28:77:1d:82:eb:2a:55:b3:90:0c:c6:b7:9a:7e:7e:
03:6b:3f:aa:48:2f:d9:c0:17:78:41:96:8f:ec:14:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:47:2F:2C:21:37:6C:93:E2:C5:11:59:15:4D:59:87:CC:05:96:F4
X509v3 Authority Key Identifier:
keyid:C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/iUcvLCE3bJPixRFZFU1Zh8wFlvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/wcJrtXS4m4wYZvhHS7HLADJk7CA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4a01:c30::-2a0c:4a01:c4f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:94:35:01:ac:2a:4f:7b:f9:e4:7b:61:ee:43:68:ea:cb:d4:
86:a7:56:6d:65:34:51:94:e7:62:dd:dc:11:be:03:2f:31:b3:
0b:f8:89:88:21:74:48:ea:4f:64:de:80:c8:57:00:e8:f7:60:
38:80:88:03:2c:63:93:40:46:30:cd:4e:00:61:e8:80:34:36:
17:b1:94:2f:3d:5b:67:99:fc:7c:21:1e:13:e7:7e:c8:4f:7d:
b9:1c:5c:a4:32:b4:3d:db:0d:83:8c:64:8c:b8:02:2a:db:1b:
cc:6b:cd:90:ff:4d:a1:e7:56:32:cc:a8:d1:87:16:03:ce:cf:
82:56:84:47:2d:38:d8:1d:e2:8b:32:70:b7:f7:a0:d8:9b:95:
18:40:43:98:bf:83:7a:b8:87:85:86:19:6f:2a:08:17:c4:3c:
63:f5:db:3e:82:03:9f:59:f5:e5:dd:b8:40:08:b7:67:72:77:
52:8e:5b:96:4d:db:03:25:bf:8c:69:c8:3b:6a:f8:bf:8f:b6:
c9:4e:0c:82:5e:ad:9e:d1:98:b3:8b:c2:4c:4f:e2:32:04:d5:
56:34:ad:60:d3:12:e8:79:48:21:96:b4:ff:f4:85:29:c0:33:
40:7e:b8:0a:6a:28:10:bf:38:fc:39:f3:a0:c2:45:61:be:6b:
33:6d:26:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYumnIBCWCCNoPikXPT0M3A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzI2YmI1NzRiODliOGMxODY2Zjg0NzRiYjFjYjAwMzI2
NGVjMjAwHhcNMjMxMTA2MjE0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ3MmYyYzIxMzc2YzkzZTJjNTExNTkxNTRkNTk4N2NjMDU5NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx1FRH1hBd4lq8G62sZ8IZBzv5iT
FHviBKtzr1bwCsrWxfa00C5uUQLZSSpGfaD4dns/0xy6IZ6an2nl06+JknZs6hZz
XNVpPPEvz8AcM9jE7jZOqRS8wUmZkMl1NONzENH9RO0v49HuPLxaxthfaK2t2Dts
nlsJNUxrjo8tFK2L5OUDFKhCacDAE9C2VrMWahnUAH7NjqItpx+Y5OET5dBzoeTG
q/cgxq7VaZPV0CuNXuElPX+hW+IrvmfUUvt2CZsauoNt7klRQWz3ZYCop80v2jar
q/OaD3fVTcHpTg4odx2C6ypVs5AMxreafn4Daz+qSC/ZwBd4QZaP7BSXfwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIlHLywhN2yT4sURWRVNWYfMBZb0MB8GA1UdIwQY
MBaAFMHCa7V0uJuMGGb4R0uxywAyZOwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgt
ZjJhMmE1ZDUwNDVlLzEvaVVjdkxDRTNiSlBpeFJGWkZVMVpoOHdGbHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgtZjJhMmE1ZDUwNDVl
LzEvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDEoB
DDADBwQqDEoBDEAwDQYJKoZIhvcNAQELBQADggEBABeUNQGsKk97+eR7Ye5DaOrL
1IanVm1lNFGU52Ld3BG+Ay8xswv4iYghdEjqT2TegMhXAOj3YDiAiAMsY5NARjDN
TgBh6IA0NhexlC89W2eZ/HwhHhPnfshPfbkcXKQytD3bDYOMZIy4AirbG8xrzZD/
TaHnVjLMqNGHFgPOz4JWhEctONgd4osycLf3oNiblRhAQ5i/g3q4h4WGGW8qCBfE
PGP12z6CA59Z9eXduEAIt2dyd1KOW5ZN2wMlv4xpyDtq+L+PtslODIJerZ7RmLOL
wkxP4jIE1VY0rWDTEuh5SCGWtP/0hSnAM0B+uApqKBC/OPw586DCRWG+azNtJog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:22 2024 by rpki-client on console-fra.rpki-client.org