Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/7bGfvilZny5YFoBTgRouN5tpUao.roa
File: 7bGfvilZny5YFoBTgRouN5tpUao.roa (raw, json)
Hash identifier: saCjWdnllQjOya3OAlb30pLArdsfvoHenasGfVV0Scc=
Subject key identifier: ED:B1:9F:BE:29:59:9F:2E:58:16:80:53:81:1A:2E:37:9B:69:51:AA
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 0188B5723FA68E279E945755E0D23F5318B3
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/7bGfvilZny5YFoBTgRouN5tpUao.roa
Signing time: Tue 13 Jun 2023 15:49:03 +0000
ROA not before: Tue 13 Jun 2023 15:49:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a07:db85::/32 maxlen: 32
2a07:db87::/32 maxlen: 32
2a07:db84::/32 maxlen: 32
2a07:db86::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Nov 2023 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:72:3f:a6:8e:27:9e:94:57:55:e0:d2:3f:53:18:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jun 13 15:49:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edb19fbe29599f2e58168053811a2e379b6951aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7b:48:48:59:00:12:8c:d3:cb:1c:46:16:50:
82:04:b3:59:0d:68:fd:a8:90:8f:93:7a:38:74:9b:
a4:a9:fa:39:d8:97:fa:b0:bf:56:05:fc:71:c1:3a:
73:ca:d4:01:38:c2:c3:f4:63:4c:0c:fe:21:f0:76:
04:9d:0c:e0:ff:06:77:7f:fd:bf:2a:cf:f2:03:85:
f8:a5:84:f4:b3:bb:3f:d3:cd:b5:21:44:9c:7b:2c:
51:60:8d:63:49:53:81:ac:f6:ed:42:32:0c:40:a4:
35:ca:2b:e5:0e:70:16:98:d2:6a:7b:9c:fc:5a:1c:
a7:5d:28:40:99:00:28:26:1f:bc:55:c5:db:a5:df:
19:1a:b5:ed:58:fd:0f:8d:cf:a3:d6:9c:da:8e:8a:
41:9b:75:b0:58:7a:f0:71:ee:41:ab:3e:de:4f:76:
e6:ee:17:11:7d:1a:11:82:54:64:7a:69:bf:82:11:
87:17:b9:7a:db:26:dc:0a:cc:3d:a3:27:1e:b6:2f:
ea:59:1d:36:ab:e7:97:f3:47:b3:60:6d:c6:62:2c:
3a:7b:8e:97:f2:56:4c:76:60:34:29:97:5b:ab:8c:
d4:75:86:9d:0a:cc:b5:5b:bf:4f:9a:b3:23:81:db:
41:eb:a7:4a:85:82:4f:b0:e0:41:b4:ef:32:b3:27:
e7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B1:9F:BE:29:59:9F:2E:58:16:80:53:81:1A:2E:37:9B:69:51:AA
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/7bGfvilZny5YFoBTgRouN5tpUao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db84::/30
Signature Algorithm: sha256WithRSAEncryption
a6:77:05:22:7a:82:8c:12:b5:08:dc:1e:a6:10:c0:6d:b7:f5:
0a:34:f7:c7:7c:93:01:c3:5d:14:98:da:f8:93:1d:10:d8:e2:
9a:5a:04:21:48:61:bc:01:a2:d2:ee:06:d2:7a:97:a3:53:4f:
db:aa:17:5d:d6:b1:a5:15:99:0a:1b:8b:58:1c:f3:55:14:60:
f6:8b:61:82:63:47:00:a7:a9:82:ff:af:12:83:b9:c0:ab:b6:
5f:21:6a:ac:38:5c:5f:ca:22:3e:81:95:40:18:f4:3b:94:53:
ff:12:fe:be:07:9e:61:f4:91:6d:b1:a7:f7:62:21:87:66:6b:
f6:0c:6e:5f:50:ef:a3:05:62:fb:4e:d2:ac:d3:ef:40:8a:eb:
15:2b:1a:ba:32:a4:d4:da:88:5d:f5:92:86:4d:28:b9:26:48:
d5:d0:49:69:f6:05:0a:53:bb:90:74:c1:cc:b2:33:59:b4:95:
42:89:ca:97:a5:c5:c1:28:36:32:c7:de:e2:69:e2:42:1c:6a:
ca:27:63:2a:76:a6:db:49:81:ca:a4:c8:05:ef:cf:41:8b:a4:
50:a7:27:65:16:95:39:76:de:54:43:08:22:80:c4:4c:47:5e:
ac:80:06:ca:0c:66:36:96:14:49:a2:e4:37:c4:9f:89:84:39:
c5:e8:75:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi1cj+mjieelFdV4NI/UxizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwNjEzMTU0OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGIxOWZiZTI5NTk5ZjJlNTgxNjgwNTM4MTFhMmUzNzliNjk1MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHtISFkAEozTyxxGFlCCBLNZDWj9
qJCPk3o4dJukqfo52Jf6sL9WBfxxwTpzytQBOMLD9GNMDP4h8HYEnQzg/wZ3f/2/
Ks/yA4X4pYT0s7s/0821IUSceyxRYI1jSVOBrPbtQjIMQKQ1yivlDnAWmNJqe5z8
WhynXShAmQAoJh+8VcXbpd8ZGrXtWP0Pjc+j1pzajopBm3WwWHrwce5Bqz7eT3bm
7hcRfRoRglRkemm/ghGHF7l62ybcCsw9oyceti/qWR02q+eX80ezYG3GYiw6e46X
8lZMdmA0KZdbq4zUdYadCsy1W79PmrMjgdtB66dKhYJPsOBBtO8ysyfneQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO2xn74pWZ8uWBaAU4EaLjebaVGqMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvN2JHZnZpbFpueTVZRm9CVGdSb3VONXRwVWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgfbhDAN
BgkqhkiG9w0BAQsFAAOCAQEApncFInqCjBK1CNwephDAbbf1CjT3x3yTAcNdFJja
+JMdENjimloEIUhhvAGi0u4G0nqXo1NP26oXXdaxpRWZChuLWBzzVRRg9othgmNH
AKepgv+vEoO5wKu2XyFqrDhcX8oiPoGVQBj0O5RT/xL+vgeeYfSRbbGn92Ihh2Zr
9gxuX1DvowVi+07SrNPvQIrrFSsaujKk1NqIXfWShk0ouSZI1dBJafYFClO7kHTB
zLIzWbSVQonKl6XFwSg2Msfe4mniQhxqyidjKnam20mByqTIBe/PQYukUKcnZRaV
OXbeVEMIIoDETEderIAGygxmNpYUSaLkN8SfiYQ5xeh1Hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org