Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/8dy6Im2SkyRWLD3e95dCKE4UTMo.roa
File: 8dy6Im2SkyRWLD3e95dCKE4UTMo.roa (raw, json)
Hash identifier: ZYkSvyIeMpPRGtxlb54axY03vl17PLjyGv1Eo0uMoVI=
Subject key identifier: F1:DC:BA:22:6D:92:93:24:56:2C:3D:DE:F7:97:42:28:4E:14:4C:CA
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 0188B56A033CCA3351EE329D57E9503D99B2
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/8dy6Im2SkyRWLD3e95dCKE4UTMo.roa
Signing time: Tue 13 Jun 2023 15:40:03 +0000
ROA not before: Tue 13 Jun 2023 15:40:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db81::/32 maxlen: 32
2a07:db83::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jul 2023 21:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:6a:03:3c:ca:33:51:ee:32:9d:57:e9:50:3d:99:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jun 13 15:40:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1dcba226d929324562c3ddef79742284e144cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:35:be:58:9d:de:a0:44:51:ba:c2:01:72:
90:88:96:89:3d:5f:fb:3e:a5:82:8c:69:59:db:0c:
c0:fe:e4:cf:e7:48:f4:a2:84:e6:50:6a:74:ed:de:
5f:a8:d7:31:8b:1e:d7:81:ab:cf:fc:22:71:57:d1:
46:bc:15:2f:8c:1c:13:6c:51:50:6a:f5:d2:27:56:
5c:04:19:48:31:71:e8:ba:37:93:e9:48:6a:3b:8e:
f5:dd:64:9d:c3:33:10:4c:97:58:47:a8:04:1b:23:
33:3a:e0:25:f0:1b:cf:93:89:b8:63:9b:02:a8:42:
94:09:45:56:f8:a5:65:2c:cb:fd:5c:ad:23:be:76:
13:1f:08:d6:be:86:16:5f:aa:76:dc:54:78:1f:86:
c4:04:b0:8a:77:d9:e1:ee:1d:ff:a1:a1:8e:48:e8:
76:ff:b0:4f:72:b7:4a:f6:be:b6:92:21:6c:39:a9:
98:1b:96:8e:c3:17:4e:79:d9:df:81:d0:61:12:16:
3d:87:0a:ee:30:b1:04:d1:33:03:9f:06:70:f3:28:
32:ea:6f:7a:9b:37:2c:e3:51:79:5c:b8:2d:82:4f:
98:ea:36:e5:03:ec:fd:54:d0:50:4d:55:90:e8:98:
74:ee:76:59:59:0c:72:ba:44:29:54:03:c9:bc:b6:
80:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DC:BA:22:6D:92:93:24:56:2C:3D:DE:F7:97:42:28:4E:14:4C:CA
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/8dy6Im2SkyRWLD3e95dCKE4UTMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/30
Signature Algorithm: sha256WithRSAEncryption
72:f5:12:50:7f:8b:60:1d:31:eb:30:05:3b:e6:e9:fa:47:04:
72:5f:fc:6d:39:63:8f:9b:ff:8d:bb:23:e5:3c:83:84:51:53:
cb:01:52:55:76:44:60:21:de:be:5b:b8:ce:db:e3:97:5d:23:
30:3a:d6:95:c5:2b:19:d3:58:a7:2c:0c:6a:9b:c4:1c:7b:69:
e8:af:61:26:a0:a5:ec:c5:ed:42:18:3f:ce:14:8a:cf:6a:1d:
33:6a:ec:c1:da:76:88:2d:fa:51:48:e6:4d:9a:96:1c:ae:c1:
4e:eb:a4:24:b8:1a:eb:9f:da:f4:09:05:fa:30:94:bf:e2:d2:
78:97:92:8c:2e:eb:af:f8:9e:8d:c3:9d:90:ae:05:d9:d8:6d:
59:ba:ed:aa:ce:d1:5e:a0:35:16:ce:75:cd:39:fe:6a:2e:47:
68:4e:6d:a6:e6:34:1e:7b:e2:58:a7:4c:dc:d0:bb:ee:4a:56:
bb:a1:43:7c:e5:99:a2:b4:90:41:b3:0f:96:3a:06:a7:07:38:
bf:8a:9c:25:9a:d4:22:bd:76:22:e2:a7:3a:8d:4e:58:d9:02:
01:c5:1b:fc:f3:74:2a:dc:8f:0e:c4:bd:7a:0f:a1:e4:10:74:
49:ae:0e:60:70:49:ed:36:9d:2f:02:aa:9d:f3:bb:02:bd:b5:
02:f9:50:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi1agM8yjNR7jKdV+lQPZmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwNjEzMTU0MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRjYmEyMjZkOTI5MzI0NTYyYzNkZGVmNzk3NDIyODRlMTQ0Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPM1vlid3qBEUbrCAXKQiJaJPV/7
PqWCjGlZ2wzA/uTP50j0ooTmUGp07d5fqNcxix7XgavP/CJxV9FGvBUvjBwTbFFQ
avXSJ1ZcBBlIMXHoujeT6UhqO4713WSdwzMQTJdYR6gEGyMzOuAl8BvPk4m4Y5sC
qEKUCUVW+KVlLMv9XK0jvnYTHwjWvoYWX6p23FR4H4bEBLCKd9nh7h3/oaGOSOh2
/7BPcrdK9r62kiFsOamYG5aOwxdOednfgdBhEhY9hwruMLEE0TMDnwZw8ygy6m96
mzcs41F5XLgtgk+Y6jblA+z9VNBQTVWQ6Jh07nZZWQxyukQpVAPJvLaAHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPHcuiJtkpMkViw93veXQihOFEzKMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvOGR5NkltMlNreVJXTEQzZTk1ZENLRTRVVE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgfbgDAN
BgkqhkiG9w0BAQsFAAOCAQEAcvUSUH+LYB0x6zAFO+bp+kcEcl/8bTljj5v/jbsj
5TyDhFFTywFSVXZEYCHevlu4ztvjl10jMDrWlcUrGdNYpywMapvEHHtp6K9hJqCl
7MXtQhg/zhSKz2odM2rswdp2iC36UUjmTZqWHK7BTuukJLga65/a9AkF+jCUv+LS
eJeSjC7rr/iejcOdkK4F2dhtWbrtqs7RXqA1Fs51zTn+ai5HaE5tpuY0HnviWKdM
3NC77kpWu6FDfOWZorSQQbMPljoGpwc4v4qcJZrUIr12IuKnOo1OWNkCAcUb/PN0
KtyPDsS9eg+h5BB0Sa4OYHBJ7TadLwKqnfO7Ar21AvlQIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org