Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/I3KItQTbCt-QeZZrsS4uDxArzQg.roa
File: I3KItQTbCt-QeZZrsS4uDxArzQg.roa (raw, json)
Hash identifier: UYWDnm4MNZoHjTjVnO1f3AulS7VipOekZPa7IN5OnBY=
Subject key identifier: 23:72:88:B5:04:DB:0A:DF:90:79:96:6B:B1:2E:2E:0F:10:2B:CD:08
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018CC86F595C43B7A1FDD26D597A1BCE83D5
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/I3KItQTbCt-QeZZrsS4uDxArzQg.roa
Signing time: Tue 02 Jan 2024 04:29:49 +0000
ROA not before: Tue 02 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 2a07:db81::/32 maxlen: 32
2a07:db85::/32 maxlen: 32
2a07:db87::/32 maxlen: 32
2a07:db84::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Jan 2024 21:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:59:5c:43:b7:a1:fd:d2:6d:59:7a:1b:ce:83:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jan 2 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=237288b504db0adf9079966bb12e2e0f102bcd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:83:9e:78:70:36:4e:af:a1:47:3c:3a:25:5b:
f2:0e:83:fb:d0:fd:14:26:a0:8c:16:7f:8a:bd:13:
62:7a:fb:28:e1:29:b9:a0:d6:bb:5f:d5:23:54:5b:
3f:30:5d:4b:ab:3a:2d:0a:b7:f0:c8:4e:b7:d2:b6:
6d:ce:3a:bf:07:1c:9b:35:02:65:4d:4a:17:db:d1:
58:73:b7:23:16:09:dc:3f:86:9e:d7:4b:dd:b7:2d:
e1:73:ee:44:dd:34:20:5c:e3:d0:65:18:14:e0:18:
a9:60:a4:33:9d:34:60:27:46:60:28:28:12:fe:ec:
8a:c3:03:67:9b:41:ef:fc:17:e7:a8:3f:93:6d:c0:
72:50:b0:84:c4:da:b9:83:30:01:c8:01:63:fe:5f:
99:0c:66:81:f0:43:68:79:c7:ce:7a:7c:ac:e3:f0:
5f:4a:57:ac:a4:b6:2b:ec:da:67:f5:2a:b2:b9:ab:
20:60:f7:ca:e9:2d:95:30:e6:f6:9f:33:b5:90:92:
2c:6d:8b:89:82:36:e8:c2:3c:1d:eb:cc:16:fd:0c:
23:ce:8a:03:90:d4:e8:f7:b3:99:a5:7f:2c:ca:b9:
a7:b4:70:2d:ab:70:51:83:8a:4f:53:d9:dc:c0:cf:
5a:c7:68:b1:87:0a:6a:98:fd:5f:51:9b:f7:ab:5f:
e8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:72:88:B5:04:DB:0A:DF:90:79:96:6B:B1:2E:2E:0F:10:2B:CD:08
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/I3KItQTbCt-QeZZrsS4uDxArzQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db81::-2a07:db82:ffff:ffff:ffff:ffff:ffff:ffff
2a07:db84::/31
2a07:db87::/32
Signature Algorithm: sha256WithRSAEncryption
40:85:4b:72:a5:e3:d4:e4:55:dd:0a:e0:1f:87:25:77:61:3d:
f0:68:0e:b5:7b:f3:67:45:99:24:a4:10:89:54:a6:91:80:72:
fd:5c:72:a5:33:91:53:91:fd:d1:33:8c:22:10:64:ae:ef:1a:
a1:94:c3:a8:2e:f6:cf:83:87:ad:d7:cd:cd:02:c3:b4:60:06:
5d:69:f3:1c:4f:95:db:14:34:d8:9c:d3:90:95:7a:35:b9:bd:
de:43:72:4e:c3:32:58:a1:59:b4:66:09:8f:98:c2:df:db:49:
09:f4:ac:2f:d4:9d:3f:f0:25:8a:f9:ba:b3:19:36:29:dc:e3:
dc:b0:92:0e:70:55:4e:d1:0f:52:ca:e0:da:a4:81:d0:80:40:
8d:9a:93:35:a1:82:b8:a4:ee:e5:95:6d:2e:ac:5d:14:f5:93:
2f:d4:8e:a3:9b:05:16:b6:36:3b:6c:f4:54:3e:09:c3:da:28:
13:56:14:56:6b:3c:9f:24:4b:d6:31:8c:43:38:62:8f:7a:1f:
df:89:38:c8:e2:3d:eb:df:f3:3d:8f:2c:e4:52:ce:d8:9c:60:
1c:7b:08:af:ca:96:ba:b2:74:a8:07:ab:50:ee:84:28:ea:58:
03:85:ef:d9:f5:b9:3e:e0:c6:a4:7e:14:bc:68:d0:5c:46:22:
c0:59:b6:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb1lcQ7eh/dJtWXobzoPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzcyODhiNTA0ZGIwYWRmOTA3OTk2NmJiMTJlMmUwZjEwMmJjZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4OeeHA2Tq+hRzw6JVvyDoP70P0U
JqCMFn+KvRNievso4Sm5oNa7X9UjVFs/MF1LqzotCrfwyE630rZtzjq/BxybNQJl
TUoX29FYc7cjFgncP4ae10vdty3hc+5E3TQgXOPQZRgU4BipYKQznTRgJ0ZgKCgS
/uyKwwNnm0Hv/BfnqD+TbcByULCExNq5gzAByAFj/l+ZDGaB8ENoecfOenys4/Bf
SlespLYr7Npn9SqyuasgYPfK6S2VMOb2nzO1kJIsbYuJgjbowjwd68wW/QwjzooD
kNTo97OZpX8syrmntHAtq3BRg4pPU9ncwM9ax2ixhwpqmP1fUZv3q1/ouwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCNyiLUE2wrfkHmWa7EuLg8QK80IMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvSTNLSXRRVGJDdC1RZVpacnNTNHVEeEFyelFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqB9uB
AwUAKgfbggMFASoH24QDBQAqB9uHMA0GCSqGSIb3DQEBCwUAA4IBAQBAhUtypePU
5FXdCuAfhyV3YT3waA61e/NnRZkkpBCJVKaRgHL9XHKlM5FTkf3RM4wiEGSu7xqh
lMOoLvbPg4et183NAsO0YAZdafMcT5XbFDTYnNOQlXo1ub3eQ3JOwzJYoVm0ZgmP
mMLf20kJ9Kwv1J0/8CWK+bqzGTYp3OPcsJIOcFVO0Q9SyuDapIHQgECNmpM1oYK4
pO7llW0urF0U9ZMv1I6jmwUWtjY7bPRUPgnD2igTVhRWazyfJEvWMYxDOGKPeh/f
iTjI4j3r3/M9jyzkUs7YnGAcewivypa6snSoB6tQ7oQo6lgDhe/Z9bk+4MakfhS8
aNBcRiLAWbYf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org