Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/IbLbGlmlJAUgtgWphoOyrZ97raA.roa
File: IbLbGlmlJAUgtgWphoOyrZ97raA.roa (raw, json)
Hash identifier: YL7fzDqsyeu07uo6BKFeZ4AX51muQoBBDqRNFgbTqGs=
Subject key identifier: 21:B2:DB:1A:59:A5:24:05:20:B6:05:A9:86:83:B2:AD:9F:7B:AD:A0
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018AFC134DABFD778D54DF5C4E77CA54C818
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/IbLbGlmlJAUgtgWphoOyrZ97raA.roa
Signing time: Wed 04 Oct 2023 19:03:58 +0000
ROA not before: Wed 04 Oct 2023 19:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200373
IP address blocks: 2a07:db81::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Oct 2023 13:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:13:4d:ab:fd:77:8d:54:df:5c:4e:77:ca:54:c8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Oct 4 19:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21b2db1a59a5240520b605a98683b2ad9f7bada0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5a:b0:1a:f1:89:c5:86:63:ae:3a:9f:60:b8:
7b:d9:09:25:43:88:60:e4:21:8a:fc:f5:12:77:b3:
d9:7a:8b:d3:91:59:88:32:39:72:bc:e8:7f:f4:79:
6c:c3:6c:a5:3f:58:f8:f4:48:0d:8a:36:66:8f:9f:
69:a0:2f:26:fb:7d:10:97:07:bd:c3:f1:43:45:95:
19:1c:cc:4f:07:86:5f:ff:7c:cb:af:a3:e7:8d:02:
20:c2:2c:cd:9a:fd:8c:62:99:81:f6:ff:4f:0a:ce:
d3:d1:6a:1c:aa:38:37:cf:34:34:e5:d6:77:27:98:
41:30:f7:58:3f:b8:2c:3a:34:3f:ae:25:b1:fd:da:
55:8e:1f:9d:eb:32:86:1e:de:7a:2b:9f:fb:bb:a8:
34:58:bc:34:ac:c6:4a:79:90:19:b7:47:6f:73:56:
64:83:0b:9e:61:f8:90:09:67:a1:87:6f:ac:8b:8b:
0f:8d:2c:5c:ed:ba:4a:98:07:1a:6b:b1:a9:4c:49:
98:f2:d5:f1:2b:00:71:ee:b7:c4:4a:1d:50:ac:4c:
fe:bc:0e:15:d5:d9:b1:6a:41:4a:d7:dd:a6:74:c5:
8f:8f:16:80:ef:f9:b3:bf:d0:93:0a:e4:ef:c7:d7:
7e:4e:05:c5:82:24:23:60:b5:2f:f4:b4:10:7c:cf:
e5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:DB:1A:59:A5:24:05:20:B6:05:A9:86:83:B2:AD:9F:7B:AD:A0
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/IbLbGlmlJAUgtgWphoOyrZ97raA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db81::/32
Signature Algorithm: sha256WithRSAEncryption
45:f5:7a:b9:38:7e:25:30:5b:5e:6e:19:ce:49:b1:23:29:25:
ee:a6:24:9c:48:21:63:d1:31:d0:d6:61:de:da:ef:87:19:5d:
25:0e:b8:4a:f3:7f:9c:b8:c8:5a:c4:5a:64:38:19:85:04:00:
ff:13:65:1f:d1:4e:ec:67:0c:d3:52:fe:9c:bb:4a:cc:77:eb:
08:1d:db:87:31:3d:21:b7:f5:97:6c:b4:31:8e:2f:73:0f:5e:
12:bc:05:3e:c0:c8:ec:ac:a9:09:3c:29:20:eb:ae:a1:4d:f0:
20:e8:6d:ab:a7:11:bc:d1:cf:df:ad:67:d4:c3:f9:6d:6b:2f:
a2:e6:00:86:18:d7:82:04:19:9f:ec:9a:a9:91:ec:9f:8c:b3:
33:fe:f8:f4:59:ca:c7:b7:50:f2:f5:70:24:30:15:14:c9:0d:
10:14:af:04:a7:e8:0c:3a:17:f2:7c:f3:6a:bd:50:63:21:63:
2e:91:b7:06:c3:21:3c:e4:dd:0e:0c:12:b2:d2:6c:3e:f3:bd:
50:fa:97:be:06:c2:72:bb:a2:5b:92:94:b5:20:5e:1d:76:be:
93:0c:6c:1a:8e:9b:2f:74:65:f9:e6:a6:7d:00:ca:89:e8:1d:
8e:77:6f:12:35:dd:6a:16:cd:cd:94:3d:41:88:d7:83:f5:1f:
2e:5a:a8:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYr8E02r/XeNVN9cTnfKVMgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMxMDA0MTkwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIyZGIxYTU5YTUyNDA1MjBiNjA1YTk4NjgzYjJhZDlmN2JhZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lqwGvGJxYZjrjqfYLh72QklQ4hg
5CGK/PUSd7PZeovTkVmIMjlyvOh/9Hlsw2ylP1j49EgNijZmj59poC8m+30Qlwe9
w/FDRZUZHMxPB4Zf/3zLr6PnjQIgwizNmv2MYpmB9v9PCs7T0Wocqjg3zzQ05dZ3
J5hBMPdYP7gsOjQ/riWx/dpVjh+d6zKGHt56K5/7u6g0WLw0rMZKeZAZt0dvc1Zk
gwueYfiQCWehh2+si4sPjSxc7bpKmAcaa7GpTEmY8tXxKwBx7rfESh1QrEz+vA4V
1dmxakFK192mdMWPjxaA7/mzv9CTCuTvx9d+TgXFgiQjYLUv9LQQfM/lFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCGy2xpZpSQFILYFqYaDsq2fe62gMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvSWJMYkdsbWxKQVVndGdXcGhvT3lyWjk3cmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfbgTAN
BgkqhkiG9w0BAQsFAAOCAQEARfV6uTh+JTBbXm4ZzkmxIykl7qYknEghY9Ex0NZh
3trvhxldJQ64SvN/nLjIWsRaZDgZhQQA/xNlH9FO7GcM01L+nLtKzHfrCB3bhzE9
Ibf1l2y0MY4vcw9eErwFPsDI7KypCTwpIOuuoU3wIOhtq6cRvNHP361n1MP5bWsv
ouYAhhjXggQZn+yaqZHsn4yzM/749FnKx7dQ8vVwJDAVFMkNEBSvBKfoDDoX8nzz
ar1QYyFjLpG3BsMhPOTdDgwSstJsPvO9UPqXvgbCcruiW5KUtSBeHXa+kwxsGo6b
L3Rl+eamfQDKiegdjndvEjXdahbNzZQ9QYjXg/UfLlqoTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org