Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/OoLHpWzfwciL24O0fsVh0GEr5GY.roa
File: OoLHpWzfwciL24O0fsVh0GEr5GY.roa (raw, json)
Hash identifier: qsvX8puWSc7cfwhA6v97vRfsnAkjFG2EGt0zPljmtd4=
Subject key identifier: 3A:82:C7:A5:6C:DF:C1:C8:8B:DB:83:B4:7E:C5:61:D0:61:2B:E4:66
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018BC955FE699B362320E625036A1DBFB529
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/OoLHpWzfwciL24O0fsVh0GEr5GY.roa
Signing time: Mon 13 Nov 2023 15:38:57 +0000
ROA not before: Mon 13 Nov 2023 15:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200373
IP address blocks: 2a07:db81::/32 maxlen: 32
2a07:db85::/32 maxlen: 32
2a07:db87::/32 maxlen: 32
2a07:db84::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:55:fe:69:9b:36:23:20:e6:25:03:6a:1d:bf:b5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Nov 13 15:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a82c7a56cdfc1c88bdb83b47ec561d0612be466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:71:50:82:fe:27:bc:5f:ed:5e:47:0e:4f:
61:ad:70:a9:7a:2d:ea:f8:e5:ec:57:8b:85:a3:18:
9a:3f:9a:f1:8d:c9:06:b0:ce:91:ad:02:e4:08:de:
6b:e8:64:24:53:f3:94:05:92:6a:f1:8c:c8:1a:6e:
0a:82:55:94:f4:69:f0:1e:66:bd:0a:11:58:4c:9c:
91:81:92:28:0c:93:12:34:03:18:a9:6c:a3:ea:c9:
fb:ea:c2:8a:46:9b:40:7f:ab:d3:7f:15:64:91:27:
1e:de:85:1d:19:e6:f5:15:9a:51:df:67:cc:85:c2:
8e:66:27:04:7a:2d:3e:d5:d5:55:4f:5a:bc:1c:95:
e7:d4:25:e2:a4:7a:4a:34:67:57:65:84:df:85:4e:
37:19:68:af:1a:e7:60:15:7b:ca:2d:8f:85:47:ce:
4b:0b:39:8e:e3:6b:0d:68:5f:3b:28:a5:08:a1:f2:
47:bb:45:83:74:9b:f7:6b:08:4c:25:4c:bc:3d:d5:
6c:f6:d1:11:47:5d:a7:1a:ef:50:27:c9:ee:a8:d5:
54:3c:2a:bd:dc:4c:d3:31:5b:ae:ac:9f:a0:97:52:
d5:54:af:c1:b6:87:95:23:27:9b:c1:2d:6a:53:b5:
cb:b4:26:ca:e0:fd:f4:1f:77:2b:be:31:fa:25:0c:
26:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:82:C7:A5:6C:DF:C1:C8:8B:DB:83:B4:7E:C5:61:D0:61:2B:E4:66
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/OoLHpWzfwciL24O0fsVh0GEr5GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db81::-2a07:db82:ffff:ffff:ffff:ffff:ffff:ffff
2a07:db84::/31
2a07:db87::/32
Signature Algorithm: sha256WithRSAEncryption
1b:62:35:f8:19:b7:4b:d6:2e:90:29:41:91:63:e8:41:c3:67:
89:97:aa:69:2f:6b:18:96:16:f7:18:c7:4b:2a:b2:c3:a4:d4:
11:93:28:aa:63:b7:f1:b3:6e:c1:6c:2e:37:0a:db:11:59:dc:
62:98:91:f4:1a:06:81:94:85:24:a8:7c:b1:91:6a:9b:68:8e:
0a:50:95:7f:35:8d:15:63:a2:cc:04:ac:41:40:4e:27:0a:c0:
c0:03:28:7c:4b:07:b9:87:2c:56:95:8e:9b:63:49:7d:67:21:
44:97:54:e2:10:7d:be:d8:59:76:7b:e2:50:81:41:ce:e9:d5:
4a:9f:20:06:29:27:97:9f:c9:c8:5b:bf:87:ef:18:69:73:3c:
cb:e5:6c:74:c1:dc:fe:8f:8c:1c:32:2f:a3:4d:04:79:2a:c2:
ea:01:d9:70:95:7e:9c:5a:8b:55:cd:4a:c6:94:ff:78:7e:a4:
12:97:75:8b:b4:83:67:39:ef:93:de:34:9c:09:8b:6e:65:c8:
9d:4d:f6:46:06:ab:b1:a1:54:33:42:6b:00:4d:12:16:db:3a:
75:3d:c3:70:63:22:0d:d7:f6:89:67:ed:b9:fa:1d:12:cd:bd:
73:f4:ec:3e:3d:32:26:a9:6b:1d:4f:f1:b7:8f:60:2c:38:9c:
84:17:25:a5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvJVf5pmzYjIOYlA2odv7UpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMxMTEzMTUzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgyYzdhNTZjZGZjMWM4OGJkYjgzYjQ3ZWM1NjFkMDYxMmJlNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRtxUIL+J7xf7V5HDk9hrXCpei3q
+OXsV4uFoxiaP5rxjckGsM6RrQLkCN5r6GQkU/OUBZJq8YzIGm4KglWU9GnwHma9
ChFYTJyRgZIoDJMSNAMYqWyj6sn76sKKRptAf6vTfxVkkSce3oUdGeb1FZpR32fM
hcKOZicEei0+1dVVT1q8HJXn1CXipHpKNGdXZYTfhU43GWivGudgFXvKLY+FR85L
CzmO42sNaF87KKUIofJHu0WDdJv3awhMJUy8PdVs9tERR12nGu9QJ8nuqNVUPCq9
3EzTMVuurJ+gl1LVVK/BtoeVIyebwS1qU7XLtCbK4P30H3crvjH6JQwmnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDqCx6Vs38HIi9uDtH7FYdBhK+RmMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvT29MSHBXemZ3Y2lMMjRPMGZzVmgwR0VyNUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqB9uB
AwUAKgfbggMFASoH24QDBQAqB9uHMA0GCSqGSIb3DQEBCwUAA4IBAQAbYjX4GbdL
1i6QKUGRY+hBw2eJl6ppL2sYlhb3GMdLKrLDpNQRkyiqY7fxs27BbC43CtsRWdxi
mJH0GgaBlIUkqHyxkWqbaI4KUJV/NY0VY6LMBKxBQE4nCsDAAyh8Swe5hyxWlY6b
Y0l9ZyFEl1TiEH2+2Fl2e+JQgUHO6dVKnyAGKSeXn8nIW7+H7xhpczzL5Wx0wdz+
j4wcMi+jTQR5KsLqAdlwlX6cWotVzUrGlP94fqQSl3WLtINnOe+T3jScCYtuZcid
TfZGBquxoVQzQmsATRIW2zp1PcNwYyIN1/aJZ+25+h0Szb1z9Ow+PTImqWsdT/G3
j2AsOJyEFyWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org