Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/o42PmE29wzD245zozlgZAbc7evI.roa
File: o42PmE29wzD245zozlgZAbc7evI.roa (raw, json)
Hash identifier: JMqblZ/KXr7NRxXZrE6uo6zosHNfESif9miLr+lcT2c=
Subject key identifier: A3:8D:8F:98:4D:BD:C3:30:F6:E3:9C:E8:CE:58:19:01:B7:3B:7A:F2
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018B05AE323155CE97B42B1C45BC2196CE57
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/o42PmE29wzD245zozlgZAbc7evI.roa
Signing time: Fri 06 Oct 2023 15:49:44 +0000
ROA not before: Fri 06 Oct 2023 15:49:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db83::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 24 Oct 2023 13:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:ae:32:31:55:ce:97:b4:2b:1c:45:bc:21:96:ce:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Oct 6 15:49:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38d8f984dbdc330f6e39ce8ce581901b73b7af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:23:9f:62:14:0c:ec:db:a8:e8:c4:a3:90:22:
7d:af:c5:19:f2:56:77:1f:b3:ce:18:8d:fc:dd:df:
24:72:da:f7:03:d3:cf:88:6a:c1:d9:75:58:d8:31:
ce:ed:d7:46:84:df:9b:3d:ba:0c:52:c2:be:ce:55:
73:41:19:16:1a:e4:3f:e0:65:b6:58:44:c7:4c:c0:
c9:d5:2a:45:a7:8b:a5:c1:75:88:57:a2:75:8d:eb:
3f:d4:f8:37:94:13:87:06:0c:62:18:77:66:97:08:
75:7f:55:0c:70:0f:c8:e1:09:28:ff:a2:5f:e5:40:
a9:8f:e9:25:14:29:5c:4e:53:39:8a:36:57:84:4b:
a5:a6:b2:84:53:86:22:e2:69:1e:1d:12:c6:b3:ad:
0f:7d:83:e6:9a:1d:00:fe:bb:d4:62:8b:7c:e8:36:
ad:94:9a:fe:91:62:ec:23:16:c3:9b:3d:1c:53:f9:
c1:c9:e1:ec:9b:66:c7:02:ce:98:62:00:a9:ff:c1:
08:2b:3c:b5:48:db:62:15:f9:2b:93:aa:e9:58:1c:
17:66:75:f0:81:fe:1a:9c:6f:df:5e:f6:07:c6:e3:
e7:8f:87:84:59:71:12:f4:76:1a:76:79:7f:ee:37:
c0:94:ee:76:75:e3:70:99:79:4f:b8:1e:56:e0:31:
fd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8D:8F:98:4D:BD:C3:30:F6:E3:9C:E8:CE:58:19:01:B7:3B:7A:F2
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/o42PmE29wzD245zozlgZAbc7evI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
2a07:db82::/31
Signature Algorithm: sha256WithRSAEncryption
b8:b8:2b:6b:52:3c:a0:4c:6f:81:39:86:21:8c:ca:5b:11:50:
75:4c:11:7d:f7:5e:e0:17:36:4f:a3:92:e5:95:46:bb:ce:52:
f0:c1:7b:44:ed:b0:1f:9f:d1:53:0d:f0:b0:a2:3b:d2:86:3d:
73:3a:7a:fa:d4:4c:ec:86:0f:27:2c:7a:48:5e:07:32:68:72:
6e:cf:4e:d3:f4:3f:83:30:74:10:18:52:cd:14:36:9f:ec:3e:
4a:46:8b:14:60:69:26:2e:03:02:a6:e0:c7:fb:ad:27:00:1b:
91:e8:ad:18:50:a7:ae:26:92:34:94:5e:b1:97:12:8a:aa:fa:
37:20:14:22:7c:8b:c6:27:07:1a:d7:9d:bc:42:c2:d7:52:0a:
97:5f:db:a0:f0:e5:f1:8c:87:01:cc:de:de:a1:b9:49:aa:80:
7d:ec:1f:50:a1:37:27:16:06:74:b4:c4:c1:0d:e4:1d:aa:05:
cb:32:91:dd:9c:e7:03:a6:57:91:96:70:8a:d3:05:e9:16:6e:
42:15:56:b2:db:2e:71:48:76:41:aa:79:ed:56:51:e9:b3:24:
0d:1c:14:b1:03:f4:06:91:9b:61:34:63:6e:c6:25:f9:89:4c:
d6:e7:3a:b9:e7:ee:cb:50:02:b6:fd:6a:2b:cf:e4:41:51:08:
13:e0:97:98
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYsFrjIxVc6XtCscRbwhls5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMxMDA2MTU0OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhkOGY5ODRkYmRjMzMwZjZlMzljZThjZTU4MTkwMWI3M2I3YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1COfYhQM7Nuo6MSjkCJ9r8UZ8lZ3
H7POGI383d8kctr3A9PPiGrB2XVY2DHO7ddGhN+bPboMUsK+zlVzQRkWGuQ/4GW2
WETHTMDJ1SpFp4ulwXWIV6J1jes/1Pg3lBOHBgxiGHdmlwh1f1UMcA/I4Qko/6Jf
5UCpj+klFClcTlM5ijZXhEulprKEU4Yi4mkeHRLGs60PfYPmmh0A/rvUYot86Dat
lJr+kWLsIxbDmz0cU/nByeHsm2bHAs6YYgCp/8EIKzy1SNtiFfkrk6rpWBwXZnXw
gf4anG/fXvYHxuPnj4eEWXES9HYadnl/7jfAlO52deNwmXlPuB5W4DH9AwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKONj5hNvcMw9uOc6M5YGQG3O3ryMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvbzQyUG1FMjl3ekQyNDV6b3psZ1pBYmM3ZXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfbgAMF
ASoH24IwDQYJKoZIhvcNAQELBQADggEBALi4K2tSPKBMb4E5hiGMylsRUHVMEX33
XuAXNk+jkuWVRrvOUvDBe0TtsB+f0VMN8LCiO9KGPXM6evrUTOyGDycsekheBzJo
cm7PTtP0P4MwdBAYUs0UNp/sPkpGixRgaSYuAwKm4Mf7rScAG5HorRhQp64mkjSU
XrGXEoqq+jcgFCJ8i8YnBxrXnbxCwtdSCpdf26Dw5fGMhwHM3t6huUmqgH3sH1Ch
NycWBnS0xMEN5B2qBcsykd2c5wOmV5GWcIrTBekWbkIVVrLbLnFIdkGqee1WUemz
JA0cFLED9AaRm2E0Y27GJfmJTNbnOrnn7stQArb9aivP5EFRCBPgl5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org