Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/wOKNOaQ_Bg0hDFiKOe321YvuD0k.roa
File: wOKNOaQ_Bg0hDFiKOe321YvuD0k.roa (raw, json)
Hash identifier: VRf2ClN+ZZNHejkrIeVNg1Gi97RWFTqbwhTD6CXC4lI=
Subject key identifier: C0:E2:8D:39:A4:3F:06:0D:21:0C:58:8A:39:ED:F6:D5:8B:EE:0F:49
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 0185728C81AC58AA71B395EB05225C9151E3
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/wOKNOaQ_Bg0hDFiKOe321YvuD0k.roa
Signing time: Mon 02 Jan 2023 12:54:48 +0000
ROA not before: Mon 02 Jan 2023 12:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48518
IP address blocks: 2a04:9ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:81:ac:58:aa:71:b3:95:eb:05:22:5c:91:51:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 12:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0e28d39a43f060d210c588a39edf6d58bee0f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:c6:ae:3b:22:05:45:85:36:17:3a:09:33:
21:d3:df:49:2c:07:a5:47:3c:48:7a:a6:13:96:08:
91:0b:ae:fd:df:00:12:b9:1b:ca:a1:2d:ad:3d:14:
91:d2:3e:25:15:dd:5e:4c:5b:7f:c3:91:2a:f3:c8:
35:57:1c:8b:3e:8e:ac:d8:d4:2e:21:f3:60:62:15:
92:a8:bf:1d:a4:4c:6f:2d:75:9e:b0:8b:60:5e:92:
5c:9e:ab:d0:55:25:c9:f2:ae:4a:a9:24:49:9c:d8:
b6:9e:77:82:8c:41:5a:8e:26:cc:20:32:7d:6e:5a:
60:12:11:92:6b:a3:3b:7e:79:ec:6b:a7:ae:9d:9d:
f9:86:31:e7:8f:c0:df:b3:f3:93:dc:75:d2:73:1d:
c9:22:94:1d:8a:ac:87:34:15:12:88:b8:22:7a:23:
b0:a9:ff:9c:b5:ac:cd:53:ec:9c:af:e9:cc:f7:28:
80:88:57:3a:d2:1d:6c:ba:8f:16:fd:27:c9:6e:72:
58:68:e4:6e:0d:db:c1:90:c3:fc:1d:ba:35:01:26:
d9:0a:b8:15:fd:09:7a:ac:69:26:57:54:c9:f3:be:
53:6b:67:1a:2b:03:6a:ba:6d:8c:dc:3c:78:a0:5c:
13:cd:c7:5c:fb:e1:52:c5:82:8f:b5:e8:33:35:0b:
5a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E2:8D:39:A4:3F:06:0D:21:0C:58:8A:39:ED:F6:D5:8B:EE:0F:49
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/wOKNOaQ_Bg0hDFiKOe321YvuD0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
10:cd:47:fe:a6:0a:ea:db:9e:f9:e6:d8:01:33:11:be:83:61:
9c:a0:42:d6:32:79:db:a3:9f:b2:d4:07:1c:85:41:7a:61:8d:
5d:2e:da:d8:15:2f:a5:a3:2a:65:df:73:37:84:50:f5:d7:99:
33:62:28:4e:38:ca:49:6f:63:4a:38:2a:9d:a0:46:2c:d7:35:
24:d0:65:1e:8b:f1:16:a0:91:c9:63:7f:c9:2f:f4:a7:79:b8:
f3:ae:ba:b1:a0:51:3c:64:12:1d:af:99:dd:17:98:b9:60:1a:
7d:e7:38:07:0e:dd:87:4c:0a:55:87:f6:89:8d:ce:16:16:10:
21:a6:8b:9f:4d:ef:10:65:40:7c:c1:8a:1f:8c:71:60:13:eb:
8f:5a:1e:46:23:fc:4f:85:07:03:fe:c9:e5:3f:88:ff:9f:c1:
4d:77:90:ce:ea:db:a8:ea:47:eb:d2:07:10:91:3b:83:e0:18:
6a:63:a4:1e:17:40:16:72:d4:25:54:77:0e:cf:74:24:9e:0e:
6c:42:8e:13:63:d2:1a:70:09:ab:59:fc:e1:eb:26:40:9a:89:
11:29:69:05:a9:10:6c:45:50:7a:38:3f:ec:90:53:de:ce:2d:
52:3d:a7:75:af:69:09:dc:df:0a:27:8c:48:7d:62:ce:74:4b:
c3:76:14:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyjIGsWKpxs5XrBSJckVHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjMwMTAyMTI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGUyOGQzOWE0M2YwNjBkMjEwYzU4OGEzOWVkZjZkNThiZWUwZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNLGrjsiBUWFNhc6CTMh099JLAel
RzxIeqYTlgiRC6793wASuRvKoS2tPRSR0j4lFd1eTFt/w5Eq88g1VxyLPo6s2NQu
IfNgYhWSqL8dpExvLXWesItgXpJcnqvQVSXJ8q5KqSRJnNi2nneCjEFajibMIDJ9
blpgEhGSa6M7fnnsa6eunZ35hjHnj8Dfs/OT3HXScx3JIpQdiqyHNBUSiLgieiOw
qf+ctazNU+ycr+nM9yiAiFc60h1suo8W/SfJbnJYaORuDdvBkMP8Hbo1ASbZCrgV
/Ql6rGkmV1TJ875Ta2caKwNqum2M3Dx4oFwTzcdc++FSxYKPtegzNQtaYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMDijTmkPwYNIQxYijnt9tWL7g9JMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvd09LTk9hUV9CZzBoREZpS09lMzIxWXZ1RDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSawDAN
BgkqhkiG9w0BAQsFAAOCAQEAEM1H/qYK6tue+ebYATMRvoNhnKBC1jJ526OfstQH
HIVBemGNXS7a2BUvpaMqZd9zN4RQ9deZM2IoTjjKSW9jSjgqnaBGLNc1JNBlHovx
FqCRyWN/yS/0p3m48666saBRPGQSHa+Z3ReYuWAafec4Bw7dh0wKVYf2iY3OFhYQ
IaaLn03vEGVAfMGKH4xxYBPrj1oeRiP8T4UHA/7J5T+I/5/BTXeQzurbqOpH69IH
EJE7g+AYamOkHhdAFnLUJVR3Ds90JJ4ObEKOE2PSGnAJq1n84esmQJqJESlpBakQ
bEVQejg/7JBT3s4tUj2nda9pCdzfCieMSH1iznRLw3YUzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org